{"report_id":"b560fe87-4e6a-4c95-9ff8-518836f9bcd8","version":6,"status":"done","tags":[],"date":"2026-04-21T12:24:16Z","url":{"schema":"http","addr":"m.galabet1069.co","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"104.21.32.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"title":"Galabet Güvenilir Casino\u0026Bahis Sitesi","dom":{"size":3746,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (608)","md5":"f422043b0a6a2e0e415446183e069e72","sha1":"2c484d9daac2315d0965a5a5676c07873dc019c8","sha256":"36507a25c99e4b7940d0ddaa406709bea4304bb942af4c5b9cbaca60776589b4","sha512":"f6e028ae3d147d3998877b588005383c1117d091a87fbdd1c0014a0ebcba041d47b54ae1186ee28c6bc36abcbdbe30261d2b54ae3786fd33d9863ce30650a6d4","ssdeep":"","tlshash":"157174258ab20426035b506c3ba7f31e723ad1037a49e9047aed53405f45fa9cdb37de","dom_hash":"domhash9d04913952afd4564baa478ba5fdebdc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.galabet1069.co","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"104.21.32.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T12:24:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.galabet1069.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":406,"request_count":203,"received_data":13632785,"sent_data":128125,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"explorer-api.walletconnect.com","ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-12-19","domain_rank":466611,"first_seen":"2022-10-10T18:16:28Z","last_seen":"2026-04-18T13:35:36.383876Z","alert_count":0,"request_count":8,"received_data":463714,"sent_data":5074,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.livechatinc.com","ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2026-04-21T02:47:46.709271Z","alert_count":0,"request_count":2,"received_data":7268,"sent_data":1228,"comment":"","tags":null,"fingerprints":null},{"fqdn":"geoapi.30btcoservice.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-04-21T12:24:34.195611Z","last_seen":"2026-04-21T12:24:34.195611Z","alert_count":0,"request_count":2,"received_data":2344,"sent_data":938,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"icons.galabet1069.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-21T12:24:34.192794Z","last_seen":"2026-04-21T12:24:34.192794Z","alert_count":0,"request_count":29,"received_data":1505126,"sent_data":21706,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"dataspot-int-bucket.galabet1069.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":257156,"sent_data":1330,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"crm-lib.fasttrack-solutions.com","ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-28","domain_rank":1905587,"first_seen":"2019-02-04T20:13:24Z","last_seen":"2026-04-17T00:46:59.456821Z","alert_count":0,"request_count":5,"received_data":2964160,"sent_data":2421,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"cdn.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2026-04-20T13:52:55.607732Z","alert_count":0,"request_count":1,"received_data":103602,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"go-cms.galabet1069.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":11,"received_data":63870,"sent_data":6203,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-19T22:35:51.253585Z","alert_count":0,"request_count":1,"received_data":61755,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":2,"received_data":5296,"sent_data":931,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"eu-swarm-newm.galabet1069.co","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":1251,"sent_data":784,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"statistics.galabet1069.co","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":84,"received_data":0,"sent_data":62685,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-19T22:24:53.213297Z","alert_count":0,"request_count":4,"received_data":1837929,"sent_data":1829,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","ip":{"addr":"52.84.50.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-08-28","domain_rank":0,"first_seen":"2026-02-04T12:39:13.107167Z","last_seen":"2026-03-28T21:31:29.454495Z","alert_count":0,"request_count":2,"received_data":9460,"sent_data":1182,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"events.eu1.segmentapis.com","ip":{"addr":"52.49.34.99","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2018-07-31","domain_rank":186340,"first_seen":"2021-08-11T00:43:45Z","last_seen":"2026-04-17T00:46:10.644263Z","alert_count":0,"request_count":1,"received_data":261,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"rgs-wss.galabet1069.co","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":1318,"sent_data":785,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dataspot-bucket.galabet1069.co","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":0,"sent_data":1358,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dataspot-internal-wss.galabet1069.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":1427,"sent_data":827,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"galabet.winwingames.io","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2026-01-16T16:03:38.346691Z","last_seen":"2026-03-28T21:31:28.204137Z","alert_count":0,"request_count":5,"received_data":58207,"sent_data":2347,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.segment.com","ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"1998-07-06","domain_rank":9348,"first_seen":"2014-04-11T12:30:48Z","last_seen":"2026-04-16T01:06:30.943262Z","alert_count":0,"request_count":2,"received_data":111164,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-04-19T22:44:19.012253Z","alert_count":0,"request_count":1,"received_data":31542,"sent_data":510,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2026-04-15T17:47:19.359383Z","alert_count":0,"request_count":2,"received_data":2114,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"af857a0084c0da51ea4be7c5c6518d54","sha1":"cfc4a776cb333e2cbfeb0fc3c57e1da239008650","sha256":"11b253ff6d5ef3b9d82b063eac04b49942d059ad2b06f1141d5221ea286bc361","sha512":"e3d71022ad5de469625e076c5a549b9314de1cae841d6a695fb7ff74ddf1d9cead8c2fb79922bf1214a4371ff37447bfe8194042b48996d5d32262e61c4295c1","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYxGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzCIEP3BkS2PdBE","tlshash":"d752b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae026bf36","size":13704,"data":"","first_seen":"2026-04-21T12:24:48.89473Z","last_seen":"2026-04-21T12:34:16.098688Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a3e94e19b384b80fd4132b3735bfc8f","sha1":"ec1475a09eda97a5622d7c5bc2d650c86314eb2b","sha256":"5c5fdf18e27f2ac8aa2ffbef0573c2280601802831df99d50ad86c51b57ef402","sha512":"84eefe0c0c2ac4755fbda71d622b0ee74447b5c1ffd35e740c1710d27b110167b2692ded7c311d5b8bef5360d24ad5f03382580eede0d9b6a58ef239b71fff2f","ssdeep":"192:/XKuPlMK5EbbbCWuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8n1xDt4atx5Ye4ymr//A","tlshash":"9ee10e5c39f394610a93351f033be115f3b6e533221eec41b9dc8968af54667caa7d88","size":6791,"data":"","first_seen":"2026-04-17T00:47:10.117791Z","last_seen":"2026-04-21T21:26:35.586648Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/emptyWinner-PXmwQszX.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"e7e53d51c28710db55691300fa2905f4","sha1":"dd413489d8bf278a48bc6521e87157a84e7e8dab","sha256":"44943d7e927e35967acc3b28435781510ed8e16677eba481751b4692aa89c4cc","sha512":"e05ff8bea0d2d4cf48ce9966eeb265197be37022741dd901b20d945410c8af7a7ad7a8e13b22a42b3a8662a735cc29d7568b56c44f5c7c876af36969be108d90","ssdeep":"","tlshash":"1231878f9141c934b7630c9695d9d6c4cf142787aa34fed083a80faac576109c65cb8e","size":1786,"data":"","first_seen":"2026-04-21T12:24:48.983719Z","last_seen":"2026-04-21T12:34:16.231557Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoTopWinnersWidget-V5-R6cR2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bea6b670a780fc65e39f0a0ebe6e565b","sha1":"41e427cc4127c97ed09232444fdaf0767cf32b95","sha256":"d6412710f818cd5d46a5f268811a25c01b710078086407999b40d08d5b93d3ba","sha512":"b2bbb5298ed420d48e04efb70e13a2d4e70c19673629296ac53ec5f38fb93fb75bfa9af74cc76d93457a84df84464d452c5790bdee0bc9a0b9cde984d0b2e3ce","ssdeep":"","tlshash":"49513606d0008e7cc3578dd67c654019aaa50aabd5307fe0e5bc1a118f345cdb58e7ce","size":2702,"data":"","first_seen":"2026-04-21T12:24:48.88207Z","last_seen":"2026-04-21T12:34:16.125188Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dbbe1a7d40a4a855e0411c1a19652de","sha1":"c5af0f3dee6aacfb1b2cf8ad41c734f8039bb3a0","sha256":"7370b77a09553209c1fba44947bd713c2f8d842a282e296200398c4dd4c7afb6","sha512":"dc2ff9d25cc20706eb4719c0fdebc53267e7649d8a0d42b76d6a6eb96c4f0ff08b604fd2aff94db12a629bc08ba6507bb8a34cec6dd59bb42dbc5e002ce921ff","ssdeep":"768:HPZ1UbN3aQe+roEuPT38WwK6PhWv0Kh4y6QewkNzy2mh+slc38kCVoO4kB:vZObNKQe+UJPwHQe81h+slcCVo2B","tlshash":"1e73b78db1d2bae94df32021535b3604f23b1974542bd484f7acedd52928b0be227b6d","size":75126,"data":"","first_seen":"2026-04-17T00:47:10.101067Z","last_seen":"2026-04-21T21:26:35.675673Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d894772cc8ebc08c554e305272fb743","sha1":"9630696cfb8fb02d834b6c2d590ebecc9e4c1971","sha256":"8822f04d16fcc6ebe390ead32df5d08238c7c383f466f401ebd9d235d32f434f","sha512":"20c22c322a8e6d0cee22113e4bdef0fd06e8b21ab65665bf648a3dcbe3857fad121cce2043bc46551247f2f88af76efcbc8f3ba5053a820439d0383342fa0728","ssdeep":"","tlshash":"5e511f3506b31521036b206c3babe316b23ad2433548f5457e9d93015f45f79d9b2bde","size":2492,"data":"","first_seen":"2026-02-24T14:23:51.4869Z","last_seen":"2026-04-21T21:26:35.837581Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","size":583,"data":"","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-21T12:34:16.146516Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.galabet1069.co/configs/928de3c284a560a4ec2990544700741b.js","fqdn":"dataspot-int-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e2a6c49770a52100388701459104032","sha1":"eb58c40e53a15e3b55fd60c07276e5479e07a89e","sha256":"161586af456353acc3ccfa1748aa3886066bf8f3c5614a5c4db0e4df676adb2b","sha512":"b601200e6ae6894ca67b3afc195d37fea9db1864900cb63b60428df3f106c70ea2e379566d43c326c3b7d439895f609866b2c4a54d77e7a2697f066c05db6a8a","ssdeep":"","tlshash":"aa51f31578e21e7300751435a55768c0b422bb47152ad88c3bce760c4f7db7995b5b8d","size":2471,"data":"","first_seen":"2025-12-24T22:39:16.396562Z","last_seen":"2026-04-21T21:26:35.793924Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"914072ababccf9be7ab6560f2b73e2b8","sha1":"b0add509be06fbefa63c079e34fd852f53e7d030","sha256":"c49678dc6c2e1d77cc759665718d2559d4b09001e9705d5810ec7d6b431f5dda","sha512":"1a9ee5852d4befd559fb5a557aaa2ee96ca1a7b113e7bc391f71b0f2f3b32099c83d7d6f36bee253bd8168ab5d2f3128b1bb8e56abd3ef8929c533d918ace0ad","ssdeep":"12288:+iV5uogEvtEvvEvtEv1dgHg9quyqXjb7EqGDeuPqK3c8WsIJyZmoJwCFaFIFSAJs:puowdgHgfyqXEZFJTIPgKzYJRa","tlshash":"099554182a6bf3849409d0d7f9373d84c59ed19aa44764d24fb64bf31bb2352eaacd03","size":1880992,"data":"","first_seen":"2026-04-17T00:47:10.255432Z","last_seen":"2026-04-21T21:26:35.838603Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"662484a9e667070db18823ff53b74cfc","sha1":"571d6d3704bba2b40e58651c46b5fb38bea0e5fd","sha256":"6cb2ea96a78963ca6aba1a9e89ea6b0be508e1faeedccacef2b9dbaa3574b63c","sha512":"b82e64eafd094f3830102431c8e6fb9d3c87c2374e52c2e0ec429979474e34ba0f9d800dce8bc58cebcaffe0290a66129fe19a904517a84ac49d0be8be979402","ssdeep":"96:jNfsm5Ty1jTATH913jmbw34aBlX2Z0FmWoeCtpi+3vieNMaxttM7zJ2d:jNUnjembw3Dj26FmheCt33aN1q","tlshash":"acc1650bf017f7fce8ac48b2416ed10e3b2d1ba9972141e4d0ad09281b6c855f769f9a","size":5753,"data":"","first_seen":"2026-04-21T12:24:48.937201Z","last_seen":"2026-04-21T12:34:16.138425Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemTeams-CEtT3dwF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7cb2f48f38bfb0279904944386f1e2a7","sha1":"cf32f17c46b46eb301ca9c2532b6031f4bb374af","sha256":"331931960cb4393acd95f6f05ca57031fba28c8c78128b7cb87fcfe24c398b64","sha512":"e3b54febb38accafd50c414d77c3af83f5ff80bfac64243a41227cabb853ecb339ec8fc5bca335340b409b3b3b1789d651b44502501507af2756f604d766c444","ssdeep":"","tlshash":"f431e089f020eef5f9514cecd97d4622b11a0e96cf7846d1e12d9b341a34116b31aeae","size":1600,"data":"","first_seen":"2026-04-21T12:24:49.053198Z","last_seen":"2026-04-21T12:34:16.242781Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab5194607d8db08f9abe85264322389","sha1":"105aa6a7c0d330d097cc7c9f6989d8223f23adf1","sha256":"3728c769109ca09c38155c787c6e13da31835fc34bfc842f7415f3d3eca691c2","sha512":"c48df33aa42a930e98ce83dcaf1dc59293d777ed22f746eb7ea8e299fe1622aec1f07ee914f18decfd1b998bcb691f84f58a5219a5e5ec1c230f9db6a331de8d","ssdeep":"","tlshash":"6ae0a31d1c1eb46227b419a8e237895530d5130529462655cb87d4543971cc554c6a4c","size":423,"data":"","first_seen":"2025-12-24T22:39:16.410899Z","last_seen":"2026-04-21T21:26:35.84277Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"640bcd967bc3abfe8283042becd249b1","sha1":"c952d46ad809b16c676714a7303d1758a4e29fb0","sha256":"79d2863b9b2cb39a600d5fcd08cef79d44ca0f4bfd6c5c7d10b57f0e4d104963","sha512":"a0545a97f4d4f4ad5d6ce9fcd17bd242c79ff4ac9c8ab039c968d0b4dfc8d6263785b64de0342147b8c21f8bf3a3447cbab7c156f7446ea53c9240202cb21638","ssdeep":"6144:dvOJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:2nrvYny088dyls","tlshash":"0aa4f8ceb3d674665396f478903f01cba57a28a2b44cc89af189cce02d7465a4277f7c","size":473476,"data":"","first_seen":"2026-04-21T12:24:49.04023Z","last_seen":"2026-04-21T12:34:16.326512Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","size":1089,"data":"","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-21T12:34:16.121155Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index.es-BkfTJV0A.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14273a4e1f174468d9ad125d59fdbf95","sha1":"323ac744c931566d8324a88ebd619c69cabede1b","sha256":"497891c74b3d2f85ae305a4055fd2110ba81387895c6feb67338cc8b454f963b","sha512":"5e3ca72b4b96d9e498548295a2251fbdbfc8ce1bfe4e8bf503e340d06aafcea34b03aba178a2ae5597460018280f8783663549fb0a57c5dc072f67fff4e85619","ssdeep":"3072:bzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UBh:bz77jdU/7sJJMcvYisoljSFN1Nd6UBh","tlshash":"ad54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","size":295236,"data":"","first_seen":"2026-04-21T12:24:49.049849Z","last_seen":"2026-04-21T12:34:16.123505Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/jackpot-jNbP6Duk.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","size":376,"data":"","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-04-21T21:26:35.58754Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipMessage-BNH9Z4__.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9a788dd065734b8baaadbcb7d1bdb747","sha1":"1b4695f19daf85ac64a2efbe2235f7e44d2b7e9f","sha256":"b88acc559e4c6f949219c87afb55a6efd8ccbd70d0c1e713d6b4808ec1039486","sha512":"28dc616aa6a8625492ae8d7397895884faa8bb4a9c72969c67ea4aab10eb60ebb980b0cd7d11bea3f9ab5163d9f064288e1c556752bf0dabf5ef668287d808e0","ssdeep":"","tlshash":"7421b747f2a0db2c87a3096df2583042625401e5bddc7920c5fc394f2f9068e462bfba","size":1268,"data":"","first_seen":"2026-04-21T12:24:49.063573Z","last_seen":"2026-04-21T12:34:16.157068Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItem-DPOBSFUA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c4b5a33034c11189d13a58c3b2a71535","sha1":"925b05f37c74a4ea1f10ca78f28a492d8a508316","sha256":"f24fe06384d2908838e215020b324be57569e56d317e0cb799f4ca6fea3bb8b3","sha512":"56d3b2b94a6f87191af553b91d5f4d9ebc79d4f4cf03719d2f00d3ba0bb45160f180669a9e3d0b758b191efa1ae09f8560b6b9e8b96cd07b9fe3c3d1546f7379","ssdeep":"96:6yzRl44W0nOtWyDHDjl2rfLE5jYhpzHXzoodwd:BzDfI9d2T7X5q","tlshash":"efa1a546d024b738f83bddff75a69a18b4310add87964be2e25d17290242290737afc7","size":4660,"data":"","first_seen":"2026-04-21T12:24:49.05959Z","last_seen":"2026-04-21T12:34:16.097295Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-May5T4d_.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"feea55c67b86227b96fac92790da896a","sha1":"1d76497c4a47bcd68cade47f07b90dfc4a31af93","sha256":"5ad5d6cbb54b9abd12c813e38b1885d8cee4e1fb39c4d768b6e94424281ccecf","sha512":"84ff6cf0d5307e322ee2187c4d0b3fb90d061d44b14d08c5a7dbd840e35921cac28c12c8ce7317cd30d6bb46b01382268ea12ba41350049915a3f6b7042f3208","ssdeep":"96:GeHcJa/LobULY+sKOqG/RdMZTuwZctcmXrc1IrRewlUmtRbOLDv:1HUa/LoAhOQ/ctXdhlZt5w","tlshash":"cc918888d039c86471698cdee1376f13a2703973ab7682d3f05b0db94364148d6aeeb7","size":4384,"data":"","first_seen":"2026-04-21T12:24:49.03677Z","last_seen":"2026-04-21T12:34:16.253259Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"73b8b49b4f5dd8adfdee877cd58546f0","sha1":"9f41caaee4b514ed017a6258c4a2166e6df5fad8","sha256":"b8ac084bd8c078db89ea019d31398c712a77cf27480be3b2aaaf7754615679ad","sha512":"b0dc33f21d8d930095dd34608c4cd501b4cecd139e1854fb636bb4e0d1722b22bda57425ebaf257860fc364a6ed9935865d391026a55c36bd7cbad695321d11e","ssdeep":"","tlshash":"6e4120b937867cb200f96633d6af771734f5d071d4018c10272adc896ab9d6a41a7c6d","size":2178,"data":"","first_seen":"2025-12-24T22:39:16.422871Z","last_seen":"2026-04-21T21:26:35.841964Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","size":108916,"data":"","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-04-21T21:26:35.819592Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/WagmiConf-D709ykut.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","size":100979,"data":"","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-21T12:34:16.214993Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","size":267,"data":"","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-21T12:34:16.100563Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","size":3709,"data":"","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-21T12:34:16.221159Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"03392ced517f3460c5aac5583508b8c0","sha1":"246db634b505a57976de39ab3fe0a7fb19fd803f","sha256":"37e29846d13d28adfe41be36018b21d588bff37eb62fd02c33eb0abe9be8a4c2","sha512":"a8f8c90c9e6518c10d510cdd48b72a9e9074d6f091a29f7b848f58aaf0ef0879414cb88ba4d8310e6a1b8d68eb4ad00d51e0900080c46974f369d85e73355f49","ssdeep":"1536:E5CEuRri7TzFqNocxOmeuRyQVdlahwpj6LnJfRUH019xN:EoEuRu7nYGuR1VsjUHa/","tlshash":"baa349d67282b03493fb85e7a07f6212b7392918740d8420f17ced6a395a987d177f2e","size":102858,"data":"","first_seen":"2026-04-21T09:40:22.967783Z","last_seen":"2026-04-22T11:47:09.579346Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","size":2126,"data":"","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-21T12:34:16.195822Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493548","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"253dad639858db343834a091588cc263","sha1":"d5e51957bdedee553d3d4fd6861608c93e9b6d6e","sha256":"f5e47f9cdf7c00c6af8a3d0804d95850b0fa3b7e2b11ea1f36f4f0ed23ef38f4","sha512":"4c270c751e953cb4156f2ffbcc696a558ac254b7934a75229f6bcb3e8192db88643ce558090866d11d28968d91572e83f8bf7ea1f11fb474d5e7623ec90704b3","ssdeep":"24576:5lSghoqNvlS7kp+yjuQmodOclWKjK0ue+o/CeooTmVlSRPfxwLoP:5lPhoqNvl0kp+yjuQmodLlWKjKe+o/CG","tlshash":"d4257c9472467434c37795a260be050c737c5f036406c6a8f2bc99a92fd7c9aa27bb7c","size":967648,"data":"","first_seen":"2026-04-17T00:47:10.172775Z","last_seen":"2026-04-21T21:26:35.726843Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/usePriceChange-myueINat.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4295f4c6125344dde02e8b6937f94a4d","sha1":"f1c4952e3da24d3fc5cc4539d0a24cd3f6a7b423","sha256":"f938915b888a934d449471981f2d0496cdf2b87214d09b96f2027f561814e1d9","sha512":"f40c16a008b3d9f9acfce3584d8729a3d1a8b20de0f73f0629682b64621d51c7457b411f0573e200597be86b87c7e9475166fb21d30677c0b16f58e9c1323420","ssdeep":"","tlshash":"f0f05cbd14901813545f0cc4c26485971fd126d56bbdc31eb230882d37589af06aef6a","size":470,"data":"","first_seen":"2026-04-21T12:24:48.898294Z","last_seen":"2026-04-21T12:34:16.277321Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm.galabet1069.co%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__qpadtvim3c","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1eeaa4d9b0db78c0eabbbe5d2dc3eb2","sha1":"eb210a5ccde7a1a9e3aa08c745da81192f271be8","sha256":"ddbf4db830a60653c4bd5aaf48c81882d96b438c4c314309add2230c1a4c57e1","sha512":"9c1083c4dec7946a6e7c06d69cc40579d66295bb135e502aa65ed45bf827183d165ed8ed7e62b0230450e22d505222e4a3ed6f4bb14bfefe5555ee9d6780ff65","ssdeep":"","tlshash":"e1e068a7a15266b5abc8e3be94046a037d300aa7210996bdb4aa1240562f7de721454b","size":392,"data":"","first_seen":"2026-04-21T12:24:48.992062Z","last_seen":"2026-04-21T12:24:48.992062Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/NotificationsButton-yutPbShF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","size":558,"data":"","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-21T12:34:16.159541Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","size":1087,"data":"","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-21T12:34:16.144951Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/immortal-db@1.1.0/dist/immortal-db.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"54530312c3c2954ae37b0a580c3e6620","sha1":"a4c1f1a0914db3bfc1a24f387591212b63a5f543","sha256":"59944f96e5702f1b513edd112624b4de002cc998a3de8d120b6cff80b61b9051","sha512":"c5edbecc244a90269682a943acc5676b824b2a2bf51fbb9259fc4d69a9de178c34cc9701c5e985c2b4bd4e5d0a6b5cdb84f6a57f92ded9c41e5ad9a697279ce9","ssdeep":"768:bLg8cSjTZnnQ6k18c+pZZq2+7kKNc8Ov7CMLKX:bcwZnn0MrLpGX","tlshash":"ce5374ccb6c2f06607a37570402f540bf1ba6a58b49e8490f726d5d17c7a88ea137fad","size":60965,"data":"","first_seen":"2023-03-13T10:59:44Z","last_seen":"2026-04-21T21:26:35.769117Z","times_seen":323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useNotificationsProvider-CDjHBCPZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a0704011931a5a01bec0bacba061e934","sha1":"347f1557de03029cb7df1dde97a3026956a3d89f","sha256":"b333c15ca234db1c66b1abe91865568ca9bc09da01cfbab8a9d40844156abd7b","sha512":"5489c10972ebeeb5f7c5d669c7f0611717f8b481d5568f1d16a8e5ecea9c79033d38bff972bb98aafeed060467c6c3d146de309071a667442a86f837962e9961","ssdeep":"","tlshash":"87b01217044143f021020cec011048690732083d37419fa00034010c12e4089830ed16","size":92,"data":"","first_seen":"2026-04-21T12:24:49.044228Z","last_seen":"2026-04-21T12:34:16.17685Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useJackpot-BgMStqQ-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ade688ccd4986b3e2cc18ba021e37d84","sha1":"5192350aeb75b62f96abc581fc97adb6430a2364","sha256":"d4633c61f7b8cd422e3dc99882d4a7c1f0edc9cfc4d4473fdc6f05bddd332266","sha512":"e07826b02aa78a47d2b184a6cf64329c7a1609c7078498adfb6aaaa0239dc4a57b5e1ce51d84f23898e4683daab0ce00486b7f907cfcf3706f256ababfedf589","ssdeep":"","tlshash":"7821f045c059e5f8f58d8cb10067d72a1b3c3f297440a090a0be5ebd57a8d41b6a0f93","size":1419,"data":"","first_seen":"2026-04-21T12:24:48.876051Z","last_seen":"2026-04-21T12:34:16.32508Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup-B_tOjaA7.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b503b50fa0f771bc1dd1b8be6de93220","sha1":"af0d2d427f35c4fd11d6ccc32ad58fa113c84590","sha256":"753f8c285d79eeab5cf0a8feff56252e7dc57beb58b9bb0670c242b4e9b0fe91","sha512":"41d1a4f85c75421df1a00af94c477cf11967be5e8f48985ee33639765106afe7688246d7d358bd5a876eff97606ef43cc58284437662f7c33794bc2ecd9807a8","ssdeep":"","tlshash":"8ff07d04e034ebbcd53b09c1969e0418305e0a74eaae09e3d0fd193aba780d57a4efdd","size":639,"data":"","first_seen":"2026-04-21T12:24:49.006572Z","last_seen":"2026-04-21T12:34:16.147229Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bb0439c4272f0d15f3e5f8acdb0bf83e","sha1":"23fb7cafe172d9f3d5147e25f4206b60c958b0ef","sha256":"4500f2a10172509c29e167a3e42496dd690ed69a26b03143af6e63358c0d64cf","sha512":"e931feab6d29dc03194f239d6997cfe90c95925ab258df2e0a7758bde7facdd0f78455c1b2707c9d4a36511e8f6b74e63f2348a9a1929d274b68aaa66872bb4f","ssdeep":"192:Td9eUQtjHggAQReqwooaQgVZ56T6iQr92bJkYsZ5iJPJmNyH3hgCqylWDZ+NrypP:JYggeD65kdrsihmN2xGNoWFW+e5iFGY","tlshash":"aa52daf5acf320b219b3a176a7af61417175a00f584cdcc57eaca69c0fe17040696bfa","size":14400,"data":"","first_seen":"2026-04-21T12:24:49.10758Z","last_seen":"2026-04-21T12:34:16.349861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.galabet1069.co\u0026t=1776774223460","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2b162c29b26feb3152a7a384907c98b","sha1":"99edc82574f112a42c1222a211d29b169f7c28de","sha256":"87d40f11f4ed59bc3335ed05a8476a439fc08a3ee3673cd6d92de8e9e3694b61","sha512":"6fd63b76221ecd54cc5acbb87f676eac11676ee6e1531605f6383cd8790d06084f8302267e048ecf3ccb98289c3ee5811bfdab0ed4325fd1a4a53c960b6d6504","ssdeep":"","tlshash":"8a5110ceade0249623d90d7f3a36364ee126c4c739dd44496a2098b09fc1e29e78923d","size":3029,"data":"","first_seen":"2026-04-21T12:24:49.069286Z","last_seen":"2026-04-21T12:24:49.069286Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=324.0.2.32.102.113.2.3.2.269.2.9.307\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa9950607fa2e2476c2ecda88ed222e7","sha1":"7a7ac11cf318bb7dfac3abfebe073acc6abb881c","sha256":"696d89b921c2d196195ca4819ba890dd572fee8b701c3f8de527ced03610af63","sha512":"10662d79a2e1f810350ded7f60a3bf23160628856724a09261e42c077465de3834dc00a0b51e1f42de8a35fdf0a8d74159af5735d674268eccad11ef2bfad27d","ssdeep":"96:80hUsXhUA4hUwhUcaDl3acJst017gWrZN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGJDTgSZcqQ1Ih6iKn","tlshash":"96d1742a834fc8bb7377925a62cbb70f3508507da5f8593fe464ca7062961c7d202d9e","size":6221,"data":"","first_seen":"2026-04-21T12:24:49.041437Z","last_seen":"2026-04-21T21:26:35.588355Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","size":178,"data":"","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-21T12:34:16.341909Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","size":1385,"data":"","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-21T12:34:16.26796Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-Pd1BUwU6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","size":2923,"data":"","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-21T12:34:16.29097Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup__platform-l0sNRNKZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T11:06:44.477856Z","times_seen":191454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameDetails__platform-DeLpPgwV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b1d3729a864ba6f0f038acc8f30e65e0","sha1":"09afbfa1c6972ed430da5ae094230a69170dc4da","sha256":"2c16641def7b54bf96b79561afcd16676fc0c9e8e0869c89a0705a1c5a5cfab6","sha512":"e5941d5433ddc66b45c0a300c64209be0b85dc976b5ed662440aedc50c676edeaaf09f5f59e0147a31018a25fa3a611c6087012bfa203c7ce0d977e0d6eb84d7","ssdeep":"192:2rZFwk2T2D2E0iP1XjkHjjkHE2t2p2A2V2+2DPAPpPuPQPkPAjkRjkKjkJjkPkj/:2rZFwk2T2D24PRjCjt2t2p2A2V2+2DPO","tlshash":"69e1e19e912e6c46dd7f063cb5c12b26bb333fc136440695fdde539aa608687312a72c","size":7412,"data":"","first_seen":"2026-04-21T12:24:49.067917Z","last_seen":"2026-04-21T12:34:16.270509Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListCompetition-CDufXTne.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"cece9291e7e9a4b3d0ef3ba4b6ef0c46","sha1":"63e5889fce2617a81f38546d664e3f7fc63ed119","sha256":"8decca4ccfb6045463a8d709a6b02a8fe5b190a5b9ff71da64faa9fddce8c399","sha512":"c3b4296a20d2ecdd0e4efa985b818d53dc390004dfec6b01cd759209798a2a80a50812d4189be2a0e93fb197808dbd948128a1dcd6f9c52d36b006b40593e3a2","ssdeep":"","tlshash":"96c08c0684659bf9a91719e28b69a4421132853efaf48ad0c07486158e34aaae40ee9e","size":167,"data":"","first_seen":"2026-04-21T12:24:48.975891Z","last_seen":"2026-04-21T12:34:16.098038Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","size":697,"data":"","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-04-21T21:26:35.711167Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7d79c24c054561f490b85b09b37685c","sha1":"627c056e2ed9e0715d175a6e1d48ecd6f6537a46","sha256":"eba69e5fe438f297b90d71132f0c67862fcdb091c6e686f45935752d8f6ee283","sha512":"7109c1b46e0ae2f3d47076a8fc6d307398daf3fa2072d7c35f702ff601617884f38a06433c3fbcfa5559df90a4dfec159acf0656248755d7cf73ed875bededd8","ssdeep":"6144:d0OJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:bnrvYny088dyls","tlshash":"51a4f8ceb3d674665396f478903f01cba57a28a2b44cc89af189cce02d7465a4277f7c","size":473467,"data":"","first_seen":"2026-04-21T12:24:48.891065Z","last_seen":"2026-04-21T12:34:16.15066Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-DNoJruNH.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","size":5948,"data":"","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-21T12:34:16.286696Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","size":8580,"data":"","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-21T12:34:16.287338Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SwipeableContainer-X9GPeX0n.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"256cf910e286cf87d48005f99e79550f","sha1":"10ca9c0a456f565d7bed48eec780a225518d4554","sha256":"90a8f7a1c77844b10286a533a15e2917a6604d76bce574d27e972b178fc7a35c","sha512":"cc85a7c142d992f8b4943d85cb539c22165fad970cfd28dc0c0e6d10cebbd964c371c7102a76ac09bec8b209cc533a85158c9785e4ae8639be6efbaebb24a65b","ssdeep":"","tlshash":"b9318746d03aea74f623045a92998468b77b73a0f60909e4b07c4d28d73529df30efc7","size":1866,"data":"","first_seen":"2026-04-21T12:24:48.98619Z","last_seen":"2026-04-21T12:34:16.129957Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e7fbcd63d37246e6443be072c080438","sha1":"8f46bedf975b21915209ee772c1025f434b15c4d","sha256":"861c281c039987cacb0b4b52d389dd0e080c7757fa08aaccd2ada3be155daf0e","sha512":"3b95c8924c46f5cd1745ddae8331cb260c5ea4023da48b5204b563b44a1e8586e9353a70ced452b57b5f6ab25fe4429eadd39f2ba5e5d1c06b24a8d152c5b845","ssdeep":"6144:FrL5bRuPtxK5kOJj27VZu0DQ18z2kleYiau0R9OLw348U:FrL5bRuPtxK87vs8n4kc","tlshash":"609429cdb7d6b46683a3a474903f018fa53a28e2b44cd899f185ccd42e706aa5173f7d","size":414634,"data":"","first_seen":"2026-04-21T12:24:48.917208Z","last_seen":"2026-04-21T12:34:16.148401Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-22T11:07:44.006028Z","times_seen":46087,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/events-1g1c6Kmi.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","size":6141,"data":"","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-21T12:34:16.173407Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BJ21FeBp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","size":157556,"data":"","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-21T12:34:16.306535Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"28a23b6e3b46203d5ca4876a9d638efd","sha1":"d0ad781859d5cfde88fef0ec483d4b2c0ee2842f","sha256":"650dece09f23fd6f16fad1058ec7d1c47a493b58fa7351b6ad50b69265674e28","sha512":"0bfbab930a476046bd64454c23fd8b2046335e4502ea0ee4d51dd11b28c7cb4f6da328429db620a9fefc58938feab2c464d558d4aa005b182022ffb103a1a050","ssdeep":"6144:vAzOJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:vjnrvYny088dyls","tlshash":"cca4f8ceb3d674665396f478903f018ba57b28a2b44cc89af189cce02d7465a4277f7c","size":473545,"data":"","first_seen":"2026-04-21T12:24:48.926388Z","last_seen":"2026-04-21T12:34:16.179984Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesContent-Dih0wve2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"908b6f08461acca2709ec911c51197d7","sha1":"888cf903783b8dd923aad19acd1eb664291a7891","sha256":"0f950782f65e4b79ef1b137414bdf3b8ecc50182087346bcbb50663d509c7077","sha512":"191364915a5ca76736f37b7c6b11eb165567184fb9e5a3e84eec324e41c7f32687ef026ccf2f82159e37549795a72c5508dd6d1234f5f4498e131f70ba17b33b","ssdeep":"","tlshash":"d651761101009fedba9eadd92e5bc1a054f6078c6155c62ead785f7e302da407137ff9","size":3155,"data":"","first_seen":"2026-04-21T12:24:48.915813Z","last_seen":"2026-04-21T12:34:16.09431Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SmartMarketEvent-DZJsJGjf.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"21b42cac8d14d53da8603d367bdc0b4b","sha1":"1ae93919079837a6d354731844adc4c583a82ea9","sha256":"6398ba42e5f92a177f7cd5a8fdaa6ad138e05f54e3d3bd66b8ad7373726462ad","sha512":"b3ab5f11b9dd2a008c35b9596b60a1e7e48b12d11b15f7d2929ee112ea485f8ecfb46b716a56b099a3a0f9c2e7eafb419fccb54dd6bf3a45400f9046e76569c7","ssdeep":"","tlshash":"8811e3e6d540727e0632c8bdd1009f82415c02d7cb70035ae98b86f573bd4fda25de59","size":915,"data":"","first_seen":"2026-04-21T12:24:48.844386Z","last_seen":"2026-04-21T12:34:16.136014Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FeaturedGames-DWwns83P.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcfddfb5689ff1c2391259b2f348992c","sha1":"ccb1572c067373494366fb079f2fd90fd898db07","sha256":"50b6bb1d3eb822aa4fc92de52882f9c26159a5376b6bbd24f54e76eff0551203","sha512":"776eb0edb6ce0b236714cf9b2d4153f65bde3c9fe57ead2163122cf7fbaf425b896bf2562c4d72750f762886b555d5eb3dee7a4ff03bd95cd4247b60ca87f302","ssdeep":"192://E3f6HZEUDkH92wlLcoWhCWOJmMwL4Bflg2yjTl:kyHZsH0wlLc/h6S2C5","tlshash":"40f1e90ae010b67de57b49e7b13f5508f47a0ad0e7190c90d0be2d2919e9246733ef8b","size":7902,"data":"","first_seen":"2026-04-21T12:24:48.910669Z","last_seen":"2026-04-21T12:34:16.219344Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","size":385,"data":"","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-21T12:34:16.105722Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e29915082e974265cfb510f4a62a80b3","sha1":"de425fb2ec9ddb8427870cc518d5f25d33fc6183","sha256":"9297956898b0539325b0703e97a0a9ddf9f99e52d7581fbe7a79b33445d423bd","sha512":"efd2291722af41ba67eaf1aba6207ebc3619ce424ba0aff7e58b200279bc4f8e48873c0d3a7450a6c29bf3c1aad59a8a596c82e483af8dfb5fa9e8c56c03ac0e","ssdeep":"","tlshash":"3c51a69de03874b4a27927e6323b771f32165a14a4484cb0357c4f166a0a48b8076eca","size":3155,"data":"","first_seen":"2026-04-21T12:24:48.918645Z","last_seen":"2026-04-21T12:34:16.324374Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Firebase-CifH36fp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","size":84095,"data":"","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-21T12:34:16.292895Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DisabledMarketEvent-D3Rzd1b4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a0853a252113b89e2f91430c92601259","sha1":"d1e90d51f3b0454077b0fdda9bd92f81338a3174","sha256":"f9942c9c1250a67cc2cc703ff9bf0c330e117e3fbdb15c2abc5d94cbd5bf6905","sha512":"1339cda711baf829a033f7bc84391f3b1b0a3c250bdf34f4ca1c13886db7d9ab1cc282c0a329fd60542271aab51ee98d9267c6110bb87a7d56b86796d19fec77","ssdeep":"","tlshash":"7d51846df280ea7d593500dcd37b1f5a601a17a2c65a0952d07e8c38095d09d366ffda","size":2717,"data":"","first_seen":"2026-04-21T12:24:48.909521Z","last_seen":"2026-04-21T12:34:16.285331Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/UnavailableMarketEvent-CYfp4pDc.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"301b968db5a1b6c70ef45f96a70caee7","sha1":"af0ad681fa2065e8e6fc3de5be1bb8bda7c32aae","sha256":"ccc3b33c3b33fb19d13f76b0790ee81c1ff29d5aca03f7a0093e100de40fa405","sha512":"244dbca0ebc897e9105bf0be8f0d97267cf9ec27d0d0d3313109bfdf2892c75bbc7031a49e17dfb6d251c76ffd8e9dbabd80f3d8821c3ea4aab452f28fdf7845","ssdeep":"","tlshash":"6ee086096104bbfad5261cc8ce3a4b49511206a5c7a949d395a910281b34265350ae9a","size":308,"data":"","first_seen":"2026-04-21T12:24:48.997389Z","last_seen":"2026-04-21T12:34:16.137485Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketTypeFilter-DYMtYos5.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7074c405da51af2784c9d5ce70baf5cc","sha1":"efbe41e54689d7f18787107761834b149899441a","sha256":"cb8b582f9ed6b75c9bc799db63a35da824375198dc5b44900528598979aa3e3d","sha512":"1d5c5426845c3d7d5fc07c38b32d15116e3c041d8d6b644c4daa6caaf9d5d5b3fc06ab7967c185207c9ada9d4735e41d6ffb5772564485e220223a826337c6ae","ssdeep":"","tlshash":"af11e345f744e3fcf23b1dc8c56d481853110a989b3946e1e02d1e950765585622ee4a","size":868,"data":"","first_seen":"2026-04-21T12:24:48.883577Z","last_seen":"2026-04-21T12:34:16.251221Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"64eda2185a5ff2799c5ae9f0d85dcf6d","sha1":"f458661a1d6bd37318bb439299cc5b0589413110","sha256":"4bd2e374a15591721b9040ba64af8f2059a63d5f1f93c6ea6629c8e29d1091fb","sha512":"56f14e941fc647b0ecb2bbb975e4be897b6ae90f47c128d950e90bdcd80dbfd606b39bfcc3e0437671da551c549b8ff223c11c786ff6b5b20be2ed1598a77029","ssdeep":"","tlshash":"52f002bb182021295c9514c7740e1688e0722a5bbd2729b3543344053468f8b2b6ab5d","size":603,"data":"","first_seen":"2026-04-21T12:24:49.109122Z","last_seen":"2026-04-21T21:26:35.834153Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-By9i3a2L.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ca62ee0228b9113cd3234efd83a337e","sha1":"152e561f0b40b386de83022938a5da237a773967","sha256":"3429a0d4d5ba5449f18f82ee2cc6ce8b141087c2545c50ccc767877ec2fd4d20","sha512":"a135ef2893b2084bf58c2a3383ca64f1c98a213d2b43947c650e183294856c5724c2958fe8718e152eefc178c99f61e581c25856e3b0a2fc3079d6f3b7395796","ssdeep":"24576:lHo+1lCm2qTwWJPwgi2DwWTgExZPq4WhYKAHlx:lHo+1lCm2qcWJPwgi2DwWTgExZPq4Wh+","tlshash":"62357d85b045b87997b709e560af1102b1391e00f44dc4a0f57cedad29bd849a2bbffe","size":1137705,"data":"","first_seen":"2026-04-21T12:24:49.110587Z","last_seen":"2026-04-21T12:34:16.343641Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/walletConnect-CiycSUBb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","size":1998,"data":"","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-21T21:26:35.533835Z","times_seen":1601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FacebookTracking-Di526DTV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","size":680,"data":"","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-21T12:34:16.124287Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/getLiveGameAdditionalInfo-Bn5y1a93.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8b743c5d72844c3db6164a2a1f684358","sha1":"e2b4e8733e2d176b5e0f2b2b3189221f475c421b","sha256":"dfa7b4b99866043001b4c7d477256cedac63f2e95dcf2308cde374d13111915f","sha512":"d78cfc2f29330f3f33bfcac2be9a20e7b9a0b56054ac138d2642499694c9a8db4595fba66f2a20cf63ffc93129110474f6c7926dcc35dc20fe332f78cee67654","ssdeep":"","tlshash":"e82114b6606e92bfb5da4d945ab01b31a2b5ba09394445ccbb3cc9091977484a7e203a","size":1150,"data":"","first_seen":"2026-04-21T12:24:48.897175Z","last_seen":"2026-04-21T12:34:16.199809Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Tooltip-BxyEk8_4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1bc8d21796179e001b4a17878a32af96","sha1":"09ad98308811505e38b2708695aa4637a517b411","sha256":"abce98c3d30f7ae4c36377777ebc8f059710382987c75131d66ee1b1f6e69428","sha512":"a8edddb8ed281a34f1b29f3d4f75e6252f85f350f26c5888d420b7e86b3a9dd54b6ac77afd8884e9b6334bd49bb7758fe0af8131e4d3c90b5ffc8e6f6b37f487","ssdeep":"","tlshash":"a001ce46e022fbf8e276549a142d866d72632a6c7e2f59f16038018e0aa4984d317b8a","size":819,"data":"","first_seen":"2026-04-21T12:24:48.930431Z","last_seen":"2026-04-21T12:34:16.135215Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpotPools-KN1b5yYb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c7641e21acb04ca46b3240c69bc0e9e9","sha1":"15289450c67bbb58ad7ceeca1e758eeac307c743","sha256":"9dcbf02b33d6d52cd8b80aa0a37ef006775470184050e9385851111bb20f7803","sha512":"e51b1bfd88a1e4fa3545da0668d0c33e405af695569a3807a1783879002671e2fb0a84a2ee9c8eecb5679f1e92d6d97633d0eec6d61196508c734cd377c1b886","ssdeep":"","tlshash":"001121cb706fe2f8d59c18e180a4521e033c2f39f61092c0505c0b3897a1457f579bc2","size":951,"data":"","first_seen":"2026-04-21T12:24:48.87158Z","last_seen":"2026-04-21T12:34:16.200726Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipPossibleWinInfo-BODkpSVE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"aad3864d0ced213a2758771417e96758","sha1":"3ab8f87457930f5085e69132786768feebbfa6ce","sha256":"5d319ebbbd4232944ecad0beb30af546e5a9cd6367fecdb61c66420a19adc6cd","sha512":"c8e861d73d9baf2bb62c4cabfb0428880c35ca3e237b7f77012872039caef4369336ce736cc5fb5821dae4d981c3401587ea579086013da48f9135d94aa52a78","ssdeep":"","tlshash":"f0415a11b414cbfdc5720dca794d1134b00e2fa0eb69a191e0fb2e2896bc9d67641ecc","size":2149,"data":"","first_seen":"2026-04-21T12:24:49.045458Z","last_seen":"2026-04-21T12:34:16.106726Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","size":862,"data":"","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-21T12:34:16.229612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalNavigationListItem-CWrC71fV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"af8a8f32218fa186710b4c346897f119","sha1":"28bdcb466974248e4fdad615090d10e8178db51a","sha256":"94c5a4406442328428ce239ae79e35a17048122e28695857983f126a1c4f142d","sha512":"cfca7922b2bf931f048f826ddfa2513986322801af3eaf667dfb09f7f1629865b81e5cf5f5af9e7aa672f10d478ddef3c080777fbb71f236f224c8bd4da23073","ssdeep":"","tlshash":"0301ce16f004dbbc9a2b48dc9b4e1045b2964affdf382cf1a4f4a0011a384467947fcd","size":835,"data":"","first_seen":"2026-04-21T12:24:48.981785Z","last_seen":"2026-04-21T12:34:16.144211Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipStakeInputSection-vslSA2K8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2bdf3c60539e60c464e11faa9ea8bc23","sha1":"e88c9abab73614069ae6b029942b38eef21f4b45","sha256":"e08613c552098f27f960847d5ae657f97ac9c7ef3fdf37ce8432f0f3c57f734e","sha512":"f9a3640470ee81f9d7d312c0fe10e7c27689764ff6398b12dd42371c693087a2d482c719102cc1215614e77788af280d76dbdb8e029b87a182d36ddcec78157e","ssdeep":"","tlshash":"8c11650ef8262afe900209d855af5014603d0c76e1990760c4fe2d7e1ed5459724bfcf","size":1014,"data":"","first_seen":"2026-04-21T12:24:48.864448Z","last_seen":"2026-04-21T12:34:16.302906Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/expressOfTheDay-DphuSM7z.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"22092a8c70eb955087af43f26b5a344a","sha1":"e502fa77042e7b7f3a03854282a6c83f03ae62ed","sha256":"19271fe669c8e2e0636cf9da9d6de5274132700d28b63b9d855a95cae9a53e39","sha512":"6cb612108e131c223976e6396cf14e58f4284bcfd98e76d01876b6f34738607b0c89b823fbb186b7eadb03966dddad5eaba3da3e063e78090bc1daef1039a7a4","ssdeep":"","tlshash":"9d01fddaa11dfb3f6cdba0abaec595851130787e59b271f0b20f0e9646bd008458fb16","size":778,"data":"","first_seen":"2026-04-21T12:24:48.899417Z","last_seen":"2026-04-21T12:34:16.296164Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpot-Ds_Uh2fF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ff69e8053cd08055491d54c9ffa17e5c","sha1":"b76c9c65be8dd666f8f4f164fdfe63db082dc96a","sha256":"937659cac0398acc7c77d5122d0718f21e212b18abc83b97368c1b33a9778d86","sha512":"03f409de70b47e6514a62a18e389e49c8c7debea7dd8b9775f4b952f47baeb052d679194229e951ffe90b444b7f651bed4137dba273a109ebea1a30a40e2d512","ssdeep":"384:lwm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKx29TQP8FJdr:lwmB7CEGOpyts/U27dr","tlshash":"3c525c04f012f7edb8a954f7487ee0687a5e1aa9c71809b8d1bd6c313d2c455760bbac","size":14340,"data":"","first_seen":"2026-04-21T12:24:48.955014Z","last_seen":"2026-04-21T12:34:16.160409Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipControlsNumpad-CAXDjwGA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"afbb768c0fa9bbf5976fa3307a1fef58","sha1":"02db4f7af2328930f9a45486c6729248e4b0f88e","sha256":"890a2650543c557f657c8b7e22ffb5a358fe1e418ffd255f364d849d093bec97","sha512":"0a543d0f22bc3f173d758d569d31f97bda8de35bdacaaf0de6e1d5113695575a5de2117690cfe4cc9373ecd90c1d518823323f9b46aa526a2f9b5159336a57c4","ssdeep":"","tlshash":"5551dc51b001ab7de6778aceb53e0020b00f2ba8d66811d7e47dac64bf6966570436df","size":2607,"data":"","first_seen":"2026-04-21T12:24:48.913998Z","last_seen":"2026-04-21T12:34:16.119306Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemStats-BXlmppzY.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"5a6ad4919fb9e228ca0e1d839135878b","sha1":"7bc35eed27701315327f9b369ed74d92e7473911","sha256":"c88bc939f2174cf36b70cfef1f47432681161624ec76321a8f91aa62c701a279","sha512":"5ff28aaf23042d2f240d46fff8c7632a2b09356f3400d0093ad4651d1453d9be7abb4bde81f3c6a0f8176d866f13fb2964bf2d8b002ea6a7bc4aa0990102c9c9","ssdeep":"48:jOrkT/A1GF51Nf7/89lCgIGl5SLsK8vCK5Jx5fTYyx7XgxYzm9/L8umGus665LQj:j9A6Nf7/8jC6SoK8vCKfxay9iua8kQP","tlshash":"a791a69150745bad753d0cad659faa00205a072cee58caead5bd1f2e326c04e7337f74","size":4429,"data":"","first_seen":"2026-04-21T12:24:48.941466Z","last_seen":"2026-04-21T12:34:16.166516Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-04-21T21:26:35.836785Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/lodash-CeISZwwN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","size":165093,"data":"","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-21T12:34:16.221964Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8092f19af0d544b86d813299632cea49","sha1":"2a2f19e245a3b90225ad62325564de85b7c9a93e","sha256":"650ab75e6147be141f3a4476b417f0e600526ab598f46c7eb19e0c7a76e3a01b","sha512":"6312490d3bc25ffce5c91d94c2468a485fa971f4983b2e418880ec833bcd12f3103ae0c930a8db6da5c1511e2cc2db1632660c24150198e8b4a7232e3ad9b9b3","ssdeep":"384:DbjHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:Pj4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"d1a2bac7f9a548a0b5bd1fe81fc2528635b1b65af49144707c9e7c0c223cc4ef2b5aa9","size":21769,"data":"","first_seen":"2026-04-21T12:24:49.027905Z","last_seen":"2026-04-21T12:34:16.129083Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/if-defined-CWaLTnLW.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","size":53241,"data":"","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-21T21:26:35.697782Z","times_seen":581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","size":19498,"data":"","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-04-21T21:26:35.732746Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/19330347/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-04-22T09:36:07.117374Z","times_seen":23461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"932d1c008400401a55681904391c206c","sha1":"7cc9f4d6461805e1878406a830a785ed08d9adbb","sha256":"24cbc4e4b2c15b32036fbb84d653cb480e0818fda8318d2a806d8c3e8666dcdc","sha512":"06be73e2b9709f0164075b7fe30d5f2c03288af4d97b5eac9c0d77cd04b238efe0bf6dd746c6c9063b2f2edd00fa981d58769f76a1439687e7b0582a4d78167c","ssdeep":"","tlshash":"b421d6e238630473061625f7a93fb188b479341e2e0dd821c04fd9a839a9fdf81a3a08","size":1405,"data":"","first_seen":"2026-02-24T14:23:51.476805Z","last_seen":"2026-04-21T21:26:35.834864Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6f941adb2ce1c3c336f01b65e00b5b9","sha1":"225bb5c32199edc5a116b0b6108c4e5308b28e58","sha256":"3131d130bcb57e9c2593c009769729464af0ba726b8821274bcd76e44e283f56","sha512":"995db58cf4462f52c3f124666f58d5ad9725f77b17342864521087a05333bc53a776ce1c8d2d194b5c5880ee09b72f31aeb536258aec48b96a4de62adcc013d3","ssdeep":"","tlshash":"9011147d3ce76848d60e9bfa356f978d20b7b8155d40cd90c189c498a555fc800a5bbc","size":926,"data":"","first_seen":"2026-03-07T12:53:25.05797Z","last_seen":"2026-04-21T21:26:35.839446Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BEZjG7h8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","size":221144,"data":"","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-21T12:34:16.09989Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","size":968,"data":"","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-21T12:34:16.186009Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/userJWE-CerqSAJV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","size":193,"data":"","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-21T12:34:16.233362Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/TabItem-BzmBdnmn.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4c9b35d9950576247cb364ba1db6fe27","sha1":"88edc380b69ee8e477cd345f6c52fc9217f7a431","sha256":"97c0d12e9471309261c5bf0062bc5d992a71d52f3cfefbc7a9e1f9bde695d187","sha512":"ba0cd4ad970cd425389b6d7b4f60a42a25aee05427f39a0d4c2947949d7c9ae94e75d96cb40e1f391eac84e283afe2f529657d0e85dbe17c3be589504abd30da","ssdeep":"","tlshash":"6fe0ab42a010f3f9882b44d3d27ed4c736220ddcda6688e1e0b21044032d921f78ef8e","size":423,"data":"","first_seen":"2026-04-21T12:24:48.837564Z","last_seen":"2026-04-21T12:34:16.198759Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalSportsList-CG9uv7Pr.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"753ee192934290df27bf8701176d7761","sha1":"a8351c2e49e7f606ff2ccb7b00307c786af579eb","sha256":"a259f018ca326b43ed4403a43034a162faac3428e5e88c5154a4f8a32c608bb4","sha512":"c31bf1c798efdb234d594b705bcc3abff02e6dfe7871e3341a8078587775f653c52139f56a902545a185b509dc720f32b410589ce938d906b519d11b7a5cd918","ssdeep":"","tlshash":"8ce02b85d8628ef46a2a88efa95c24c46153057cef566a71d2a4921c1b7408bf66940e","size":422,"data":"","first_seen":"2026-04-21T12:24:49.035577Z","last_seen":"2026-04-21T12:34:16.204886Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Odometer-BwyieHyx.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4391e11450044a64634e667e65421850","sha1":"369ab405bf8b6c319b392f1eea1ede16b741827b","sha256":"56c55ac8a2292f88dc7a5439ee70abf3e6a2531b136c500b37b537e9e6b8332f","sha512":"571964e242a4677bd28b49daea908c06317a2ba230fe3d269d67b08d06414f9c0eed7c67ea12400fd470c6b56fd128959a8d63fca23fea56a632350438216cdb","ssdeep":"192:pd7KNJtQak5S0CGvDF2pXAkmkxm1HjI7kFuLPH7BNeqYpkYaSBpC7Tl+ea4PBD:+VQak59CGbMdmYm1HjoPy9tX3HeNPt","tlshash":"456219897922723443a3b1a055bb4609773e9d6a3c08405db67caeda7e32c19d12bff1","size":15624,"data":"","first_seen":"2026-04-21T12:24:48.850802Z","last_seen":"2026-04-21T12:34:16.312592Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29a4feba57dc978d4cacc40dd9c4484a","sha1":"9c5bc3381940ebb51fc21dcb34599bb7b3b44330","sha256":"2d0b096bfb50494d69b04b8dee99ca90e503795ad31e571a9c0bf43eb5c1e4c9","sha512":"56d290b4472b91cfaec323eedd93d2f80a711daa22a76009501f6e760f75ec0a3df4313e63416edff564e0253cad818a58745211be27e43e44c523d7e93697e5","ssdeep":"384:GzgLUxzpiANNygg/aazRObFUSczDwLhg8fTddMKnLLyHC4EK3CH:GGUxViAKgg/aazRGF3g8fTPdyHC4JQ","tlshash":"6982f856e009d67dda3e04ebbabe600530250ed8c26106e1a57f1c2817dc45636effed","size":17705,"data":"","first_seen":"2026-04-21T12:24:48.902861Z","last_seen":"2026-04-21T12:34:16.206185Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"25968e8050b03a228b4d547826b098c6","sha1":"b15ac3dce03be69ab8e198afebaf9cf761cf9da4","sha256":"583e20359cfc6a64154b601fc47309be1e57fc2b89434d8a7649445fc66af0fd","sha512":"d2256261787b021c3ef34b69e3509640f04abd03353b7dbea1d8f07211764770e8b0a4a1ea015475e3c326d1fc797d8191b87834550309076754f8b1213dcab0","ssdeep":"","tlshash":"89e0f1e77817486a749f01bd6bb5902431832119640dc922fcfdd4241f60693cc0e88c","size":435,"data":"","first_seen":"2025-12-24T22:39:16.413128Z","last_seen":"2026-04-21T21:26:35.841133Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/tr-BJOLX3p9.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","size":1459,"data":"","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-21T12:34:16.302073Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BiQikUyv.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","size":18027,"data":"","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-21T12:34:16.243654Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","size":645,"data":"","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-21T12:34:16.158041Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","size":4865,"data":"","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-21T12:34:16.118062Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","size":427,"data":"","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-21T12:34:16.230276Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/gameDataProcessing-DhO6G1u-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7d92add8b657e8ffc36532ff4e0b20c4","sha1":"ea6fa4217eca2597ce402372cf1a9c46d02f8258","sha256":"0f58f99cedf29a7eb280f7965407701e051623228442c7c65cdd239fa5697536","sha512":"01c712a4594347b2506e51f0ae0703c892fbc95b5577941162783a1351f62d19c10663715fae7ffe17a3903efe1bbe02ec93a7704db0071e323e7654d0357c42","ssdeep":"384:9wphrrZxhxlVz12awqhvTXDsB4Pzenac0aoK4A1n1:9CptXDe8Q5X1n1","tlshash":"a572750b8a024c12c97e4639c0ae15f1b9781b32e8b8cdd11a555c7afb5fa5b31e1738","size":17258,"data":"","first_seen":"2026-04-21T12:24:49.004569Z","last_seen":"2026-04-21T12:34:16.187578Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-BVrbva_v.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4e46f6f2adb9e911987e05d839d0789e","sha1":"258094b1669b4c50fb6c694fca472ef42cf28306","sha256":"0926899db74002bb6a8a6ebfe890d69d802b2c6a0022f09f517fba863940c2af","sha512":"6e47510400dc885c5a0f2a654ade997cc9cb93f4cdf6ae5ef955d3bc69fac22fcd375a6340cf80dc03a17270b7a3ff7edf00867b3bbfbd3e8c004d51f8c821cb","ssdeep":"","tlshash":"7c01c0cef400c67982a5058ab2b5ad4017382595b71091f0b07a0ed55d60c8dd2defdb","size":699,"data":"","first_seen":"2026-04-21T12:24:49.011851Z","last_seen":"2026-04-21T12:34:16.223772Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80c5d38349d2a6ed139d7c30262a07ee","sha1":"833fc61ce17f6130d18c3c7abc82897d611d4d5a","sha256":"bc6d5f152dd941af45d0155fdf80ded6632abd487f9251935f811f88ac156ce4","sha512":"fce1ac12abdc334ab0816baed265ed3d09a0f8c73f950269a883f2f6627a734b48da6f036cdd85cd46b438788a50143b8cfb13c733162cb171d2e77d9391dbea","ssdeep":"","tlshash":"fe81e887d0b891fd642e8ce8f1a4d2500a322a95d7b14710f1de0739136c299f61ef6e","size":4061,"data":"","first_seen":"2026-04-21T12:24:48.877327Z","last_seen":"2026-04-21T12:34:16.234539Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/firebase-messaging-sw.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","size":1125,"data":"","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-04-21T21:26:35.827176Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","size":418,"data":"","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-21T12:34:16.249298Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/RunningLine-CH7nI64D.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6bcdb91f80d37da6a2e4a7bb6f6e3ef2","sha1":"bba04b041ba9ae72e22e24a501c5ec69d5fef686","sha256":"2af1a90f48dc3ca8cc3ec86abfbbcd85ec472a3de25b8bffd271952f5a8ecf4d","sha512":"1d9bc593e2faa93f543a3cc084d1c0e8cbb9d6b0c50894dd8ba196bb395c255048b902e60178488dbf6fdcb288b165eb30bd308e6b6a9171fec01b82edd4f06e","ssdeep":"","tlshash":"ed11c2569015f6fccaab06d6b53e040c299701a5fe175d90e47e18562a29180bf37fb8","size":995,"data":"","first_seen":"2026-04-21T12:24:49.009967Z","last_seen":"2026-04-21T12:34:16.111922Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.galabet1069.co/core.js","fqdn":"dataspot-int-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1a23321d0a7b81fc124eb474f519164","sha1":"7302a4790a11a55a39af27b5c5d95391f36c7449","sha256":"ce157be72b0feb99d83e0ecb45dee49f9e8f69330da84cf33d65c8a80c297a63","sha512":"d6277696b3f9808906a75fa273e27c5777028965b625be99a466119e25cba96e635598bfa686bcfc065bb901db6dbeb2262b56012d65014d784bebc2382b5815","ssdeep":"6144:D1Osubz6j/kbklCp/5Kbb09tg8KSFO6JxC:BkbklCpxKbbCtg8KSFq","tlshash":"8e34944567f11c2752f6b0f94b0bc1d6722ac003251a9c8878ad73b85fcea7896f5bb4","size":252431,"data":"","first_seen":"2026-03-09T20:13:42.687398Z","last_seen":"2026-04-21T21:26:35.809035Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Notifications-w2cxzdeU.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1daf003af42fec8d9b9896dcc6f6d3ce","sha1":"d4b08dd14ef567f8d8aaefa2416515655f18fd33","sha256":"327a7a6d6a1d59e3cc8e1687f32e8152027ea7b7a71f9c000a978e673ad988af","sha512":"fdfecf058159d80e76a6018f3172ddd0c46c47519a1163c01973e969d2c4ccc962ee1a68c6c0921150910f3b7a098f02e02f1314b53315e69b16cb9ecdc29dd9","ssdeep":"","tlshash":"652163df6082dafc292148f6432b2a32703708587939481602fb1d2036acb0ad65fe8d","size":1112,"data":"","first_seen":"2026-04-21T12:24:48.92823Z","last_seen":"2026-04-21T12:34:16.297738Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/tr/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-04-21T21:26:35.836785Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"m.galabet1069.co/header.json?v=04/21/2026-12:07","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /header.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:22:14 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=klCA27uog1aLzT3z3IhRkJMS3Cyg65NdSaKHH7MBW%2BQwXYBlUv2EPCYTTOtUSqPaG2yK7h5O7e7Vj6YL5EydKZxgqY13J0lzX%2BXoB5HzWMAhMTi1BvvKUWc5K9K%2Bevbn6DQSdw%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-e1\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c89ec357131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4fbc119c5c8514e3587fdfa01f205866","sha1":"a396d7f127ee203b471f1a7e507184318e74163d","sha256":"10279aa2fbd66a0c0140d4b4cf9a39b0c9bd14b18bb35f1bd6eb26eab355b9d9","sha512":"9eef97111b2474b705b496860ecd29c7c591ddcb79887d755e5ea7bcf2d578a68bbecdc54ce4f11954f679ff2b8b5cf060da8cd4287a78a1fc3a92fdfc6125b7","ssdeep":"","tlshash":"cdd0a73aec10da7073a0c413c18067801140e514d644485c9cddea5a93dd7891180b67","first_seen":"2025-12-24T22:39:16.192168Z","last_seen":"2026-04-21T21:26:35.57678Z","times_seen":45,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/TabItem-BzmBdnmn.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/TabItem-BzmBdnmn.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FavoriteGamesContent-Dih0wve2.js\r\nCookie: SERVERID=s1; __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=a2QXXmMrrv0tgXRpXvFDJv_NxE5qLP0s1SDLQoRfAmo-1776774165.1097987-1.0.1.1-MWia5wccs3SChDGp.9_pYN7bIJSzb4EP6rZdP7FV_0LpILjdEi4py92Muhz36MSNg6nqj15Dxs8zhxnv_qy9.optZEKuZd7gLaUwAoAIdlkkwXtPt1_v6PKoFp0lc0lh; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:45 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2B%2Bk%2FzqFxYzbnoD36CGnsxbd8lTRK5WzMfbPa4ThVZN%2F4M2tLVpLPyWAOBEODoN4BkMJ%2FMELbI5TjRGNq65tS8re9%2BvvDiHZ1xUtx0PlnMswI0OBv%2FbvXDmpLmuRDkPqoE2zRA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 743\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c914daa7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":423,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (422)","md5":"4c9b35d9950576247cb364ba1db6fe27","sha1":"88edc380b69ee8e477cd345f6c52fc9217f7a431","sha256":"97c0d12e9471309261c5bf0062bc5d992a71d52f3cfefbc7a9e1f9bde695d187","sha512":"ba0cd4ad970cd425389b6d7b4f60a42a25aee05427f39a0d4c2947949d7c9ae94e75d96cb40e1f391eac84e283afe2f529657d0e85dbe17c3be589504abd30da","ssdeep":"","tlshash":"6fe0ab42a010f3f9882b44d3d27ed4c736220ddcda6688e1e0b21044032d921f78ef8e","first_seen":"2026-04-21T12:24:48.837564Z","last_seen":"2026-04-21T12:34:16.198759Z","times_seen":2,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/1393.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.716Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/1393.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/984.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.731Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/984.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/304/608838.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.193Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/304/608838.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/9/18844.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.274Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/9/18844.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/670/1341727.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.305Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/670/1341727.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-RegularItalic.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-RegularItalic.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 78564\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-132e4\"\r\nexpires: Tue, 21 Apr 2026 13:03:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1143\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xZZA7NZ.3YVx0pEVq0eSbVht9Z_FTEswKdNZn.6rrL8-1776774164.922294-1.0.1.1-2gb8VC1qbm3Pj0nSrSD_MW.HxTmfGx0O95HQfIhGG8R3xCNo69b0HiQT9WrNPLWte.L1KluGz6eGRk4Ak6HM7.CoMWoQhEDlVQU3CLYgypl3hXR6enJStGtC7fgvvOIg; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DeDPHy5cLE58DzIKRIS%2FAowskPlDtjFu0an6Xt2HVt%2F0mXAQosHc8cNSZuUbk2MeHGTo4DY484p4JCPjeiXBfzStqU1xtX%2BpJ%2B13uTki38GSj6i6qrCLozu5RRxlrwfuEupc9A%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8a1c627131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":78564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78564, version 1.0","md5":"ffa03f9099e16b1ed1a0158f01961b69","sha1":"f1b97110bb1dba1c8985b4c48fcc8f5c9cdb3e98","sha256":"84d373e980d8f7d376e80725c42737d1f76f34bdaff56575c866ffe61916263e","sha512":"e57c2b94d74e334cce5a9f880442efd3a3b90eb91b09b2384d3c2c109e087f51184a4a34d248ac980eee963d5dd4bf23f09d3032fa85310d925cbc2849d5199d","ssdeep":"1536:TzGsd78QYdAOQGSmGmOMz0En342rWzm4XAFVZ2lX8z31t6:TaQsAOjGmOw0EIq4iARqt6","tlshash":"f6731260bc8f5f5878b48e2c73ba52a89ff54c0824167356697ec6238f99344b24e74b","first_seen":"2026-04-10T06:10:39.548975Z","last_seen":"2026-04-21T21:26:35.68864Z","times_seen":16,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":69,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/TabItem-BzmBdnmn.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/TabItem-BzmBdnmn.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=a2QXXmMrrv0tgXRpXvFDJv_NxE5qLP0s1SDLQoRfAmo-1776774165.1097987-1.0.1.1-MWia5wccs3SChDGp.9_pYN7bIJSzb4EP6rZdP7FV_0LpILjdEi4py92Muhz36MSNg6nqj15Dxs8zhxnv_qy9.optZEKuZd7gLaUwAoAIdlkkwXtPt1_v6PKoFp0lc0lh; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:45 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2B%2Bk%2FzqFxYzbnoD36CGnsxbd8lTRK5WzMfbPa4ThVZN%2F4M2tLVpLPyWAOBEODoN4BkMJ%2FMELbI5TjRGNq65tS8re9%2BvvDiHZ1xUtx0PlnMswI0OBv%2FbvXDmpLmuRDkPqoE2zRA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 743\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d88647131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":423,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (422)","md5":"4c9b35d9950576247cb364ba1db6fe27","sha1":"88edc380b69ee8e477cd345f6c52fc9217f7a431","sha256":"97c0d12e9471309261c5bf0062bc5d992a71d52f3cfefbc7a9e1f9bde695d187","sha512":"ba0cd4ad970cd425389b6d7b4f60a42a25aee05427f39a0d4c2947949d7c9ae94e75d96cb40e1f391eac84e283afe2f529657d0e85dbe17c3be589504abd30da","ssdeep":"","tlshash":"6fe0ab42a010f3f9882b44d3d27ed4c736220ddcda6688e1e0b21044032d921f78ef8e","first_seen":"2026-04-21T12:24:48.837564Z","last_seen":"2026-04-21T12:34:16.198759Z","times_seen":2,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SmartMarketEvent-DZJsJGjf.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DZJsJGjf.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=WYPsz2ogJ1guwQn6FDf2h4yXf2wYGiaKgHuStRKMxbg-1776774223.9722986-1.0.1.1-3CalcqXn14ziXg3wIn7nbr2bTIIw54rgKzt.x.X3AgMkiUOgG2pyARAxKD9JrFkNGBF8sp_xMunjimqlsYlkt3uIoynvsWYcsbjfLH6g2eX7xMlwQOVAcCRqnJasjxBh; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oAEnnPgD6LZfZweSx3LtYGURU4VpeUTRZ8N%2Bse8rb33z%2FlriK33B6H14AuOOrYCIDmZNWAopSar1nj0IyvBODWWXOptAtlY79YjZDbRb0XO0dogCXNvSHlFF%2BYRPf%2FquIFtyjA%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-393\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f187131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":915,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (914)","md5":"21b42cac8d14d53da8603d367bdc0b4b","sha1":"1ae93919079837a6d354731844adc4c583a82ea9","sha256":"6398ba42e5f92a177f7cd5a8fdaa6ad138e05f54e3d3bd66b8ad7373726462ad","sha512":"b3ab5f11b9dd2a008c35b9596b60a1e7e48b12d11b15f7d2929ee112ea485f8ecfb46b716a56b099a3a0f9c2e7eafb419fccb54dd6bf3a45400f9046e76569c7","ssdeep":"","tlshash":"8811e3e6d540727e0632c8bdd1009f82415c02d7cb70035ae98b86f573bd4fda25de59","first_seen":"2026-04-21T12:24:48.844386Z","last_seen":"2026-04-21T12:34:16.136014Z","times_seen":2,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/3/7728.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.713Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/3/7728.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/loader.png?v=1773142319","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /loader.png?v=1773142319 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=p933nrU5ma4369FwqUOZxG6APrN_ffw0VsFaMNnPAKg-1776774220.7228756-1.0.1.1-i0_DysgHUX3J31OufeIIl2ElrlTn845X2I1uHUXepSH6x.Y43pm8j1GakcN6yGca_hsYMop7freASlavti9tGDW5y0dMOP1OeLM.vIdwy2lj2bfoZHXshimUiiq2khox\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 748\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-2ec\"\r\nexpires: Tue, 21 Apr 2026 13:02:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1103\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=sNlA7QU5BxzNIwwnzdbEQ3hEFNTV60fo2XqamtE9Pog-1776774064.7361422-1.0.1.1-N7vQoNtkEYRLl897gPSONNiuBwt5DEe4HUlmXRHzJSWBzy1vFT6w1OKsPDvK1c7_TpKsX_VHfwN5QQYT4t1WNtHN6IiVXz0Wr0Z.zPF1wQ2AbmleiXa78BGBHJWU.dKQ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:04 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=THWqEBlXDip7p37pRLB%2FaBdJKkJaTFOhohCki15NRJMO8YV3E4l7f%2FOvbOprUK2QWZou8KDpoQOgYZOZKiUQreS%2Fi1fB6ypkqpVRwjbL0qcDPkzCFqXo%2F8Z6P9Vn7nfUOBH7kg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8068967131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=4,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"32a764fce0033e829f53bb97a08c4717","sha1":"f010dc6c149341b82fe1ff9ac386a2f455df8466","sha256":"3668e57cf257d82869a6d02bb8beffab2df3b8026c6caf5742ab5277e92476da","sha512":"23d4e81136be808c40febfff441eb2e507fcc54dd0a8735c487ac0d8cf7b2e26294404101985c8849d53cdd143fab1bfc13426fa7adf751112199bb5ba0f97d2","ssdeep":"","tlshash":"e401b58653f4cf5abaf3e5946c24050c44e68210425a213c940e84dc2ab361600fd1ea","first_seen":"2026-02-24T14:18:16.758632Z","last_seen":"2026-04-21T12:34:16.103808Z","times_seen":14,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Odometer-BwyieHyx.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Odometer-BwyieHyx.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=RPMk89e0jEUbrIs02.r0iN7btxvHEyEFHYvi.nG19tM-1776774137.5344002-1.0.1.1-2AY1sll1m4KSw3GoWAefTLBxIl9ys0Occ.MRViwyji_wZGa_N4XE7IkMMG0N7_seczio5zIHg.UTVw9dG8gs8kYUUEtIZeI4zens0Y6Vm8QjnxYgw64m3bHp6nDS8ZAr; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:48 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vueqUjT3lNFwajeQN5DDelNl9%2BU2geK2pQptDNvPldVGHrbqnVtatdYlZaP6%2Fl1YgVw%2FnVwl5M0m5vfXuWw2VZLtq08CroKzIIxTWYzrTm%2Bto4hB%2BYjZM%2BsqsAgzUmaeqEg7CA%3D%3D\"}]}\r\nage: 689\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3d08\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92af357131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":15624,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15623)","md5":"4391e11450044a64634e667e65421850","sha1":"369ab405bf8b6c319b392f1eea1ede16b741827b","sha256":"56c55ac8a2292f88dc7a5439ee70abf3e6a2531b136c500b37b537e9e6b8332f","sha512":"571964e242a4677bd28b49daea908c06317a2ba230fe3d269d67b08d06414f9c0eed7c67ea12400fd470c6b56fd128959a8d63fca23fea56a632350438216cdb","ssdeep":"192:pd7KNJtQak5S0CGvDF2pXAkmkxm1HjI7kFuLPH7BNeqYpkYaSBpC7Tl+ea4PBD:+VQak59CGbMdmYm1HjoPy9tX3HeNPt","tlshash":"456219897922723443a3b1a055bb4609773e9d6a3c08405db67caeda7e32c19d12bff1","first_seen":"2026-04-21T12:24:48.850802Z","last_seen":"2026-04-21T12:34:16.312592Z","times_seen":2,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/982d2bb4b756e6a3556f7fe406fb0d50_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/982d2bb4b756e6a3556f7fe406fb0d50_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31862\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Dec 2025 09:54:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69524fed-7c76\"\r\nexpires: Tue, 21 Apr 2026 21:29:36 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 572048\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=Q2j7OmIKxuXN6_WCunQQMjkNgqDrJrqssQL2YdrWlb4-1776774224.792835-1.0.1.1-Aw69vE6nSoAIIJyqsMbVFAgpU0lGy2IUPw5DxdWaztC.lvNnk3pQg5L8sTq_H9XMZerTZfHfZZ1MsvIeX7m0Bla3hGqDBnDqv7ZRZRY.357H77149ZPi1a8KNBAOBcP0; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bFFlIc7oYCwFq2w3G06NKRHZukASv29dY2kWEaTEPtECZsBmYhMl2OANZ8pPWTALyt%2F9VD%2BwyNePn20uCmwuATye2t1Sh%2BI0AdM6rASrIH58eD9H4Pv2DVsAw4jUCrFyOOkq4CLESw0%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c976c3c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":31862,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"201b2cbe76f293df33081f702fc503de","sha1":"03591336ec2b2881e28692a691ddf72ba50b466a","sha256":"c8748101c680bd7a56ee8942a34ea073f82655a42907747913166500dfbcc73b","sha512":"1607f2d0e6264fb0b1b4027c13ed17309bb8d7490f64c51d6d7db0c0673bc1e91241f6524c8ac2f93dae0057e59dcc6d74ad8e69a70e03657c0927b5f1667b2e","ssdeep":"768:Jh/pC3b44SEZDM9Ldkzx+4Io5EC9JSc6v3zrG7:JCLJMdX4Iouq6I","tlshash":"14e2f10f6bde3a2946d2f9cdd59630930d43665a2d9b77a8892c33be5328368ac8d441","first_seen":"2026-01-18T00:26:25.49728Z","last_seen":"2026-04-21T19:22:16.370307Z","times_seen":8,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BEZjG7h8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BEZjG7h8.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7R9PTYkpz2fLAgv0%2FSVudRMm4qdelI7egNVacO7M0Q5LGvmh6x1RUb7Xw848TLLNtpiQqJb8y6SUBlnRntChojvHdCUkLwPwPZlTULDgXtKqyXiAXHXsdzZfXs88yN1Avs1Q4w%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3410\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=AeEhC1c97XuXod52K51gjgxZjMQuRIRs2fzWAZAFhcY-1776774100.1168032-1.0.1.1-KA_.qdgcfPfPMiw4m8zxm0OEfHDOd4BOpV9idbAbGv4YttNQYGeQvm9ryO6KomHKjeWvnYsqKzza2GrcvxIp7Ne8EfKTluI3so4iGlf4BWWNud1Dc0ngcYvP1Q9uU.nb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:40 GMT\r\netag: W/\"69e73090-35fd8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c884a137131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-21T12:34:16.09989Z","times_seen":2,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/walletConnect-CiycSUBb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xQ9zkWGQ8GmePlZOjf33fB0cOIXeSXlgjZiC%2BNZ9JluBTO2ShsBrJsv7csbouwtfkqf%2F%2BkcaQa%2FgLnjBEs5IFXXHoY0roOjy80q0TQDMTe5qly9AJsIYl0e5PN16M%2BO%2F01WmVA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-7ce\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c884a177131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-21T21:26:35.533835Z","times_seen":1601,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DataspotTracking-BNSAxMZE.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=5BK_Y6GXJ0cnGOsGRbzOhvQ6U_pHp36mgtzE1ASRK2M-1776774135.6090622-1.0.1.1-ubG2FYWfh372FkPGp.k.8et.5oC.Dzx0k7tVb3HF1sUlDqDWjFej23tTVpsxVqKol6X_ACxcHg2ohxjk6lUV87O.uPO_xIXyhhTfEPLy4CeqwXY0lEnXXTvu5ZQI9lcv; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kFDu2uHvOJmcYG98F%2BKklqBWAcFMDpY3aYfL9R5ZROd7w3lu%2BFx9%2BtaviZVXXEJb11z%2B5Ll2sc2%2BWRm9p7fyHEj5fgWZPG3DaKT0EIr1w5R4g%2Bimdv6W4ugGiErDSiFhxwIwAA%3D%3D\"}]}\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2184\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed6a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":8580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8579)","md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-21T12:34:16.287338Z","times_seen":2,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-ByS_Jx8a.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=__0rPyH8aD3G0NSXfJCHUF4RAJu5Aau58vkKuiNUYk8-1776774134.2005174-1.0.1.1-8KOlAYo7vDBXbkJYISSeWIPI0vfOvFiRo3FR.2AQ5JHW_vxnEMkHYFceC5uuWP1pI0HRwF4Rp9ZHJAjA6SIZeOwfi6KEvCGPGtVJa7Mb53ZOEPwj6GlMErsB45Jw7me3; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u3TICbCqSb225%2BnxRraR7zvJaOoNU%2FG7v1EZQM15kzevIqBjEC2ve%2BGm23O71aJnQx7VmNi2NLdhX89lbvUBC9YI0j9sGCauBNMmeJmLokipboSvX2vLLeYr%2BC3%2FxLCyHQQYiA%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1301\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b1dc87131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4865,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4864)","md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-21T12:34:16.118062Z","times_seen":2,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipStakeInputSection-vslSA2K8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipStakeInputSection-vslSA2K8.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=noTiksOchiXC6x3EjEpQH7L5Af8_epa683aBo4KjiPo-1776773847.1581123-1.0.1.1-f2YUqlBFSCVGyjkLfLj5C5GKih.URDrP4oZobEa7U7EYTj82fJsRph3HguByBty_1_9N7izKfrpVxhY64Grs6arrAoQZESbFPJQ9Gk3IAEw5TKok6e_cyEND_Mr4kkDd; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nSqU%2FSuxK9AzJZ%2FoJNdURE%2F1za9ThdIRj0W4ikqI%2F5SO4OL%2BY%2BAAZKBG5apz5o8CVvxwIwX5w0zMx%2FIIxaIzYkRcTNzWwzdKNLVw0llzNNcq7uufz28pANMjvWqHyoSbzCOQgA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3f6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8db8a77131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1014,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1013)","md5":"2bdf3c60539e60c464e11faa9ea8bc23","sha1":"e88c9abab73614069ae6b029942b38eef21f4b45","sha256":"e08613c552098f27f960847d5ae657f97ac9c7ef3fdf37ce8432f0f3c57f734e","sha512":"f9a3640470ee81f9d7d312c0fe10e7c27689764ff6398b12dd42371c693087a2d482c719102cc1215614e77788af280d76dbdb8e029b87a182d36ddcec78157e","ssdeep":"","tlshash":"8c11650ef8262afe900209d855af5014603d0c76e1990760c4fe2d7e1ed5459724bfcf","first_seen":"2026-04-21T12:24:48.864448Z","last_seen":"2026-04-21T12:34:16.302906Z","times_seen":2,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.galabet1069.co/core.js","fqdn":"dataspot-int-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /core.js HTTP/1.1\r\nHost: dataspot-int-bucket.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=vUZMHeHkz6jiWetsZybIMjhzs7le2JFd56VXc.SflTc-1776774223.2093248-1.0.1.1-AD61ntQ2H1pgXskY3iJqHA7LWlIFdlNKsRG.SSAmtBAB8Z.CwYtnkaNDouyokp0qTA0zSbgitYost_.raeq6OvAEU8LguMyIbzIJiFsNZUq_XMkhtnl7L.vyFS.2fzp7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Mon, 09 Mar 2026 13:21:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=fua_4smfLF1wGFQbDfBWnQA8lyuJwqx6iz0NaWhewA8-1776774028.618265-1.0.1.1-rUH529wFHmePXp6xcrivCd3ILyJGyqyOA7Lzfu2fJudv_plnSicqv9K4yLlfCaxK5sky2Y9ndFwERhN9yFIUMJbEHL4wMipBk3uVZTnCdHYD7F3cQ1yzDjc8EdK.sc.p; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:28 GMT\r\nexpires: Tue, 21 Apr 2026 12:20:28 GMT\r\ncache-control: max-age=0, no-store, no-cache, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t9f4ecxdd1%2FmIABDd4RsQ83C5v7kni8nr6C3zPrkRcwMRkmds6q2vLpsvxy8qwUDpKlDtboQKtQPPC88B53zXueEccZdCZIb9bLEesPO%2FENHjmg4zzEqIJfdH%2Fs%2FuARjHxCiHtgfmK19snZBqfjyt9GtbQ6f7Q%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\netag: W/\"69aec960-3da0f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c918dfd7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":252431,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"a1a23321d0a7b81fc124eb474f519164","sha1":"7302a4790a11a55a39af27b5c5d95391f36c7449","sha256":"ce157be72b0feb99d83e0ecb45dee49f9e8f69330da84cf33d65c8a80c297a63","sha512":"d6277696b3f9808906a75fa273e27c5777028965b625be99a466119e25cba96e635598bfa686bcfc065bb901db6dbeb2262b56012d65014d784bebc2382b5815","ssdeep":"6144:D1Osubz6j/kbklCp/5Kbb09tg8KSFO6JxC:BkbklCpxKbbCtg8KSFq","tlshash":"8e34944567f11c2752f6b0f94b0bc1d6722ac003251a9c8878ad73b85fcea7896f5bb4","first_seen":"2026-03-09T20:13:42.687398Z","last_seen":"2026-04-21T21:26:35.809035Z","times_seen":50,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.galabet1069.co/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.727Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=zTjpp4IkHTTYBP0XmqPgLj98iBIrS88N160Dyig_7gw-1776774137.9366505-1.0.1.1-xba9FfAstryzJGnqlyJReHrODm.ZlYpacUZqsU8sH95XAzVjYkPkWSy06N74..k7aXjkyUrl6lwe4cftGrqck5lnHgxJy374QfYv3gfaadcsaQLmeRFrvLBrf3_hB8sP\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/3a04ee1baee0571d35c58bde9822e219_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/3a04ee1baee0571d35c58bde9822e219_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=6BCU.NkqR.U9yP99DnY0mITpPPq901LrJBno8RAKDNQ-1776774224.2670226-1.0.1.1-aEzlPnR3HyCD3Yr0sSF0peiQ4.Au.nx36v__IQX7cffWFN6gn4pQtAPmMyVda7dizloGXqLFKJOUhRRlZp.0X.01CZOfo2GARvpuM0d35HM0VDY8sE7AC1vOwoRu8s3u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/withPanelButton-CZMGiM-x.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=t3c1VtoL4IM6jw5MWhIoAVtBc9QI2_TrmE1xNIeikAU-1776774135.0187526-1.0.1.1-Qjh7ntpvgdhbYbIS33Vvt1lzKFdHmymwgMMsBwofumz4sVT1gRwflrm4bUSQNSu7AT6hTwcGtqmuZrVNXdc1YEdn1mjTY7bQUtV1FOf8p5k1ZJ0zMKiGc.MAckCBORTQ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0U9BMXpWCKAPT47Rx7Ke1FuqhQVqtQWbtwbrFmZ5cz8izzO9QuYwOWbvyP%2Bkgp0k4AkGjpPip%2FjbJmQhOafVDXMJEQ8np0iesAo0cUrY%2FlblXXSbZXNBsSP0K5BF9MYxC1XKsg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-441\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8acd477131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-21T12:34:16.121155Z","times_seen":2,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-Bt6bZ8ts.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=WnHp.BEBYtqEHfyF14htLHNR9d9_aWVKje2lV1y8WBM-1776774134.1249044-1.0.1.1-pJd6_oW8Vc5v6UduIaKhPf.GVbTRIGJhWmuzTnlaJR6BvDZY6ZaC6Q92AIUqX7KE5sXi8gn1_NQIKLa5SQ_cyKT6JT8mGgiTSlht8k3ohSgAijO83sO6x0p.55gUpaSy; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AHTDEcnWhDv4BUrkKw3XZRsfWyuS07Ml19TvK6M79mFXVD8KCixLooDMvhlWRSokB1kBc9132VHcsdo5w2URNVrfJ347lJeMJ%2Bt1GpzlN0IrQXRzVxJHJcqVDPBMCpnMxGRq%2FQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1ab\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0db07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-21T12:34:16.230276Z","times_seen":2,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useOpenLiveChat-C_aqfNmB.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveChatInc-xfcbsjSt.js\r\nCookie: SERVERID=s2; __cf_bm=kEGwVnaikwuM6Lra8TAnPdwW8mkqYhlqlBDJfLHh0sk-1776774222.6527886-1.0.1.1-ePA7tYlVr9JYuDKaJqcv6ew_y9p1MjA.4EKTAPTPEvqmyQvXmHbzaCnuz3B579d4qk1MLvSfRVrzKX88blRAQz9FSzLy.vAjgS6PettqYvZp97smvEs6Vpg8lWzloKSN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=msfnXYTIc6.iPWL6mqYnlIC2bvrFbnpmB.jVd6eR9Wg-1776774136.42081-1.0.1.1-o5aojM688mHQVc4FjvBUG71og_GWzGccloDLVwzk379g9Rves0u99BXAjttBT.8ZZJN4Y8I1HRWgly0RghccX1WmhOTcoQu2Rg12P_TqUMdh.QGL.x8jLlKP8g_j6zLr; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2FW4z02Eo98wM4ecGOvOluP96D3qP0KzKaR%2BI3J0ZTLaOr5BOCw5xL4nCBjN0xQrzHkMOr%2BTtHtw8ElJuLZwzLvcjpEp%2FzzL4ssWCpxw2SkK8cOaKU4HoEysKROhqZLxhVpjGQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-247\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c6efe7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-21T12:34:16.146516Z","times_seen":2,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpotPools-KN1b5yYb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-KN1b5yYb.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=4MV22HnsQn2DxxE9Im4OYPooMnWdGsdeQkr.7qhirvc-1776774223.1993089-1.0.1.1-pSrjxRdWSqaDCEPbutQCflCD0IfxTnvBsRDijlfZGSgIjerQ5DxLl3SgA9N8IpP6a2Xzv_Co937BnLOPYpw.b9vu8FBy4UEaLLtGhzr5cRcYLg.vOdukZZeRExg0CUc8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9s0mftMjxyB6kiJyDuvfrsrwhZHE9blSveJauwtOgqnrs1Ka7y8f8cvAavqb1kCmkAOso7EQsCgidO8aHH%2BuiCFgxlDLmuyzTrTD6y7U6QijP7NMR%2FGgsDhSLwnQ9LdreJxLaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3b7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d78497131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":951,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (950)","md5":"c7641e21acb04ca46b3240c69bc0e9e9","sha1":"15289450c67bbb58ad7ceeca1e758eeac307c743","sha256":"9dcbf02b33d6d52cd8b80aa0a37ef006775470184050e9385851111bb20f7803","sha512":"e51b1bfd88a1e4fa3545da0668d0c33e405af695569a3807a1783879002671e2fb0a84a2ee9c8eecb5679f1e92d6d97633d0eec6d61196508c734cd377c1b886","ssdeep":"","tlshash":"001121cb706fe2f8d59c18e180a4521e033c2f39f61092c0505c0b3897a1457f579bc2","first_seen":"2026-04-21T12:24:48.87158Z","last_seen":"2026-04-21T12:34:16.200726Z","times_seen":2,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/60cc4529e939d2720f0cc7a0152b68ce_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/60cc4529e939d2720f0cc7a0152b68ce_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29300\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Sep 2022 06:51:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6316ede8-7274\"\r\nexpires: Tue, 21 Apr 2026 13:20:11 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 601190\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=.E6q8tUcr4BiBjgRbIce1.q_4Dtvel6g_mdfrjjP_FE-1776774002.0150342-1.0.1.1-GNMOwitH5ZKVf_AmsortDpOZSqOOgM7UbWLmg.kFJG3t2_1aECug2_HsN1lGvQzMJ18GcXlKXOqs89ignHOI8aIcRAzcOYRehD5mkJS4KVTmx2gbQ6YwIa_O1OWAD97E; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:02 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F4zArQl8OTrsad92jccvbPPCkhPi4i0qZEqPWPjsD%2BUCAtHOzrGfJbqHXw3jK%2Bn4E%2BzA4wdPSsm0oYDYkj5F8fqepS0I23R%2BlY%2B%2B48vk89fRJQhE0EaV4EWFgafhOkg6m2BoUiqc%2Fg8%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c976c397131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":29300,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5b47f64b3ed4e04bc85e7c12abc034a6","sha1":"7264b2c1d4ca24cbb53471361f8e055ca07381cd","sha256":"e359582494fff4767d763ac84c2800d26832638c84c9d2fabcba585f38f86923","sha512":"e70ae64de34f8194554fb2d4c705f9c959acc0ab49069909de090e4e1d0d25ad8900dc5a962ce1bba6e620cc6583a4dde8b8f79ae9adb890c12376c1c7527a6c","ssdeep":"768:GEHKYmbGVQe43Kk7ykY7lqvQ/rtOX4V7Y:96bB/3Mnr/rtwOY","tlshash":"3cd2e165c47a2307f109b6b12d306ad2d40a3f543aae1364d56c3b3aa694de7f1d04bb","first_seen":"2026-04-21T12:24:48.873003Z","last_seen":"2026-04-21T12:24:48.873003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BJ21FeBp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BJ21FeBp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-BiQikUyv.js\r\nCookie: SERVERID=s2; __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=4QzlWQ.sc_xIFaN8pQyrqHCswqB7lXOzHOLIgvV.zeM-1776774133.7025094-1.0.1.1-WARJlTgvtskAgrNjO9JJlQ5ZElUFncO3q1KTC2_0NGh1Q4Hp6rE66qJ8ysIjaDAcHDSPuzvnQ86xd4utqzaCbFZG9CIcumxDmCrGJb3TSsrNg_YxtgP0nK9gUyab3ibJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D7tqHliwxNYUS9YewdkIBDiD5s3MPjfxjs4RfDRkF6YLtqvzdRInWYItXyL7JTDnuOz5gXl%2Fa4VhpM2lX%2Fxr0Qi%2BHfy%2BZUSIpQ%2Flb9LIV%2FhtkUGk12RvuRt0glX1YEQ9Cge7FA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-26774\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c891b4a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-21T12:34:16.306535Z","times_seen":2,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useJackpot-BgMStqQ-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useJackpot-BgMStqQ-.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=q34lRvbDGUmsKrxbjYiEB8R.pcSdxzU.ZGl8xS_AiMk-1776774224.2064254-1.0.1.1-Az4KW1ATYE6y5MhAfknD.V0Cvj8APsOT8CPlVd3q8XDR6eGhoeRpxssE_JEFG2esvxYTXWUp4H9wNg5BVXlZqSFWMb1LvIBjDV3c9r7aF0nKAOkHZmyGkYGhZ_FgH2w2; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MhzE3Wo%2FMJAsUCZq1qjYm%2BknRe%2Fq29EToDjRJTKxOz%2BafRqpyPcvhZRC6xJkR3Fo%2F%2FdeoUJfUaQUL1BwZHWRToc2b7nbhzrcttCc0fIUrAc1jPFyCEi2aUfuMoCPFWvoPf5yrg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-58b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d78427131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1419,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1418)","md5":"ade688ccd4986b3e2cc18ba021e37d84","sha1":"5192350aeb75b62f96abc581fc97adb6430a2364","sha256":"d4633c61f7b8cd422e3dc99882d4a7c1f0edc9cfc4d4473fdc6f05bddd332266","sha512":"e07826b02aa78a47d2b184a6cf64329c7a1609c7078498adfb6aaaa0239dc4a57b5e1ce51d84f23898e4683daab0ce00486b7f907cfcf3706f256ababfedf589","ssdeep":"","tlshash":"7821f045c059e5f8f58d8cb10067d72a1b3c3f297440a090a0be5ebd57a8d41b6a0f93","first_seen":"2026-04-21T12:24:48.876051Z","last_seen":"2026-04-21T12:34:16.32508Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveGamesWidget-iPe0Z4pg.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=uTV3emlVcIMHjKVDT2V_R4tEx0cLlWDpvO7fGYkIaaw-1776774137.51365-1.0.1.1-QFtzkwoYS7d9S0HcU9fDqDtEV3ehaZEyk2idmWvFTMt1e8NQVEBs0frhjXvCRJzgV.OZB1vTikGO1Fi7I3Vcn7DD.i3ctr_s9CqMWm.Gp_axCQ57QYUg6SA1LgqKaZPl; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WwBVxVoFojqil5AHopblcw%2BxKHYkNYihbG6H8HfE%2Fpn3ReKxpEqdJzWSZT1rYO%2FQ5DE4M%2F6%2FclF0V%2BqOUXBY3Ww%2F0gtHoEzdvMyALBAbz%2FZ9toMOofcGpFU1OFEgXl9JRAmgOw%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-fdd\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c91ae257131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"80c5d38349d2a6ed139d7c30262a07ee","sha1":"833fc61ce17f6130d18c3c7abc82897d611d4d5a","sha256":"bc6d5f152dd941af45d0155fdf80ded6632abd487f9251935f811f88ac156ce4","sha512":"fce1ac12abdc334ab0816baed265ed3d09a0f8c73f950269a883f2f6627a734b48da6f036cdd85cd46b438788a50143b8cfb13c733162cb171d2e77d9391dbea","ssdeep":"","tlshash":"fe81e887d0b891fd642e8ce8f1a4d2500a322a95d7b14710f1de0739136c299f61ef6e","first_seen":"2026-04-21T12:24:48.877327Z","last_seen":"2026-04-21T12:34:16.234539Z","times_seen":2,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"dataspot-internal-wss.galabet1069.co/socket.io/?EIO=4\u0026transport=websocket","fqdn":"dataspot-internal-wss.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: dataspot-internal-wss.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m.galabet1069.co\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: Wiq4eiltl0cUV5014WJtRw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: __cf_bm=TuAQHmcorBl3rcDZISpKLQ7Ae2z69tHw6rEKkY._TkQ-1776774223.977806-1.0.1.1-iF7DFjSiW129FNob85KQT0vDhvSCRfO5M9_2qoYcTyJJO401m2hynEFOSuAYNUkE0WcOq29_Dcyq6C7EPJzOJ1bB0z5fn3HoSlFAGWlltC4e93UAE8VbZV.9teb4_71Z\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 12:23:44 GMT\r\nConnection: upgrade\r\nset-cookie: io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd; Path=/socket.io; HttpOnly,__cf_bm=KPmnrQZcYOoQ4DUurzig35vkOqN3tStUyqeW8Y6Xf0k-1776774224-1.0.1.1-eWyOGVu4UeJyREc2n9qfUlfggofYdOcYFouvZOZYonMEhLFh9vNluMZrMXuun7ztxmtlU7ZCYvomiXFQ3Y4LNKLVfP24osWUJ6YPt0ZDy7s; path=/; expires=Tue, 21-Apr-26 12:53:44 GMT; domain=.galabet1069.co; HttpOnly; Secure; SameSite=None\r\nupgrade: websocket\r\nsec-websocket-accept: CoZk1g/hYhABdjq7kHofKj0SD1A=\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ij3P2LBdphI8mTmHGMiSRq%2FspgDj9vpV9Qbrmh%2Byd7FVRQX8hue5NOMNgOBJ3Ksq3ZJFXLYjvsmdzJUFt3yklV8MVVFRXv9zCnoFhrnkzmCQvPOHCACPlNl%2FqXiPHLShmHUfWXQIm%2FxHw1UZw8bGG1HtaAJjeHef\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nServer: cloudflare\r\nCF-RAY: 9efc5c94d8d55690-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=10411\u0026min_rtt=10306\u0026rtt_var=2991\u0026sent=4\u0026recv=6\u0026lost=0\u0026retrans=0\u0026sent_bytes=2837\u0026recv_bytes=1307\u0026delivery_rate=283165\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=d4772e1882f214fa\u0026ts=149\u0026x=0\", cfL4;desc=\"?proto=TCP\u0026rtt=524\u0026min_rtt=505\u0026rtt_var=175\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2353\u0026recv_bytes=1430\u0026delivery_rate=4908474\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=4990f8f630a42f2a\u0026ts=413\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":453,"timings":{"blocked":0,"dns":17,"connect":18,"send":0,"wait":401,"receive":2,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/1402.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.737Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/1402.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=9PXpqmryGZGpyDhKG1wLf8Tv_.cm0oP.dEouRAH0CUk-1776774167.3695188-1.0.1.1-_4NEhvfGKaEcrhvIF1nZXRuwlnfxLtxN7phKz9gJoppqYK2FeX_APqghdbJSqC6HCuoqLdpM2UOb3X9AWNgxXaOS_.TurYVF7xhQzsyLfhIWrNDpnrJ.zmkJSK.1hh08; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6443.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.160Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6443.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321047.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.318Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321047.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetConstruct-Icons.Dy6tH3mM.woff2?6reyr0","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetConstruct-Icons.Dy6tH3mM.woff2?6reyr0 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 419348\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-66614\"\r\nexpires: Tue, 21 Apr 2026 13:14:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 456\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=7ZDenBdpXYhHWAyRldqmtMbY1e1P4eYXw1gM1W4CJ4g-1776774137.390674-1.0.1.1-6FDtY9oqcjVfVupNjQVEoqo3IlhNibSyBU1ovws_5XVhdxEH6eXalbQJUzHTqH_mNRP.QMyRy1HKYlzws6Y.x2kIYMVu1Kcx.7zGMFK0kYYhkAvJEygiF5h7vq58J4TU; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F8gYSYsGJTXcpWftL%2FPCvYCUYos%2FFxXp8hqtIJ2VXcp7MvjoMY%2Fn7LcKlIijl76uGKR7Nag6Vn6Mb6LUABXg%2BYfwkchHEOqsfTbCFuDj2bPIRo48NWq3yRfO3xhA%2Fb6hTNnaBw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8a0c547131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":419348,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 419348, version 1.0","md5":"91ef689a7ad9c44db5a0ea5b335e2a8a","sha1":"95d709458007fe3bd685c4fd4b08fba18ab48f12","sha256":"693bdc228f3727c750488c69c6fa33603b942b2f1323cee69a72523505fa17b0","sha512":"caf132e4c3d843687a0d60de1fb0988dbc3ecbc2ddb3f91ce24879a02c65323721fcf0430290fbc4787791df29e6b5b374c60cccb455e175a00003ecf920391f","ssdeep":"6144:Fyk9JZQ04vwyq+95Cgsw5X5qwPlfCkm6S/aBkFJtpU+i6/sZfLyi6J5T:BiTvPYgsJq1jT/w7l/sZfLlWh","tlshash":"849423c52815faf2c078c0827c4adaa264c429ad1396b09afc759fc7db53b8c09dfd56","first_seen":"2026-03-26T22:06:57.611328Z","last_seen":"2026-04-21T21:26:35.705904Z","times_seen":32,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":67,"receive":137,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Firebase-CifH36fp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Firebase-CifH36fp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=UgAoSKtqv60xSiPC3mvNFWP7rJ32fsVZad4V35Sk.bM-1776774134.0929635-1.0.1.1-jufixMS5_qFfhMCiErymzSsiaOwV8aDvVHms4QvtkTeNJViMXsqQWGlT2aXlcdBSMPqQxXbA83QCMb4m.pupAwepnkxvZ_t_o4rYOnBd2SGqP0sQHDrtOga0A3vX92wz; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8nwW3lWcW%2FOgRvLzKdJSXRsKiPePDq%2F5gnbbG2Cj8mxYIHoi8Wd4TX20SwwjV4AQRYK2ERGgb1ot2L6ktCrT6O1lYKvaM8HJR98LXZZ09iF%2FupAl4VFxnQOOXclXKFbTa3LyHA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1487f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8acd3b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-21T12:34:16.292895Z","times_seen":2,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipButton-kdf82NBZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=NurwlHEcXIOg.HiDvdfCiXIHZd708tupAO_D8T_UrFk-1776774135.4193406-1.0.1.1-j3fOQmHwvxSenUNCLOPlOFy.Nemc_2NsnActdeqht3113xJkT9rTD2LeGSWGkB6WMuw6Y8NsCGYFKsNUOcBXo0TG0FCEobFHfEfmh4nCRDscM6lXN9pVMTnI4c7a1D.r; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cjncap8aUowjSkJnQtf%2BvC0SjD5fY2WzixrXey7Oz11V6znFKaueslAq52eWZMopp0cCAS09suB%2FKkwqpIrrOsoVH9t0eNgL0JuD%2FXGMTdL55t7wKQFtf4dpT2RB9c5f1blpIA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a2\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0db67131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-21T12:34:16.249298Z","times_seen":2,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoTopWinnersWidget-V5-R6cR2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoTopWinnersWidget-V5-R6cR2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=eSj2z7YXDf0JLleTdhwAAUsF9xzHBZUeiyBOfPEGX1k-1776774137.9283988-1.0.1.1-BQiIuFmXkJpl8d.YLjdy.ZY1LnGT.AOaZNBAn2FRoZNz1BofMMpcCMWvch7PGJB29Mljf8873KyAJhhD6i2II1Yhr3ICkq9ugYvaYplGsLgkpmJu1LRUJ0ypClP9BzLZ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0KKvHFv4m2ctDrwhnlF3CyTIOGksO2g%2BST5r1plkwLsU6knLN2avatUQgVwRiUz1y0H%2Fy7BtRUIjjIhHeoTgC%2F%2BVCbnWLpBCjeHvYYsN4pR6x78%2Fkcm2I8OiOT314cQNjO3lQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a8e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d784d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2702,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2701)","md5":"bea6b670a780fc65e39f0a0ebe6e565b","sha1":"41e427cc4127c97ed09232444fdaf0767cf32b95","sha256":"d6412710f818cd5d46a5f268811a25c01b710078086407999b40d08d5b93d3ba","sha512":"b2bbb5298ed420d48e04efb70e13a2d4e70c19673629296ac53ec5f38fb93fb75bfa9af74cc76d93457a84df84464d452c5790bdee0bc9a0b9cde984d0b2e3ce","ssdeep":"","tlshash":"49513606d0008e7cc3578dd67c654019aaa50aabd5307fe0e5bc1a118f345cdb58e7ce","first_seen":"2026-04-21T12:24:48.88207Z","last_seen":"2026-04-21T12:34:16.125188Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketTypeFilter-DYMtYos5.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketTypeFilter-DYMtYos5.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=A5X21p1eVwZPgrCMqXKhOiMg4L.oDL0HkRkfzZfnZCs-1776774138.2427402-1.0.1.1-Y3.JpxYkmkZ607Gc2Kslkxd.JhTvBUvvOAluusIeYSdMCCrOPH98PH6IjTlf9Al_78ch74rEDtnmi2RDVHt0cw3kb82P4I.5S0znkfYIbLu4ueMAALOfLKBy_1osSg6c; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=52HJc%2BUyKX1ceY6p5QNbJbRLxfXNnVkKJYiN5FIhSfODvNIZrAaIg6roXfzlYU2jbibnEmJWYJmMsC6ewGXBbJoruEmtVVpz6qCPelpmHpoRQQF7HtmosB925BM1ZdPSwmkI5g%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-364\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":868,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (867)","md5":"7074c405da51af2784c9d5ce70baf5cc","sha1":"efbe41e54689d7f18787107761834b149899441a","sha256":"cb8b582f9ed6b75c9bc799db63a35da824375198dc5b44900528598979aa3e3d","sha512":"1d5c5426845c3d7d5fc07c38b32d15116e3c041d8d6b644c4daa6caaf9d5d5b3fc06ab7967c185207c9ada9d4735e41d6ffb5772564485e220223a826337c6ae","ssdeep":"","tlshash":"af11e345f744e3fcf23b1dc8c56d481853110a989b3946e1e02d1e950765585622ee4a","first_seen":"2026-04-21T12:24:48.883577Z","last_seen":"2026-04-21T12:34:16.251221Z","times_seen":2,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_76b99092bc08940901dca416fe299c14.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_76b99092bc08940901dca416fe299c14.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=fua_4smfLF1wGFQbDfBWnQA8lyuJwqx6iz0NaWhewA8-1776774028.618265-1.0.1.1-rUH529wFHmePXp6xcrivCd3ILyJGyqyOA7Lzfu2fJudv_plnSicqv9K4yLlfCaxK5sky2Y9ndFwERhN9yFIUMJbEHL4wMipBk3uVZTnCdHYD7F3cQ1yzDjc8EdK.sc.p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49696\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nset-cookie: __cf_bm=ZsHTQrJ66DyTbOgODG0_V_dA0XN91vXgj8RV9vxUbxQ-1776774001.1733472-1.0.1.1-XMjekgx9ouwdrqnOuYE1ubW_icIVf6GkKXpC9_YJNse5QiCfFBzJ.kYiCvx7.v9RVR3Opm0s4oj.9yG0dLoTVLAqVx8bO6XKAUj7_2Lu6hlZ5T7XDYeh8QOlbaTfypvD; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:50:01 GMT\r\nlast-modified: Sat, 11 Apr 2026 08:42:33 GMT\r\netag: \"69da0979-c220\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncf-cache-status: BYPASS\r\nage: 37081\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ciYFL8Ucn6bAffInuOwgifdaAIoyG6GF5OY3ekFmqVNoPJPiLlImueuTsSY2ZHs15VGkNZFAM8eXC2fVJFVDcvxq%2BVN1K6sFlbWXYJ9Qvo3w8ugfmh2lGz%2FDE%2BVXTLtzKd2AsIq4Lw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5c927ef97131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x220, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b45e2e0571ca089932495878bb35f96e","sha1":"14a4ce744110b76de2b0636776575daaeb73dec3","sha256":"2d1c796cd1d61a6cf40c6f3f1dda19e771029a09816c860bd30b4d2ebe49259c","sha512":"b9a544f15cd22e56a929658982c0959a08a79c3eb469f2642f53578df2d5091fb10ebde9ed59b24221518c527643606cb7b24d3ce8b342999f9b127c66a7d386","ssdeep":"1536:rMzyrLqWJvJ5Cxvn9M56EklcmxYTYI5rZtSUo4VoNt:KkrJR5CJ9Mwd7+YgtqyoNt","tlshash":"a123016ac39307260befa5b642a796c94fd539b44606f32bb43bb017d778060f46a8d1","first_seen":"2026-04-21T12:24:48.884944Z","last_seen":"2026-04-21T12:34:16.335396Z","times_seen":2,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/3e97b4deba957a460371dbdc1ed4fa1b_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/3e97b4deba957a460371dbdc1ed4fa1b_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16802\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 15 Jul 2025 15:24:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"687672c6-41a2\"\r\nexpires: Mon, 27 Apr 2026 09:47:32 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 95607\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=_M_Y3VtxWNFy07vXHDqr58i1mXZ7c.RsjS8LKHMnV7A-1776774059.906792-1.0.1.1-LKIEzfqra33Kc2v5bcF8jyP4hVTscgDNiakAwXkO8t7GLNvrfxqn3yYDxnGQp_fAzSjfD_czggbAbuoeFJl0ULHimi.yekfzptjlOU0ws4LOTskd9U8B6HOumF8xeqF6; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:59 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2MneEZ7BlmSsNttCALw3Bv6FiC5DVYrQ6joIppwCQG2QlpY%2FuawgEUJB3Zp7TtLhYX43YqoW0tVdUA0ocxsJTph5kkpCVDivPHppkGvVdG5Q6TrXCXN2t5hMHtzQ9Oj%2BpfMuYPO43XI%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c972bf97131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":16802,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"985a932010ad5875b36f8f1d11e095d8","sha1":"47d33de0121afb3a749d99cac17758c4783b98bc","sha256":"c8faa89bca1696b7fce771065506e25138075efc1f10b5ce6ef0841b30185dba","sha512":"ad99e9d1b086633b8f76d5243e8d3045ef7b8895feebc39756e0f84d47e8cf9f77bba6309d1643b28b2b8a6d2e3775687e9f20ed13a7beba074bf7e06ed837e0","ssdeep":"384:asmSjV9kEIOkt06mps/FFUrNR8isi3Odkaz5NyFIM4:afSjV+EDu2s92NSkp4","tlshash":"c672d0b14f05a188813e144367c52ac80f1618a47882dbfd5c27865f1796feb9f7e3e6","first_seen":"2026-04-21T12:24:48.886617Z","last_seen":"2026-04-21T12:34:16.317485Z","times_seen":2,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/682/1364654.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.295Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/682/1364654.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Regular.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=sNlA7QU5BxzNIwwnzdbEQ3hEFNTV60fo2XqamtE9Pog-1776774064.7361422-1.0.1.1-N7vQoNtkEYRLl897gPSONNiuBwt5DEe4HUlmXRHzJSWBzy1vFT6w1OKsPDvK1c7_TpKsX_VHfwN5QQYT4t1WNtHN6IiVXz0Wr0Z.zPF1wQ2AbmleiXa78BGBHJWU.dKQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 72024\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-11958\"\r\nexpires: Tue, 21 Apr 2026 13:03:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1113\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bEmiUXEFyjVDiycGchgcCLUsyVJe8ptSYYs1TG5DaOM-1776774134.0325603-1.0.1.1-b9OU5g24H7nStZhbq_5ybK6iYK3shFTmpmhUOTtV3_o0hgg29WIQWFWJIU6KMa.SCohL0TYqG63CYuYX_tEQDLiRtQNK9tUR9ftJPePw__ZB6FfO19KcdRq8luI19BrW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WQBgfG9mAubLtgsNn35wsgHdqapugBYSi5dhPoPPZo8muv7JFlUPuJQCqBwwP0KTL8nw97ue1zpTjo4U3W57D2dC0hBu6zxH18SOslYiVl3Me1JHkAwmtn6rckliJShA10t0rw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c80e9037131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":72024,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72024, version 1.0","md5":"30c281e94eab37286ff7770f3e51858b","sha1":"7a5cc673f005e9f384e322f8fde4795b0f750778","sha256":"c4a69a0b671392fe569ef74b4a59e0d2e769837ae59beb3944ac72ea240912c5","sha512":"d5b0686a2dce238f2c825169a19f0425fccdf6fe2d6d4e3704a02f618ea96bf1e0827c158b63b221dfd1f35094f4a420abab4ebf984f9993c6a080ea44b3d2a2","ssdeep":"1536:Y/pXAWA65c5JbaWR/9Al5ceizufFxY4lcWVZGDULZu8uqO1:apn54BREjCuvY4lRaK1uq8","tlshash":"3e6302c4ae4f1bccfd67d5add8859e6a1b8ef1b09320106de3119721ef4b403b3692a1","first_seen":"2026-04-05T07:31:10.87701Z","last_seen":"2026-04-21T21:26:35.774489Z","times_seen":18,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_5b84216d441397f616b68c855fff79e8.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_5b84216d441397f616b68c855fff79e8.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=fua_4smfLF1wGFQbDfBWnQA8lyuJwqx6iz0NaWhewA8-1776774028.618265-1.0.1.1-rUH529wFHmePXp6xcrivCd3ILyJGyqyOA7Lzfu2fJudv_plnSicqv9K4yLlfCaxK5sky2Y9ndFwERhN9yFIUMJbEHL4wMipBk3uVZTnCdHYD7F3cQ1yzDjc8EdK.sc.p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 162124\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nset-cookie: __cf_bm=tiXWHoOcGrVEd8c36YCzCGTTvbJonu.ApzcALmFFA4w-1776774001.4338195-1.0.1.1-bdbAvwWi66lcVVxUtoNTBh8L_RkPmXZhX5JBPitYcWGA7tLPzpszEzQDnP2UAtWQPrgiU56nExonweczdeFQvkZQ9hXEdyJHzOOP_4EdlaRGFtE0Cnjgig8W1lrj79BZ; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:50:01 GMT\r\nlast-modified: Mon, 20 Apr 2026 15:00:07 GMT\r\netag: \"69e63f77-2794c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncf-cache-status: BYPASS\r\nage: 74432\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9htt31ldogmvvQHhy1dyAonAw6MjX3j%2FE%2BQDYO2imIhTh%2Fk81UKdX2gNwehuRnmkQcvNxc2D0gtzwWzk3Ro013QY%2BqfJ6n9JEjuJMMPk4kk%2BhGwwriPfFxcPqibKVyGBraNxx62UYQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5c927ef57131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":162124,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x738, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e602e8dc781088b3e2f7090dd0448e72","sha1":"af6bdcf03504fc497e0c42822cec7cfa05282806","sha256":"293d19250ef47bd5020fb18b0831ddbac1eeab925e2fe24c86392915f148c451","sha512":"c72518f2ec7f5e86ac639bd4b8b349fc7f2348afc2d752c8d028f72e6106a9a1770ce9458bff3ceb9261fdbe63eadd43ee018f32e735363a076cedfe5d6f098f","ssdeep":"3072:gmKS+mwe7xv5suUVLQJLAjDQamw5033BPdut2ctTlIKTAZqtcsJ:rR+vcvALCLG52hQVZLcsJ","tlshash":"86f313dde8d43084e9f96a9b18d9a8001db3b6b8598930a81d73539ec3eddcc6d35723","first_seen":"2026-04-21T12:24:48.889625Z","last_seen":"2026-04-21T12:34:16.130621Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/495/990964.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.255Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/495/990964.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 21 Apr 2026 12:23:46 GMT\r\nexpires: Tue, 21 Apr 2026 12:23:46 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 156990\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473467,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"d7d79c24c054561f490b85b09b37685c","sha1":"627c056e2ed9e0715d175a6e1d48ecd6f6537a46","sha256":"eba69e5fe438f297b90d71132f0c67862fcdb091c6e686f45935752d8f6ee283","sha512":"7109c1b46e0ae2f3d47076a8fc6d307398daf3fa2072d7c35f702ff601617884f38a06433c3fbcfa5559df90a4dfec159acf0656248755d7cf73ed875bededd8","ssdeep":"6144:d0OJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:bnrvYny088dyls","tlshash":"51a4f8ceb3d674665396f478903f01cba57a28a2b44cc89af189cce02d7465a4277f7c","first_seen":"2026-04-21T12:24:48.891065Z","last_seen":"2026-04-21T12:34:16.15066Z","times_seen":2,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":33,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_a7d0a3ece7d1499606781e84ed19351d.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:48.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_a7d0a3ece7d1499606781e84ed19351d.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd; _ga_2CT6DSEQTF=GS2.1.s1776774226$o1$g1$t1776774226$j60$l0$h0; _ga=GA1.1.706332008.1776774227; ajs_anonymous_id=bf0cec70-e7fa-409f-b157-cabb9fed5633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 53732\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nset-cookie: __cf_bm=5U0D0QsreGcN19pnMt6amHq52oZVdsQx8ppIgkHk_N8-1776774229.4462545-1.0.1.1-bdRg3BQJGOGSwSoyj5RengrUpdKJgTDVtnxC0ivRkB2pdZsOK1lg3d02BIXcxaxizZb0kK.KgGTxwdNQixhghNxfHm9CHRDrNTi54NPOgb9HmaLxqn3otXxfYSnxBehQ; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:53:49 GMT\r\nlast-modified: Tue, 21 Apr 2026 07:32:06 GMT\r\netag: \"69e727f6-d1e4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncf-cache-status: BYPASS\r\nage: 8843\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8O4sgtt8GMLm5xNZHZSOUP2F9Rg2uFTItOGmSLvqHVi%2BcdRTJwM5A4E2L1wwG6L3gMo5SiDWjM1%2BPDvcfbo5wnICfPj%2BfLsyP1sT4c3pHnsKsj8L%2FKWI%2Bk3aPZPEwHhSnyeq3B%2B2nA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5cb279cc7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":53732,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x220, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f076dd3278e0f65873051c4bf56fc242","sha1":"19f60cbdd9cc7e1d87e21e18a694adc2ce9f6095","sha256":"830c1301b5d69f0c61cce45c5d66dc07820627e471e30163b196de3d1d23c964","sha512":"e8820f017828825eb70e660f33a398b1390abc90f1438404e780bd72a264b9b26627c693fab1a8ff5990fbaa2e9e3055359e9c900c6d297b3ace2dd60058bb95","ssdeep":"768:SWBfOFhsjKaR9LVvAIR+nuS3n2HerMoYbct/77+XGtPpD8lht3y1RzpFqAe8t0IP:nON+9LVvYAFPzW78DteRNe/IbEO5l","tlshash":"6833f1bb93ad0ad1f68924bb15a16e5e9c201f837d234633461cb48462d9ff2dd17b43","first_seen":"2026-04-21T12:24:48.8922Z","last_seen":"2026-04-21T12:34:16.238542Z","times_seen":2,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":627,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_85f82c5e2b9896e6b6cfa500974739df.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:54.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_85f82c5e2b9896e6b6cfa500974739df.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd; _ga_2CT6DSEQTF=GS2.1.s1776774226$o1$g1$t1776774226$j60$l0$h0; _ga=GA1.1.706332008.1776774227; ajs_anonymous_id=bf0cec70-e7fa-409f-b157-cabb9fed5633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 119918\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nset-cookie: __cf_bm=0qnOESbQd9_12aQ7Baa0juD9cXFW8YxLOfQgsIWFaC0-1776774008.5834317-1.0.1.1-GDsqZ2eIQx_M4gHx.sEq7cpLiuW5eKuopCVmyaYbB8KVq_rnJbChUKk2CszH9ua7oC.kJlGIyvxW0kArff7gRGcQq4nWYYFpk36XVBKPDuTNvVyZuBjhCmk.epZWjMMK; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:50:08 GMT\r\nlast-modified: Fri, 17 Apr 2026 12:29:59 GMT\r\netag: \"69e227c7-1d46e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncf-cache-status: BYPASS\r\nage: 170249\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X4hufPc%2FECfCSxXW1DYlXfzQsh7royocbuSjej%2BsAE2MnTc4xRuQOTlzxnm0qcZVUIv9%2FqS%2FH6WrQauEYCD%2BQGhkVyS1NuaFLat8XK3nxP6j%2BeSRYzhEwmuexkd93Cp%2FLSho8KixJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5cd32f8a7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":119918,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x738, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"411642a70eb03f6a49a0a3f22e2dc14d","sha1":"84ca7b0947e5c5d8fc5e5105be5b9b4559f41fa7","sha256":"9720adacf997611717e1d0032643f3191cd470a4430fbba4f18c7723f46de8d9","sha512":"b9222ef62a2a90f261d3f8ccf70246ca06fc300a048820319b24f3c46de006a3be2e7951ba7e679dbb3771760d844f202f296009b3347417b2d3ea4aaa2b38f1","ssdeep":"3072:7VzdBHqGCYNqF0Asch7NaL/6CpDym7p7amRDIgSzG:BDhCYC0m7NaLCCpDndsgSK","tlshash":"59c312a5ef39b5120ec334624e4a63b3377c19c549a7bfd9df506225a123f9098e02ce","first_seen":"2026-04-21T12:24:48.893481Z","last_seen":"2026-04-21T12:34:16.241867Z","times_seen":2,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/logo.png?v=1773142319","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=GVqtmFwaBo3od0ScTphSy0oFwKK.TyeWJ9jKlTKwEaA-1776774133.570887-1.0.1.1-FeE2HeYQRUmU3LMQPSfCykvQF2MuTwCLZ81wS3iLNhNhNNrAQ_.4.iYOgUp6_qlV.ZWOhXJEHiaZ0pew5GgwMewjjlKabJXaNsZwui0gxufatDf8Yc8M7WIlBDZO37gE; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-KNUPbQw3.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Ot0j2n274vbsF6Yi.AxluHVlo16PkhHjMiLW.GFeLNU-1776774136.3783982-1.0.1.1-qQMySVNSNnkOOGKmV8OrWRxNvX9rGAlhreSpAOsDB981hcqOMBSiTtJyg_eISUJepmBWXwR5Ln0IgM.Qrh3foRO8Wzko8YIKei6trHAIA4VNJLYD_RgzrqKZmrF.OLlv; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vggGVK52SEkudMrqtYzwu7BdwTsrYV8ZRoTl7VAVWuomMruV9LynVRU27br4Om6tsOEMsH7hCu%2B6VXM3VzU2W19goPKoZtg8pNr8rzs%2B7ytav6dl4Nxoi2HtrZeiJICmKP38QA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3588\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b1dc27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"af857a0084c0da51ea4be7c5c6518d54","sha1":"cfc4a776cb333e2cbfeb0fc3c57e1da239008650","sha256":"11b253ff6d5ef3b9d82b063eac04b49942d059ad2b06f1141d5221ea286bc361","sha512":"e3d71022ad5de469625e076c5a549b9314de1cae841d6a695fb7ff74ddf1d9cead8c2fb79922bf1214a4371ff37447bfe8194042b48996d5d32262e61c4295c1","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYxGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzCIEP3BkS2PdBE","tlshash":"d752b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae026bf36","first_seen":"2026-04-21T12:24:48.89473Z","last_seen":"2026-04-21T12:34:16.098688Z","times_seen":2,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.galabet1069.co/configs/928de3c284a560a4ec2990544700741b.js","fqdn":"dataspot-int-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /configs/928de3c284a560a4ec2990544700741b.js HTTP/1.1\r\nHost: dataspot-int-bucket.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=m585ZbP7fdVopNPyHt8t_NmuZTXis36EtPFguRU_E88-1776774223.0408502-1.0.1.1-i1RrKcnv8rjNcpzTHwO7IgKfZIxoVQ3JQt434kXSJfmu7EqRXnZGUSR.5wboKWD3BUWGXxBj6exJHZjBCgOXYy8_7x76luLLRmBAprlHuJCLZD0QP5C3PLAfO4eHyfAg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Dec 2025 14:02:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=5TRB4FSAinUbJWdoCheBNg7sx5vp7Zyuip2VJqrZIHI-1776774135.854953-1.0.1.1-r866VfIVx7BcvyAwdxO6fo0tbgKXGCWV59i.6_KsfKLrQR5MdHozKzR6jdzMozbhsRQ7h6VHCcwNj_YFyG5tjIn9XQfdjouxjxtgYmzw43n8U9E32Robou5lHjjH896U; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:22:15 GMT\r\ncache-control: max-age=0, no-store, no-cache, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8r7KNjz60tV4ngm94Pf8%2F6cLNjda4BziWDhOtr14UQhjsTBXT0%2FT13wgY7zG85l%2BPAuDdY8%2Fjg7wgNFiKl8V9HNGxMFHWXEeZ1IfllVrXqs6q6tdSn%2BEYUHOcIYLI5%2BEtTRGHOT4mlaPj68BXW1IEIt%2F5S7gmQ%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\netag: W/\"69494f86-9a7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f5ab87131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2471,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (399)","md5":"1e2a6c49770a52100388701459104032","sha1":"eb58c40e53a15e3b55fd60c07276e5479e07a89e","sha256":"161586af456353acc3ccfa1748aa3886066bf8f3c5614a5c4db0e4df676adb2b","sha512":"b601200e6ae6894ca67b3afc195d37fea9db1864900cb63b60428df3f106c70ea2e379566d43c326c3b7d439895f609866b2c4a54d77e7a2697f066c05db6a8a","ssdeep":"","tlshash":"aa51f31578e21e7300751435a55768c0b422bb47152ad88c3bce760c4f7db7995b5b8d","first_seen":"2025-12-24T22:39:16.396562Z","last_seen":"2026-04-21T21:26:35.793924Z","times_seen":21,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1404\r\ncf-ray: 9efc5c9139390731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfvWH7-l2WGZEJvxD_-cbyo5fufmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=722+3 c=0+3 v=2024.10.6 l=1404 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"434c7550a1a937d1e7e8bb8416691d9b","sha1":"d837654b42d1474560a5698cfac3514209cde2c2","sha256":"5f0f065528ec2543e34a03df1cd588b4c4ce7764d1ff62e67cec0677f638c549","sha512":"eefe6cf29ea82af55070456f2bf2cf1ab3c3328938ea092695f0a25370e6cef7ed1da43633a4548b22b46d7d7a87253ef01b2c01847ea84725cd4acc7be813fb","ssdeep":"","tlshash":"9f21e6a32c3914ddefa65f1485a00d8dff03c1a5983ee3d896e83548e5788da6ca00c2","first_seen":"2024-12-05T15:42:26.602777Z","last_seen":"2026-04-21T21:26:35.581198Z","times_seen":2471,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/getLiveGameAdditionalInfo-Bn5y1a93.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-Bn5y1a93.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=5NdtND.hIrWHTP0laSqzpfXR6XUQLjRJ6kgdzzcfdsc-1776774223.261618-1.0.1.1-o_9hvD2CKXlcXZH_a77Ql2e77DRknnBdgz8XFIE.BKL1zcmtBDMvFCGD9jVXcvFtyuPEKmDjAFiGj5zxaCWn1h0LD.UBH7zE72kVPOI.mTHb0qgnskOVa_AL6H0YBksO; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PPpDVb9%2Bp8eTeTT3wseTRhhyAI7q%2BCAkV%2BL3NGAzbZOppL%2FXQ8hIDK9%2FZztL2uurgAXnqvw%2Fm%2BqvAFRFUext8DHgwnGTGKn2Mt3zvPpbIeLmTPpQoJwHR6Rre4sV3Gw4itZdHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-47e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c928f107131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8b743c5d72844c3db6164a2a1f684358","sha1":"e2b4e8733e2d176b5e0f2b2b3189221f475c421b","sha256":"dfa7b4b99866043001b4c7d477256cedac63f2e95dcf2308cde374d13111915f","sha512":"d78cfc2f29330f3f33bfcac2be9a20e7b9a0b56054ac138d2642499694c9a8db4595fba66f2a20cf63ffc93129110474f6c7926dcc35dc20fe332f78cee67654","ssdeep":"","tlshash":"e82114b6606e92bfb5da4d945ab01b31a2b5ba09394445ccbb3cc9091977484a7e203a","first_seen":"2026-04-21T12:24:48.897175Z","last_seen":"2026-04-21T12:34:16.199809Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/usePriceChange-myueINat.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/usePriceChange-myueINat.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=V4ogyhoZ6GVTkOQ.A7Xjctrk4fKu7qmxDXKqJY4YEsQ-1776774223.2632723-1.0.1.1-iXvxDvLJEyC7OJNmQbcGbuKqevRsX_fNT3iOIZ84FDlNXw2ps4TOqXbaGB8oOWSe.L3wwmx2.tJktsyFNzzV6bNP6Dpw8divCMORW_cLJAEyrxIvIzqJf_yeSUnaU6IJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kIBfCMG%2FMIsBEN0OSlE9nDHG6rr1hQLHBwYgHzs6LGWLcMLc4h44wI8Q6eWDJAJlEPNr%2FAqbkY4kpjy8ClUUcI1HFfya5tbk%2BHyNFgtNQZ1YtxieYtTO9McM0U5kiYgEHLMPKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-1d6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f1e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"4295f4c6125344dde02e8b6937f94a4d","sha1":"f1c4952e3da24d3fc5cc4539d0a24cd3f6a7b423","sha256":"f938915b888a934d449471981f2d0496cdf2b87214d09b96f2027f561814e1d9","sha512":"f40c16a008b3d9f9acfce3584d8729a3d1a8b20de0f73f0629682b64621d51c7457b411f0573e200597be86b87c7e9475166fb21d30677c0b16f58e9c1323420","ssdeep":"","tlshash":"f0f05cbd14901813545f0cc4c26485971fd126d56bbdc31eb230882d37589af06aef6a","first_seen":"2026-04-21T12:24:48.898294Z","last_seen":"2026-04-21T12:34:16.277321Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/expressOfTheDay-DphuSM7z.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/expressOfTheDay-DphuSM7z.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=iugoWXQqjqKF_ZgpxfD8Q2bih8BBV2qqIc61eS6T2qY-1776774224.2227094-1.0.1.1-1zsP3KwRRTpBM4ZR_KjHLthGWL7lhnw6G6haWGo_GzsWtUbRE8w3_kszP4ucND3JRcemH1Uqg.9K0AyLJPTlaWDkDSfZH.XhfkFwp3WadtN0eJN7nQCXXGNoxKKxYCIp; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RYdAtQXvnOj%2FMLLuoQxSkIBnlknUA%2Fw5VPghSz1DpN015Y19tf%2BpDVssSPpqUgETcFo8utIdcwtx0zISOdN11Vr3cqh8N%2FIjS0wEN5%2FnEicZxIwQIF3Yquw9%2B65zG7Sh8UUi0A%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-30a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94190a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":778,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (777)","md5":"22092a8c70eb955087af43f26b5a344a","sha1":"e502fa77042e7b7f3a03854282a6c83f03ae62ed","sha256":"19271fe669c8e2e0636cf9da9d6de5274132700d28b63b9d855a95cae9a53e39","sha512":"6cb612108e131c223976e6396cf14e58f4284bcfd98e76d01876b6f34738607b0c89b823fbb186b7eadb03966dddad5eaba3da3e063e78090bc1daef1039a7a4","ssdeep":"","tlshash":"9d01fddaa11dfb3f6cdba0abaec595851130787e59b271f0b20f0e9646bd008458fb16","first_seen":"2026-04-21T12:24:48.899417Z","last_seen":"2026-04-21T12:34:16.296164Z","times_seen":2,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/9/18844.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.358Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/9/18844.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/userJWE-CerqSAJV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/userJWE-CerqSAJV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=syYJLpLI5Ud4YO4ujwvYTQY.roQf2fcD4mzSFv5f5_w-1776774134.1972067-1.0.1.1-jOj5Ie..Tn6jbuzxum7qifPBTi2AlKBX9Jc3ZyXnCfhrugB2CuIvzAWXf_2xSxIQl1oPAHxLMkNPPiVi7TsVAqMnks4d17FfD.LpSU3MJ5g0j6sMqWkcPL139PbYt6zX; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IJRDrh6mpaC16PSKdrxc8jFNXm8cGUH%2BYsVOPaKiOY2KfqKmrG9FyHfjEtAdHS0n0V3LzTfcjLeFZTL5by1ZMBxl87WpAGoZH%2B8ykRgcEx6t6w3Ls%2BiOM%2FTk6dhQIxI0tMZXgw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c1\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed757131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-21T12:34:16.233362Z","times_seen":2,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-DtyOsLF2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=7sv4RDxlc.MzjWDZO_PG82BDD7NLz1Shq9ljiIRYJiA-1776774134.9040303-1.0.1.1-zWGp2R8D4hsGLy7XhUkIJoZgVTVlWwfRds4M3SrBUU1cjSmBtPoCgZGbTvn.GUhveJGEHSxUWkYikE_t7bz3F9yWB3uTMYp0Wt8z3qd7PxZRyTv.kvMTXnmQIlmp3Sgb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nmeW%2BH7QVGc5B%2BA1p3kVQJvfAZvzCctUNDX1Se8AZULT44ArTh9xXacMlOPzvjrjl%2Bk2byKcWmv%2F%2FkEAFsaPUmcHaVTzYRP1y8PgMI7NoJVi5r6oaxkB8Hnq8NJ7AuANfGCk%2Fg%3D%3D\"}]}\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3c8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0da57131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (548)","md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-21T12:34:16.186009Z","times_seen":2,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/ExpressOfTheDay-43DWSrHP.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=i7.AVmD4XvF0RmtIGBaHhYdZv_jwlUM3yFecgdX0s14-1776774223.2206354-1.0.1.1-a4xlmSCHFjDAUYMWoLBps8QiWTdIYPGTTzZqmMzIQ2dCTfmFqYGcVou4VLNTee5a6DkKO_h5kypKA2RSjJOf7SJn_Kqzt1Q3VBS6QgPpfNiSlg.2RWNSNR.tGCCow0nW; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=FodDKfx4d69SMlB2dx50YwHbEAIkqrR4f_wiNCHpvFA-1776774223.604912-1.0.1.1-Hzrpqc9Ntw5rRgNdbJRqMhQFNY7Qz1flaEDjBFp8IicaUkh5cavluO0akhOj924ZDh7fZNyQ7S90R7Nd8wwIwXhHTgAFTtc3rHmJavz8Kb3bHs1roWAGY.Vk0Mh2lDxI; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pOUnMqfB7lWayU2xk%2BcAIyd2%2F5HV5iU4%2BB6hGN5rBBgFUP%2FJwoomCG%2BsAYsn0RQbA7t%2BDmoeAGmb47Rz7HJhz3oLFYonsidgTpRy7yWakIYvt3bSW91HiieWooimGMdDtmrf8g%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-4529\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c904c0d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":17705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17704)","md5":"29a4feba57dc978d4cacc40dd9c4484a","sha1":"9c5bc3381940ebb51fc21dcb34599bb7b3b44330","sha256":"2d0b096bfb50494d69b04b8dee99ca90e503795ad31e571a9c0bf43eb5c1e4c9","sha512":"56d290b4472b91cfaec323eedd93d2f80a711daa22a76009501f6e760f75ec0a3df4313e63416edff564e0253cad818a58745211be27e43e44c523d7e93697e5","ssdeep":"384:GzgLUxzpiANNygg/aazRObFUSczDwLhg8fTddMKnLLyHC4EK3CH:GGUxViAKgg/aazRGF3g8fTPdyHC4JQ","tlshash":"6982f856e009d67dda3e04ebbabe600530250ed8c26106e1a57f1c2817dc45636effed","first_seen":"2026-04-21T12:24:48.902861Z","last_seen":"2026-04-21T12:34:16.206185Z","times_seen":2,"resource_available":true,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":372,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: CNXe3DU2FEFHgpmxoo2VSt9O8EMF60CQ\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8jACzbOuskxiRau8b%2FkcLAlZE6cXDeDEhZ71%2BYspHrDguXXb6YEzjr9j7EFYygkiM6vrmtRsnifGYwLlu7YiQFzj8qY3nX%2FDwVa6Yfg9ZlAJ816HSzEvlMaMdhH09z1NODdBaF%2FaqH5VjIoSRII7NAE%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 62e740a3ccdabe7c6d3d19052f330dca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: BjmnAywowu82DmjZx_12k58ZDTFvYhpRlZzyvNH_cAbDb7DrUBmdug==\r\nage: 661\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"914072ababccf9be7ab6560f2b73e2b8\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92ef061a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1880992,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37482)","md5":"f49eb26736e653ccc5baa0f0d6590c5b","sha1":"3a169f46e60bafd407abfc72392c9a53cba0b4e4","sha256":"41566a804d0b8c7c4e2ca4ecd4a240a614ecb0ca7b7109c9187a1fc15c842319","sha512":"0dfce97f202f2c0dc3b58ade1ff1a3c7fcd498faa18c8d41fe6acf7bbb8cec6c49a214de8b749dbf90550a567ea6019783a7528b0784d40d84cc325a42020ef0","ssdeep":"24576:puowdgHgfyqXqzNfsh62ZBJTIPgKzYJRZ:puowdgHgfyqXqz2ZBJTIPgKzYJRZ","tlshash":"6f35b588399bf3500997f0ebe02b1d08e22eca35f84aa4409f62d7f35976356d36de15","first_seen":"2026-04-21T12:24:48.904198Z","last_seen":"2026-04-21T12:24:48.904198Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":18,"dns":1,"connect":6,"send":0,"wait":45,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/10/20284.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.286Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/10/20284.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/305/611400.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/305/611400.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/menus/footer_menu_751_tur.json","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /menus/footer_menu_751_tur.json HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=GVqtmFwaBo3od0ScTphSy0oFwKK.TyeWJ9jKlTKwEaA-1776774133.570887-1.0.1.1-FeE2HeYQRUmU3LMQPSfCykvQF2MuTwCLZ81wS3iLNhNhNNrAQ_.4.iYOgUp6_qlV.ZWOhXJEHiaZ0pew5GgwMewjjlKabJXaNsZwui0gxufatDf8Yc8M7WIlBDZO37gE; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 13:22:13 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=seBKtlF8nL7KDllWrfSdTqskzKFvAFqrJ2bsW8y8vjWy1MmsLfIad7hhJiQBtLSxmu8NdhRdaeX4mh09W3gd64M1Aw85xA%2Fc7tQilU783gDX95lRLiTKTiOVdVV8QoeAVkKdNQ%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-2170\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c890b377131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8560,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cb7c741a547fc4a891e36f03de2f52fb","sha1":"e589086845b554f59b1b11b2b498edd0f09d2c50","sha256":"e1f2743754b756e617ee3307f8ac72f50f94263f3009f9aa90aec03edac6be73","sha512":"2d3da210a4cece77d8c2c5a21e57119c60f5010e02e3e86a8e7d3b1df68174b55f59be99ed140bf5760974abf623b8eaa24d96f0808498dffaae7723bf944482","ssdeep":"192:XSk0zkRSkukOkWkEkRSk36kphkpGkTSkEAkMlkk73kKUkwHknu4kQSkvIkWbkCOY:XvTNrLz5Rvn8xTvewIYfQQvVdqO3y/XV","tlshash":"c7024612f00d5576e7087e00bcc7ad0b84ce609dac5d49519d4d8bcecbda5af8ac62eb","first_seen":"2025-12-24T22:39:16.150949Z","last_seen":"2026-04-21T21:26:35.694256Z","times_seen":35,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AMNfjG2ljhirJXq_8taAyq3NOqNbIkYp-R0-qt1icnjv5ffBCr0ZnSFcwPDKrGwkKRwIMyz952j--xw\r\nlast-modified: Tue, 21 Apr 2026 09:37:03 GMT\r\nx-goog-generation: 1776764223326488\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 102858\r\nx-goog-hash: crc32c=xc3aAQ==, md5=Azks7VF/NGDFqsVYNQi4wA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 33209\r\ncache-control: public, max-age=28800\r\nexpires: Tue, 21 Apr 2026 20:23:43 GMT\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":102858,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"03392ced517f3460c5aac5583508b8c0","sha1":"246db634b505a57976de39ab3fe0a7fb19fd803f","sha256":"37e29846d13d28adfe41be36018b21d588bff37eb62fd02c33eb0abe9be8a4c2","sha512":"a8f8c90c9e6518c10d510cdd48b72a9e9074d6f091a29f7b848f58aaf0ef0879414cb88ba4d8310e6a1b8d68eb4ad00d51e0900080c46974f369d85e73355f49","ssdeep":"1536:E5CEuRri7TzFqNocxOmeuRyQVdlahwpj6LnJfRUH019xN:EoEuRu7nYGuR1VsjUHa/","tlshash":"baa349d67282b03493fb85e7a07f6212b7392918740d8420f17ced6a395a987d177f2e","first_seen":"2026-04-21T09:40:22.967783Z","last_seen":"2026-04-22T11:47:09.579346Z","times_seen":44,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":55,"dns":43,"connect":1,"send":0,"wait":3,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/18c2b87a777d82bca542b119c494bc53_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/18c2b87a777d82bca542b119c494bc53_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31364\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Thu, 14 Dec 2023 11:24:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"657ae5fc-7a84\"\r\nexpires: Wed, 22 Apr 2026 11:30:30 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 521536\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=LaSKo1fKY_ZKhFFDWIjCOQKvtZheJgJg9O4wyuX4OWw-1776774167.3562272-1.0.1.1-e.pFKMy0gORahSP3yoTTp9x4h3Ku9LwuRTUcqqCVDJPRIscOTS6r4pJlbiVLLiCIb1PZuTTTtouv6EhCcxTDXiordB4jxEEndZ7BY8wJ3FCiKRHi4RWXP3JodMcwyI4R; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1niPfKBZVOPzSBPeWAiym1gGQvs%2FyRjypne%2F0Ak7%2Bad34EA41ZvM7Ko1o5x90ptiEdCtouj1VG4BChs1%2BTUeuTwMBYSKjss9Ow1wtGwLF1fBgahjcJscSK3PSfXAcHKtlA8FPWNC9gk%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c977c457131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f5258a995e32b57080e3197df439d4da","sha1":"a266f2a8a7a909ec6494b4779b7e5140af132f74","sha256":"e340dfb5f1da7534c7094af16542649e6068a9297f77becda2460834883571b2","sha512":"6de2e85828f0d8c7951219a87acfe01684ccc2088ed7219c3a239c24b45f5a7e3fa42a0cfe59660423d4db2659d3c8e638dc334840633b4cd8803f831462772c","ssdeep":"768:crcinh8ufR7/cy4I49b/I3c2NGidr9SIl4XIB+c1kAEr73:hinNfRW9bQtFhzuIk6kH3","tlshash":"08e2f16bb321bb68c97d2d55c22b82010ec7d458b1d7edf9c9b780ce90a1122fd00ae7","first_seen":"2025-03-07T23:27:18.851138Z","last_seen":"2026-04-21T12:24:48.907064Z","times_seen":102,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/6/12437.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.160Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/6/12437.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/686/1373691.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.352Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/686/1373691.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/pageBuilder/pageBuilderCssConfig.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /pageBuilder/pageBuilderCssConfig.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=jb1NvO1Ty99Ts2qnjnhtrULsxPXfcyrcg1DUG2_PttY-1776774220.7718983-1.0.1.1-lYNrBz2uTXfpajEbydturmcfIKPChnOAGTbiv7ft8X0Gy5Zkx2Htt.JocubN2ntULce1dw7ZBUXYEAoGfilf4.GDEmND0g8rrIgsNolMr3Vvqc0_aDNeW8ymGykDHCBQ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:40 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U91b1LAQulnHTORSCNop9TZ6kuIicA4WCp4AsPJMqFmdBGF%2FppcQK%2B07Q3eaIQynqGtyEZoHGyAEtHhExDXKKPymFvcRQ7Yst45PTAh4R3svh43kb6tj6VDsnyZZ2IP0IL2Zig%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-115\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7e5e957131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":277,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b384bef633c4dad28cb58c0ed626c676","sha1":"ed85abd1e0329f1d4b3a764fce34525abf680ff9","sha256":"efaa340e7652864fcef70fdb10125f60ec395fa732325cff6606c9d8446493ad","sha512":"0b6f27ab057be8f03ac22f0ddd42677644ff77a325f6972b4a665eee859b0637a78f6b1cd6a4d8f7a41f71f76bafa85978497a74a418dce33aa0082838b7ca3a","ssdeep":"","tlshash":"32d02ba19675cf1126d210a302872ce56c6dd247b1808a876485e2f670c92881953f36","first_seen":"2026-04-11T13:31:58.704895Z","last_seen":"2026-04-21T21:26:35.771038Z","times_seen":8,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BiQikUyv.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BiQikUyv.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:49 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6ATQ4B4x5PyUZ3SprfZD67VugeZhlru%2B%2Bi2f6HTuuiNE%2FessAo1c0eW3prDjlHQZu862xeLoqWH0hhaixlIW6FJRzs4bjKZuPqTYwpP3b%2BMUxi1y1whVlF%2FXzZqUe80xZQxRxQ%3D%3D\"}]}\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=j461VlTDN8isVo0UF2azpnbfCdALSfE8UthHF27tZwg-1776774099.6611502-1.0.1.1-5Uu643qPn6fX3Bg7hjYTi7qmRNolzILUmBlV7X_73TCNks8.MiXiLS6mGfcd0cJHeaYA2w0WKkISIORugT_9yJ9wYwJm24.Agz6aR928FFpvw741.GCYCxR2L7JL7opA; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-466b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c884a157131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=8,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-21T12:34:16.243654Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DisabledMarketEvent-D3Rzd1b4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-D3Rzd1b4.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=1h4fk1G1xKjh7wEw.05qDaLdzhmBj0XU9eL2EQuCYF4-1776773846.8281217-1.0.1.1-b7GlNCfQz0FRIpikygZXF23EXGelfe7VP6Y6CDBsEqwssQZQokCCW4.PWEu6b8byO588z975fKteUFudGzoPdzXUDHyTKQ17t9XmlHQZOjfqzGrnlts1s.uclMKotc7.; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:26 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:13 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D4JkuyHXQVB%2B5J2qmQ33Ec%2Fez%2BBJekvCRjvI0KbqrjJ%2FzH0KrKTYGC5OH8JzSyU%2BZdWs0UrBqXM%2BgzG69W96GibdqzH0tSWT%2FGYJhHHzJgEyY1sOxKdqmrJWLG%2FzpnwFvWLpuA%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a9d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d987c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2717,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2716)","md5":"a0853a252113b89e2f91430c92601259","sha1":"d1e90d51f3b0454077b0fdda9bd92f81338a3174","sha256":"f9942c9c1250a67cc2cc703ff9bf0c330e117e3fbdb15c2abc5d94cbd5bf6905","sha512":"1339cda711baf829a033f7bc84391f3b1b0a3c250bdf34f4ca1c13886db7d9ab1cc282c0a329fd60542271aab51ee98d9267c6110bb87a7d56b86796d19fec77","ssdeep":"","tlshash":"7d51846df280ea7d593500dcd37b1f5a601a17a2c65a0952d07e8c38095d09d366ffda","first_seen":"2026-04-21T12:24:48.909521Z","last_seen":"2026-04-21T12:34:16.285331Z","times_seen":2,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FeaturedGames-DWwns83P.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FeaturedGames-DWwns83P.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=2ZKOsrDIEYnwcu8XgqcsjpqZZ6xfEZ9h7HB.thA96EM-1776774223.058576-1.0.1.1-epE.xT0bd1zxOyRVrv36Z85jg9C3eoElB72oICv9QSmgWrvJQ.0AjEP5DLWN6n2mOwKzvz7DWxuTj8kDY93rD56WE2b0iJXHrJVe__koFHg4sEsRIpdK6BgnJ_LgGZvx; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=XY2aYW5PXagnzL7gkUBCT8g6hkrdbXrFsYsQj8i1evg-1776774223.186602-1.0.1.1-HLuzOhqnNEEX5_sdv4q1TZc2d4KIEUDwTywWBSAh5hkllwBysgemohqh7ub.N.pvFMyxiMy7mJwg6e43zaDf_k85vY_kYH3vYCUSTETOJ_YQn.qtFFyoSfJpyMbaAPiT; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GuTPRWYx6SXG58PXLnU%2FBUc9nJBqvDAUpnvzFdU%2BfWdCfV0O%2BREEE4MWUVaj6DDjyS4gVrKBNpRA%2BvnnmY2UL7h9zhw1IiNAV%2B1S68n9T6CvRzgxDpk7VlmeYtdnRdCKVT%2B9LQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: MISS\r\netag: W/\"69e73090-1ede\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f2a677131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"bcfddfb5689ff1c2391259b2f348992c","sha1":"ccb1572c067373494366fb079f2fd90fd898db07","sha256":"50b6bb1d3eb822aa4fc92de52882f9c26159a5376b6bbd24f54e76eff0551203","sha512":"776eb0edb6ce0b236714cf9b2d4153f65bde3c9fe57ead2163122cf7fbaf425b896bf2562c4d72750f762886b555d5eb3dee7a4ff03bd95cd4247b60ca87f302","ssdeep":"192://E3f6HZEUDkH92wlLcoWhCWOJmMwL4Bflg2yjTl:kyHZsH0wlLc/h6S2C5","tlshash":"40f1e90ae010b67de57b49e7b13f5508f47a0ad0e7190c90d0be2d2919e9246733ef8b","first_seen":"2026-04-21T12:24:48.910669Z","last_seen":"2026-04-21T12:34:16.219344Z","times_seen":2,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/40d75f7e1ec26e806990be9ede1c95ab_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/40d75f7e1ec26e806990be9ede1c95ab_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31404\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Fri, 25 Apr 2025 08:00:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"680b4111-7aac\"\r\nexpires: Thu, 23 Apr 2026 14:32:07 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 424296\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=DGRPL4hUdUT167T9LFaYdUGg0DFOYk6exkIoRNm5ozI-1776774224.7856908-1.0.1.1-S9.Qlu7vSZfnaC7WsVgwP5OM31eU.5PBDAoOBknFR.cjy1GHu5kqgpWxIrGhpqRwdbKY4qrrMSyTnt1G.uwDxpsY0rZra9ixJ8kSL6MmUB8Ac5dZ1js.tUPIWPizxFwl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FndBhuHn9RNQgAtHsCFoJvfZ%2BW1lwlR%2BXcPcae5wl3TMByOEftQDt6MoIYwMIVUFaUNL0bo%2FmI6H8Yh%2FICPL4lLE7lHw9n9%2BE386QdSQE6%2BfNXLf8bmaqmzWvOkaroK6R%2FCumKL3Ji8%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c976c3e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":31404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8ad82608b6f3285439490f82a90f4910","sha1":"dc426cc851786da9f034812c79d77f2fdadf16bf","sha256":"c9a90cce49dc6ff80d492921381e7bbf585617284ab0a0f4c08d4b5a67c5163e","sha512":"da34e5731fa2853e1ef5cb78c08addfb14464388b4c45de9ba671697813f48e6eb782cd99bab5ca7fdde529404521b26ee217ef92031a9fd7e18cd8910f780e3","ssdeep":"768:TZXBNROE/yERHfdP6M0ATPMDD4NKw00zt3EwI:TT+E/yERHt6TAuD4NK70B3M","tlshash":"dee2e16cc13bf0cf49f8e7da6076105071bfc5d6a066fe0862ffab97a422d2498125d2","first_seen":"2026-04-21T12:24:48.911922Z","last_seen":"2026-04-21T12:34:16.213989Z","times_seen":2,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/363/726267.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.156Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/363/726267.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/356/712567.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.300Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/356/712567.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/dynamicallyStructuredPages.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /dynamicallyStructuredPages.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=CDyuyXIXbXVtLhbkOMmlWOuiLYEMGndpSzD1CAqFGYc-1776774220.7788272-1.0.1.1-J.vzQVJBu5pdGWemZ28fMCbzS.ppKsQ57IvEwIf91eL.VNXhRZAcf_6nt.0APkCFl_MRapfJMFVadgG4YjVdKcjTdQcVRLJe7hO33qlEb9wh7dBTjRpBZ4yNQ.IRkXS2; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:40 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=emXNNDJ8HvpocF2XeJ%2FI2vyzfWYBJ5VnUcv4ohyjjbuRb8giuIjBKcHfM44BsATLmxt7PoUWGd7gvy0IgBskEjGjgqcQLI4XM2LnWRTkdmiaqpXQHJAUhDikH9Y2W%2BkuotlUww%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-2fc\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7e5e947131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":764,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"61ff5ed77b867ea7b436a21eb8e5ab4e","sha1":"91488963a9157554638375ada821c4bb44b12dd2","sha256":"8329002355bc98821e6757dc86bd87104c3f79ab3fa48db2435c5d3baf0ec870","sha512":"e93a660a89166b2b4f17735c7ed67f95b3b333006596634a735da5159f605181c8a74bffe6924a82feef888aea5bab127c2aaf77685cd27efbd0d71b9d888456","ssdeep":"","tlshash":"2001493d3c10ceb4f7a08862d58167809992e576c7880c5c2cdeeb19c3ad24e1441b7b","first_seen":"2025-05-24T17:16:20.011585Z","last_seen":"2026-04-21T21:26:35.682003Z","times_seen":2469,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":390,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipControlsNumpad-CAXDjwGA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad-CAXDjwGA.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=WYzj86bMury.dVHDz6Sv4vIkme6yaaUXKUkJPeTuvH8-1776773847.255577-1.0.1.1-AqKEu3wiJKAKsPlT99F2VxH4fEUu6qb6NeMoLXndjnbBPUldM7o140VSkLa4bYcUoiRNYpSxX75xVw6iPxkK89wZekYvbEdSAcATCh1eDLLSYnHET45Lh1BPCR22pfxh; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bilnbom7cB7lM6OOw6QTc6qwKbwlcr%2B2UFP5BjXRsmkyg%2BswustoQeumqPz%2Fu7nZLBtpEJovVVxQkWMAOb9en%2FHPIEcOFiJGQbKXkpGAUWC04rxTCP%2Bp4%2BdzFhiVcekjJ3N6Gg%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a2f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8aa7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2607,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2606)","md5":"afbb768c0fa9bbf5976fa3307a1fef58","sha1":"02db4f7af2328930f9a45486c6729248e4b0f88e","sha256":"890a2650543c557f657c8b7e22ffb5a358fe1e418ffd255f364d849d093bec97","sha512":"0a543d0f22bc3f173d758d569d31f97bda8de35bdacaaf0de6e1d5113695575a5de2117690cfe4cc9373ecd90c1d518823323f9b46aa526a2f9b5159336a57c4","ssdeep":"","tlshash":"5551dc51b001ab7de6778aceb53e0020b00f2ba8d66811d7e47dac64bf6966570436df","first_seen":"2026-04-21T12:24:48.913998Z","last_seen":"2026-04-21T12:34:16.119306Z","times_seen":2,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesContent-Dih0wve2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-Dih0wve2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=m585ZbP7fdVopNPyHt8t_NmuZTXis36EtPFguRU_E88-1776774223.0408502-1.0.1.1-i1RrKcnv8rjNcpzTHwO7IgKfZIxoVQ3JQt434kXSJfmu7EqRXnZGUSR.5wboKWD3BUWGXxBj6exJHZjBCgOXYy8_7x76luLLRmBAprlHuJCLZD0QP5C3PLAfO4eHyfAg; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:00 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:19 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2kBQp2PTIPfO6tpHW6TYOQ7Xit8ZTlmUj486P2J%2Fpvazic4xeKMXDVVI0yOffXvp7SXSFPfnQynKxqYXcnve2QFKFk28sO4kPasY1TwXEaOfBVr4IkImALJtvzOAc2kpnmN%2Bvg%3D%3D\"}]}\r\nage: 340\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c53\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f1a517131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1734)","md5":"908b6f08461acca2709ec911c51197d7","sha1":"888cf903783b8dd923aad19acd1eb664291a7891","sha256":"0f950782f65e4b79ef1b137414bdf3b8ecc50182087346bcbb50663d509c7077","sha512":"191364915a5ca76736f37b7c6b11eb165567184fb9e5a3e84eec324e41c7f32687ef026ccf2f82159e37549795a72c5508dd6d1234f5f4498e131f70ba17b33b","ssdeep":"","tlshash":"d651761101009fedba9eadd92e5bc1a054f6078c6155c62ead785f7e302da407137ff9","first_seen":"2026-04-21T12:24:48.915813Z","last_seen":"2026-04-21T12:34:16.09431Z","times_seen":2,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/363/726267.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.199Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/363/726267.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/495/990964.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.335Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/495/990964.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 21 Apr 2026 12:23:46 GMT\r\nexpires: Tue, 21 Apr 2026 12:23:46 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 21 Apr 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 133092\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":414634,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32337)","md5":"1e7fbcd63d37246e6443be072c080438","sha1":"8f46bedf975b21915209ee772c1025f434b15c4d","sha256":"861c281c039987cacb0b4b52d389dd0e080c7757fa08aaccd2ada3be155daf0e","sha512":"3b95c8924c46f5cd1745ddae8331cb260c5ea4023da48b5204b563b44a1e8586e9353a70ced452b57b5f6ab25fe4429eadd39f2ba5e5d1c06b24a8d152c5b845","ssdeep":"6144:FrL5bRuPtxK5kOJj27VZu0DQ18z2kleYiau0R9OLw348U:FrL5bRuPtxK87vs8n4kc","tlshash":"609429cdb7d6b46683a3a474903f018fa53a28e2b44cd899f185ccd42e706aa5173f7d","first_seen":"2026-04-21T12:24:48.917208Z","last_seen":"2026-04-21T12:34:16.148401Z","times_seen":2,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/walletConnect-CiycSUBb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xQ9zkWGQ8GmePlZOjf33fB0cOIXeSXlgjZiC%2BNZ9JluBTO2ShsBrJsv7csbouwtfkqf%2F%2BkcaQa%2FgLnjBEs5IFXXHoY0roOjy80q0TQDMTe5qly9AJsIYl0e5PN16M%2BO%2F01WmVA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-7ce\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8d77131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-21T21:26:35.533835Z","times_seen":1601,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveChatInc-xfcbsjSt.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=J6wirgnCgOKt2vFuWmX9vdkB5SFUUFiIjRdlOjDWbLM-1776774136.3844106-1.0.1.1-DdiyRuTvnujsE7qqZr_X7q85awVsP0RkNAig0M22vnO7SawehnXykxPzsyOgnJ2FdWVbf7Xf_gbhQrqnRHg880oltpQunwQOAwfLq9zkQalXUktNlu6Y9w7N7JuUTR3a; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FLRH2NDKZ5JFVaXuLnAB0Dpt8HGH6g%2FVg5QYjMWbvCoI2c3xbLvcI5h0hWVXcTgT%2F4b%2BWwnjoAUiAC2wbDdcoJzOZw7tJ4F0Bth49L5EE8H5F7vwC1sXQOZ15sQmWblspo5jKA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 715\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c53\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b1dca7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3154)","md5":"e29915082e974265cfb510f4a62a80b3","sha1":"de425fb2ec9ddb8427870cc518d5f25d33fc6183","sha256":"9297956898b0539325b0703e97a0a9ddf9f99e52d7581fbe7a79b33445d423bd","sha512":"efd2291722af41ba67eaf1aba6207ebc3619ce424ba0aff7e58b200279bc4f8e48873c0d3a7450a6c29bf3c1aad59a8a596c82e483af8dfb5fa9e8c56c03ac0e","ssdeep":"","tlshash":"3c51a69de03874b4a27927e6323b771f32165a14a4484cb0357c4f166a0a48b8076eca","first_seen":"2026-04-21T12:24:48.918645Z","last_seen":"2026-04-21T12:34:16.324374Z","times_seen":2,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/297/594129.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.382Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/297/594129.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/__inject/rules?site=galabet1069.com","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /__inject/rules?site=galabet1069.com HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\netag: W/\"73-k6ze31NOZ+yVVyew8Q08Rv4PMR8\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W0JRXTZaXt61eJMMc3ABMWPSF5wEYI56KZX4dxz%2FUjSvCaW3fhYWGIqG6O1vlzUJpYUEeRmvuYqbeTQwmrlxbffFOplXB6PxC5RUyCxeJai0oOxxXVmVLphHYhK8k%2B5oHeJ9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c7e5e9a7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":115,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a8d4f9cebffa07bc6cce63df9d31ca9a","sha1":"93acdedf534e67ec955727b0f10d3c46fe0f311f","sha256":"2c817c75fe257e798af6a3722e2fdebcddb89017a4c8352ea0c8ac6f7950b8c1","sha512":"f74e20b9cd454350379c262335c30822f14f271f3332b062e4d1764fc3063e08075a2ede746dc40bce1d4b29337c2bbf5423aee7103044e21e58ce3bf245a06b","ssdeep":"","tlshash":"e8b0926446e88cf956aaf70228dade59c8446692da660780226098708e8e110d504a7b","first_seen":"2026-04-21T12:24:48.920572Z","last_seen":"2026-04-21T12:34:16.128275Z","times_seen":2,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/InformativeWidget-U7XsexQ0.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=XGvyYN57ITBJZkpl.bYeAEq1CNs.B4hkjuvauSPWJxQ-1776774134.1718626-1.0.1.1-qkAOz7zTddmGI3ASoQOSeh.hVVJBDSdQB4.6ggFj_Rxp8PemsrBJO7c7GdwTDIK5J8NPi_1nVyM5fNehNnVpcGB9VXSDX1jpTQfa9JF18Oo6Kb_lN4HugV9gaBGpgT3l; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gu0Qr0SZPvxQn%2BdZVCAEBlmN4g%2FtJva1yhzSeCi3x9dm7DMe6s3rGpuHlOqU7YZEx4UzzZYtEOWBVw0sSoXMj80SVEc%2BtvG%2FhIvX347hGh%2FCtUs%2Bz1EMcknE5T5h6dJLF%2BsAmg%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-43f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c0eb07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-21T12:34:16.144951Z","times_seen":2,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:45 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=q7vn6R3ixRzhO5lCYt86TOOBOLrEepWa5cSSHG122Zw-1776774225.1045978-1.0.1.1-oqGLUClfKEIjYJBBWm0VnkAz4kStpgAhZbnaOF8FRmxT1vQ9oUfBSOjcZyz1gHYxfvKpWk8AZsBdXkXiGEwpG..ujcAviBWHoHjz_J_Tok6y_WucID5v1..QFXt84hM7; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:45 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hpRN3UT2b99pDmJ81LUXwaeJC8mDmQgA6cYaSLcnqCmlwSLhAtVHMfZZYpHZhDhQcWivRMn%2F8rQjoYKvEbQJLJZEnEFBME4gwzP%2B%2Fc01SQHwbPlc1VFKoXW8gSLHWRAbuSh0Rt12ejii\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92ff9e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2615,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"57bcadb4fc8dd230f6f3adc9cfa648b7","sha1":"321770a05730c5f865b429f3fcc694ffc9fa5ec5","sha256":"1772e571c74fcc1ca93188d5e69f84c965c726a181a7b3d561755c315ef595b4","sha512":"cb9b859208257963cc58c460d277aae9b69d53bb7bfccc6a50c8d87c4bcc9500776b35e7f5268869b4ade92c59c96b39bb491046cd4ea1fab24db640d2e02027","ssdeep":"","tlshash":"f1518b13702d9d6a5b507b40b8c7394ac8ee2447dc0a5670ec494f8d82fa63ac6d33e7","first_seen":"2026-02-24T14:18:16.975259Z","last_seen":"2026-04-21T21:26:35.816266Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1415,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/3/7445.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.717Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/3/7445.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/648.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.717Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/648.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/476.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.719Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/476.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/10/20313.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.285Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/10/20313.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Firebase-CifH36fp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Firebase-CifH36fp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=UgAoSKtqv60xSiPC3mvNFWP7rJ32fsVZad4V35Sk.bM-1776774134.0929635-1.0.1.1-jufixMS5_qFfhMCiErymzSsiaOwV8aDvVHms4QvtkTeNJViMXsqQWGlT2aXlcdBSMPqQxXbA83QCMb4m.pupAwepnkxvZ_t_o4rYOnBd2SGqP0sQHDrtOga0A3vX92wz; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8nwW3lWcW%2FOgRvLzKdJSXRsKiPePDq%2F5gnbbG2Cj8mxYIHoi8Wd4TX20SwwjV4AQRYK2ERGgb1ot2L6ktCrT6O1lYKvaM8HJR98LXZZ09iF%2FupAl4VFxnQOOXclXKFbTa3LyHA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1487f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afda07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-21T12:34:16.292895Z","times_seen":2,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/check-auth","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:43.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /check-auth HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://galabet.winwingames.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X2feMOyprsc7mp819r%2B%2FpWBh1o9Oyt5pDeBs77HQeU8ezx7rMFXwP9JqXfJ17DOuj2Z2PEHreRjIfNS9dcXIY871NTS4NTD7k4PSFn%2FpZpefLDlG4VGE%2FFYzBSUu6lvz%2Bi9qnTj0hYTd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c8dad1e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d0ef894fa1c5fc383cce96e2d857de6","sha1":"fe19a48e71f224e79f27804ed7d5632c065e5de3","sha256":"0b3443a9377c829f10dc4dbc281475c7bf89f141d56af637ad5c59b74d00b2ca","sha512":"988a2be034f9f80c25a7cdcbd2659e4310baea3e590b0f9fe75ac9d0d7b1d90a8e8b07f33fde07627f3f61eae405d36f9afd6cbd20061b3088ab844a0821abf7","ssdeep":"","tlshash":"4c70000202000222ea80000803002a3388008838832020200008a02000230880002802","first_seen":"2025-09-21T05:18:37.922942Z","last_seen":"2026-04-21T21:26:35.723Z","times_seen":61,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/85/171816.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.195Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/85/171816.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/682/1364654.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.375Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/682/1364654.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useOpenLiveChat-C_aqfNmB.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=msfnXYTIc6.iPWL6mqYnlIC2bvrFbnpmB.jVd6eR9Wg-1776774136.42081-1.0.1.1-o5aojM688mHQVc4FjvBUG71og_GWzGccloDLVwzk379g9Rves0u99BXAjttBT.8ZZJN4Y8I1HRWgly0RghccX1WmhOTcoQu2Rg12P_TqUMdh.QGL.x8jLlKP8g_j6zLr; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2FW4z02Eo98wM4ecGOvOluP96D3qP0KzKaR%2BI3J0ZTLaOr5BOCw5xL4nCBjN0xQrzHkMOr%2BTtHtw8ElJuLZwzLvcjpEp%2FzzL4ssWCpxw2SkK8cOaKU4HoEysKROhqZLxhVpjGQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-247\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afd9b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-21T12:34:16.146516Z","times_seen":2,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/withPanelButton-CZMGiM-x.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/AppSettingsButton-VpAExZZO.js\r\nCookie: SERVERID=s2; __cf_bm=oyh1YyT3VJqygQM2yiTW.rqI.1Q_gxuRmLdGYmo_oE0-1776774222.6361077-1.0.1.1-BHqIks0PQEDRR5WN8RnB9a3AhpEgjvgFOLz.XQ5.N9jfXrDNDDRxeduwscSHa0o_7Jms_tbUJb8VWMuIHn5OJw8V58qdZcK4ATCo4BL1A1jVsn6x4vljLN6_Noc8Zb8M; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=t3c1VtoL4IM6jw5MWhIoAVtBc9QI2_TrmE1xNIeikAU-1776774135.0187526-1.0.1.1-Qjh7ntpvgdhbYbIS33Vvt1lzKFdHmymwgMMsBwofumz4sVT1gRwflrm4bUSQNSu7AT6hTwcGtqmuZrVNXdc1YEdn1mjTY7bQUtV1FOf8p5k1ZJ0zMKiGc.MAckCBORTQ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0U9BMXpWCKAPT47Rx7Ke1FuqhQVqtQWbtwbrFmZ5cz8izzO9QuYwOWbvyP%2Bkgp0k4AkGjpPip%2FjbJmQhOafVDXMJEQ8np0iesAo0cUrY%2FlblXXSbZXNBsSP0K5BF9MYxC1XKsg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-441\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c5eeb7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-21T12:34:16.121155Z","times_seen":2,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=G-MCEY36CK22 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\nexpires: Tue, 21 Apr 2026 12:23:43 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157120\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473545,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"28a23b6e3b46203d5ca4876a9d638efd","sha1":"d0ad781859d5cfde88fef0ec483d4b2c0ee2842f","sha256":"650dece09f23fd6f16fad1058ec7d1c47a493b58fa7351b6ad50b69265674e28","sha512":"0bfbab930a476046bd64454c23fd8b2046335e4502ea0ee4d51dd11b28c7cb4f6da328429db620a9fefc58938feab2c464d558d4aa005b182022ffb103a1a050","ssdeep":"6144:vAzOJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:vjnrvYny088dyls","tlshash":"cca4f8ceb3d674665396f478903f018ba57b28a2b44cc89af189cce02d7465a4277f7c","first_seen":"2026-04-21T12:24:48.926388Z","last_seen":"2026-04-21T12:34:16.179984Z","times_seen":2,"resource_available":true,"data":null}},"time_used":444,"timings":{"blocked":193,"dns":1,"connect":9,"send":0,"wait":27,"receive":24,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Notifications-w2cxzdeU.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Notifications-w2cxzdeU.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=gZpnAviGwWKRoFEjy15mOGIe9J5KsAZenKggLLcBE6o-1776773847.271924-1.0.1.1-4oGFrFJBZQTw4kM_Qlbemsa_VUBbp1V.21ICZjYANC0gMgO32gtKCQVyiVqhw8nQrtm8xCs6dNgAUd8TrJ0o4Zr5NEiX0jLpBaxGYuLYWcgtL6z._6s8F1lTQ6_VvMr7; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x8CFaOuutRo8XHLUQTgJkaVfIvtKoXNeV%2FDHIl%2B8NXD6O2xOOcJXvwV0VeB1hffu9JmTXUyfWsb0mxhWTA44opvgCWE9pYMwlbLG1DppEaKFy01x7LYd8MNhX%2BnIEQ6fP5xTpw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-458\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8ab7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1112,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1111)","md5":"1daf003af42fec8d9b9896dcc6f6d3ce","sha1":"d4b08dd14ef567f8d8aaefa2416515655f18fd33","sha256":"327a7a6d6a1d59e3cc8e1687f32e8152027ea7b7a71f9c000a978e673ad988af","sha512":"fdfecf058159d80e76a6018f3172ddd0c46c47519a1163c01973e969d2c4ccc962ee1a68c6c0921150910f3b7a098f02e02f1314b53315e69b16cb9ecdc29dd9","ssdeep":"","tlshash":"652163df6082dafc292148f6432b2a32703708587939481602fb1d2036acb0ad65fe8d","first_seen":"2026-04-21T12:24:48.92823Z","last_seen":"2026-04-21T12:34:16.297738Z","times_seen":2,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Regular.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s1; __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 72024\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-11958\"\r\nexpires: Tue, 21 Apr 2026 13:03:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1113\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bEmiUXEFyjVDiycGchgcCLUsyVJe8ptSYYs1TG5DaOM-1776774134.0325603-1.0.1.1-b9OU5g24H7nStZhbq_5ybK6iYK3shFTmpmhUOTtV3_o0hgg29WIQWFWJIU6KMa.SCohL0TYqG63CYuYX_tEQDLiRtQNK9tUR9ftJPePw__ZB6FfO19KcdRq8luI19BrW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WQBgfG9mAubLtgsNn35wsgHdqapugBYSi5dhPoPPZo8muv7JFlUPuJQCqBwwP0KTL8nw97ue1zpTjo4U3W57D2dC0hBu6zxH18SOslYiVl3Me1JHkAwmtn6rckliJShA10t0rw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c914db27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":72024,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72024, version 1.0","md5":"30c281e94eab37286ff7770f3e51858b","sha1":"7a5cc673f005e9f384e322f8fde4795b0f750778","sha256":"c4a69a0b671392fe569ef74b4a59e0d2e769837ae59beb3944ac72ea240912c5","sha512":"d5b0686a2dce238f2c825169a19f0425fccdf6fe2d6d4e3704a02f618ea96bf1e0827c158b63b221dfd1f35094f4a420abab4ebf984f9993c6a080ea44b3d2a2","ssdeep":"1536:Y/pXAWA65c5JbaWR/9Al5ceizufFxY4lcWVZGDULZu8uqO1:apn54BREjCuvY4lRaK1uq8","tlshash":"3e6302c4ae4f1bccfd67d5add8859e6a1b8ef1b09320106de3119721ef4b403b3692a1","first_seen":"2026-04-05T07:31:10.87701Z","last_seen":"2026-04-21T21:26:35.774489Z","times_seen":18,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Tooltip-BxyEk8_4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Tooltip-BxyEk8_4.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=DLdeBwTUiUwoCZpnbW5WCnRYyPN3gGuvNAxclJHRsbA-1776774223.2225864-1.0.1.1-BlAp.QCAFTPhX5EfIISH4Y_bCEabiIeCzvMkGkRvaYRHBIMHAiv363e9TfrAmOEqK0FTc1UB2IO8LbgzUhpz3HCuxTprUPPpocmJ.ifTuz2yVY6wj3.jvkQrF..xrNar; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RpjnwNINfHZgADNG1Iy3jWA9OoY1eNxATFbQeVUapvUru8qYsfp62Y7o0ifveZOA798Ir2Ickw2fLaiC675fUF9tWObfMudkX6MnHOT1luxHzhWjnd2fBQG6Nfn0DYkTxr92rg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-333\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f1a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":819,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (818)","md5":"1bc8d21796179e001b4a17878a32af96","sha1":"09ad98308811505e38b2708695aa4637a517b411","sha256":"abce98c3d30f7ae4c36377777ebc8f059710382987c75131d66ee1b1f6e69428","sha512":"a8edddb8ed281a34f1b29f3d4f75e6252f85f350f26c5888d420b7e86b3a9dd54b6ac77afd8884e9b6334bd49bb7758fe0af8131e4d3c90b5ffc8e6f6b37f487","ssdeep":"","tlshash":"a001ce46e022fbf8e276549a142d866d72632a6c7e2f59f16038018e0aa4984d317b8a","first_seen":"2026-04-21T12:24:48.930431Z","last_seen":"2026-04-21T12:34:16.135215Z","times_seen":2,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/686/1373694.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.346Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/686/1373694.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/custom.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:39.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /custom.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=3bmOIYJYLzBqaFCFwGqsU9e6SV3PHeyPmPlNvzGKibo-1776774219.4293203-1.0.1.1-SvNAkjcQDYLBSydzU3mzE7UECzJtlbIANr1geDEu3ve9p8leLkUUvkFYIPUUnd.GvuGN_iEmg_pXaXPW31HMj8x_vxdF8lDgttQVLSkmpdTFOpLc1YyAkCrpCBKHDOjW\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nvary: Accept-Encoding\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=2VTlBkm7PNdSnhYNtQji8rb3yWbNr.fJ.nD0WwXuRPQ-1776774052.2182107-1.0.1.1-.DlkYm8z2CbEmWkHQD7tegpGHOJGAcG67W4HJx7AGvjqJGQuFn_M4OdYFWYuOs13b7Ay3rClF0IyyaFDSqZPaXnYf688OqvaTTljDOP4FT6w49lphtHt.e_4fZj.Da5G; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:52 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u8KN5jkjuba4BaNqUjuRfDq8%2FEl3VkMPxlZOebSDPttK63%2FTXcsuyetvKpgvNT8ircpGDLM%2BqV7FGkmscfxkprERHSHBNQQGebAKui2wtFudnoT2zn9Ka4ECRGDeUV95qTrp8w%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e7308d-23be\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7979be7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":9150,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"4010e4e2d378a3d74973df21ce0a97ad","sha1":"a722d472bbb8483e271e1a9641cf250f3efb646b","sha256":"03142d6b4a4e0f360e59e18306e444756971098324ca770feb1491c30c6b7ffe","sha512":"6a595df865e7c466af2eb58c62e0da13d84ee1ac3cfa3d48d1f72d2b61f6d2f495c5a5966acb2976f487f1b24dba8565713dc71b9056326520546f540ade5f92","ssdeep":"192:CHuigeWca7MAyWUrqooxTlXShUiUeUhQnwbruqY2VGi8a2gB:eoxT0XHMETxY","tlshash":"0f12ec03f9e31684a2ab9198697bb3b87e7c405787059db97b90b3749f8a3c28131b54","first_seen":"2026-04-21T12:24:48.932327Z","last_seen":"2026-04-21T12:34:16.126816Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/pageBuilder/pageBuilderHeaderInfo.json?v=04/21/2026-12:07","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /pageBuilder/pageBuilderHeaderInfo.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=oyh1YyT3VJqygQM2yiTW.rqI.1Q_gxuRmLdGYmo_oE0-1776774222.6361077-1.0.1.1-BHqIks0PQEDRR5WN8RnB9a3AhpEgjvgFOLz.XQ5.N9jfXrDNDDRxeduwscSHa0o_7Jms_tbUJb8VWMuIHn5OJw8V58qdZcK4ATCo4BL1A1jVsn6x4vljLN6_Noc8Zb8M; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:42 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HLmh2XEh6OYRJjEwRnInWLf3KgFk6jFJEDCdbUV87IhDHexTQBDjXgxTtlgInWDr7cNlAEUDg3jlS0iOsDLdluGglNjGQFKAk%2B9lFMFubKhiSzP2ofom4l2KPO1IEcFf6duiSw%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-11b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c89fc3b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":283,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a073ab68d03cc285a2ea057683b697bd","sha1":"85214b84cecf1dcad366f847f29f079e47fa4f6b","sha256":"22f8711fa180f3491a16949412c0f771411db6102c183564c592ae3bcc59dac9","sha512":"526285a76199b4a6719d986101a3ebc29b0ba3457af765836b38ce24ec8170528f62c647e3b7acc85f323b23634f3ee1dd05032de06798ec969cd0c7c4dbcc1b","ssdeep":"","tlshash":"26d02b3aac00ed7473d4d413d29067802040a409d744485c9cdd9f6fd3ed3851091b57","first_seen":"2026-03-07T12:53:25.048544Z","last_seen":"2026-04-21T21:26:35.712663Z","times_seen":26,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/AppSettingsButton-VpAExZZO.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=D712pL_wOl96bNDT3ckyQSKg4Qjmr0tJMLfKQiN9bog-1776774135.2970243-1.0.1.1-6a4z95pqYZbAWdDJldKttekfVqR8xWqLy7Y1tZ.1HFebJko_Dp2M.ZVeSxOq.jd38dwkIFTB27GYFUzSvUjDoHknVR_ZqnF2SKTQ1Aax1kwdirRUJUUoZaVlSV73zP2J; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=py4uVjP6OnVG%2BFkzm4aJ7EyYNlNXwXMuok7LPIOfw69hNQVW7%2BlbhHyHPwspDC4KODTHZ2nFbaGBoGG6zG3mSGOxcqUst0ftCxJYhSz%2BM3MKLmWN7VlWeXGhJtXV%2Bhxf63%2BYwg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-181\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8add567131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-21T12:34:16.105722Z","times_seen":2,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-DiFR-VGp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=i7.AVmD4XvF0RmtIGBaHhYdZv_jwlUM3yFecgdX0s14-1776774223.2206354-1.0.1.1-a4xlmSCHFjDAUYMWoLBps8QiWTdIYPGTTzZqmMzIQ2dCTfmFqYGcVou4VLNTee5a6DkKO_h5kypKA2RSjJOf7SJn_Kqzt1Q3VBS6QgPpfNiSlg.2RWNSNR.tGCCow0nW; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=uTV3emlVcIMHjKVDT2V_R4tEx0cLlWDpvO7fGYkIaaw-1776774137.51365-1.0.1.1-QFtzkwoYS7d9S0HcU9fDqDtEV3ehaZEyk2idmWvFTMt1e8NQVEBs0frhjXvCRJzgV.OZB1vTikGO1Fi7I3Vcn7DD.i3ctr_s9CqMWm.Gp_axCQ57QYUg6SA1LgqKaZPl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pch1GqEFotSktUIZwjGh0gmc9duMW2cJ6K6WH1aiKqBlBuI9k6ROCnKFJBmcoOrljuJleg9IJ2w%2B02A7JFZ7Ip4%2FvpsJI0JFRnJ9%2BtU8Qoe504E8pM4%2Fp9%2BX6Uvq77jA%2B763Qw%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1679\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c904c067131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5753,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5752)","md5":"662484a9e667070db18823ff53b74cfc","sha1":"571d6d3704bba2b40e58651c46b5fb38bea0e5fd","sha256":"6cb2ea96a78963ca6aba1a9e89ea6b0be508e1faeedccacef2b9dbaa3574b63c","sha512":"b82e64eafd094f3830102431c8e6fb9d3c87c2374e52c2e0ec429979474e34ba0f9d800dce8bc58cebcaffe0290a66129fe19a904517a84ac49d0be8be979402","ssdeep":"96:jNfsm5Ty1jTATH913jmbw34aBlX2Z0FmWoeCtpi+3vieNMaxttM7zJ2d:jNUnjembw3Dj26FmheCt33aN1q","tlshash":"acc1650bf017f7fce8ac48b2416ed10e3b2d1ba9972141e4d0ad09281b6c855f769f9a","first_seen":"2026-04-21T12:24:48.937201Z","last_seen":"2026-04-21T12:34:16.138425Z","times_seen":2,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Medium.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Medium.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s1; __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 73924\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-120c4\"\r\nexpires: Tue, 21 Apr 2026 13:03:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1143\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=tm3qyE1VLDdP6HSFrCJ4Qqo8OxquHVrTDoeemuqjuio-1776774164.9168658-1.0.1.1-MPPaANhdLSqWIN_3SGsG8g4ak3R3Q8XldS7oVwvg6A4kbOixlcH.ceHfH.JfNaUTKYh8A.J_hhTnaVasKYYfouYNvL5_5bGFDTLoQVtGp6K.81_vvOc5_PTSOyFjokGl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZ64I5iWwDrcIjyOj6KCdnrKla87cU%2FQxmlYO2TRHp5XNoKyrze2SiRIzOGmmwu8B4yHsR%2Bn37bcaUUh4jM7CgXhmCp9dePf17HI%2F4BXcIbm%2FmDQVOE19b39Qgbj1PWF5RQi0A%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c915dc17131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":73924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73924, version 1.0","md5":"582c115c3f8f2e13a2c97e6826471c80","sha1":"822180738ed9ad4172d4e8354b81ecb2f7c46bd7","sha256":"9942fe6fe9ded7ab37fe4760990b57f5f43cebc438bf1bfe139c8b508acd424f","sha512":"03b3156c154922f4735e7b828d903c3400b320b352dda9ddb478786d8820fde8e9707cbc45c5e1282059994d65ead8e4987f249afb38534dab27ac59099c6f58","ssdeep":"1536:ckbrpZ5asBRVQFvoMJapYaiDKq4OevyyuZr47+uU76etJD5S1zYItyh+SlOUrfeZ:xHT5dBsRFuWKueK5r4SuU7DPS7yOUtRQ","tlshash":"a673025117a10b2ae42d1770187ebfd421af013ea2f6a2b0fbdc958f6d795bd0a74311","first_seen":"2026-04-05T07:31:10.885369Z","last_seen":"2026-04-21T21:26:35.607179Z","times_seen":15,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/notifications/whats_new?platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/notifications/whats_new?platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=IF_zC7z9wfwhW.5ldypTDfG_xFvTKoFW8.WcWL9D8ac-1776774224.0402815-1.0.1.1-Blba1ECpOxMgGCwVZLirZ2QRjdGNSxUd9jBl3s3K2r_utb2659YIAnf2WAx1OKl0nu2PPD4J8.4LfjLEc4ipWdbAcW2VBfZdNnaGt4sz7..5xQXlB54aeYx3TpW1fRSk; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pIdwO9rd9AbRyJDmr2tM5txQy4eH1pkINwW3CZga9WyYZJlOHIDpujZ5MZxD5%2FshRF6vMEe7%2BgZSyTTt7slztBx5LRI9ByzkoT0HZ7TqsICTS6EYC4ZyDuUTb07QMFewLqvmT3XgjBPS\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92ff917131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1780,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d3c54fbb58bdbc049cdb0511ebe72bfe","sha1":"952c530fa5e60d5e6f4092dca93e957ff475f0e4","sha256":"e937a0e69c3616d29c6b6d653f7b58c1dedced93f6c31b8c4c7edc0aa70af0e9","sha512":"dc0267bfc82cc2bb6c9c397203c45bf5c4515432a8fcd8f0c50bedaf985707d1c2ad0fa8bfc057e3e25bd40b82e41fc3d6b57ffa4ebfa26699345edfcb66571d","ssdeep":"","tlshash":"b8315335657d4f4c8f81178a9487f12ea40f035aec54fa34d658cb6690686b8d5331e9","first_seen":"2025-12-24T22:39:16.028828Z","last_seen":"2026-04-21T21:26:35.82421Z","times_seen":45,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321031.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.327Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321031.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BiQikUyv.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BiQikUyv.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:49 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6ATQ4B4x5PyUZ3SprfZD67VugeZhlru%2B%2Bi2f6HTuuiNE%2FessAo1c0eW3prDjlHQZu862xeLoqWH0hhaixlIW6FJRzs4bjKZuPqTYwpP3b%2BMUxi1y1whVlF%2FXzZqUe80xZQxRxQ%3D%3D\"}]}\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=j461VlTDN8isVo0UF2azpnbfCdALSfE8UthHF27tZwg-1776774099.6611502-1.0.1.1-5Uu643qPn6fX3Bg7hjYTi7qmRNolzILUmBlV7X_73TCNks8.MiXiLS6mGfcd0cJHeaYA2w0WKkISIORugT_9yJ9wYwJm24.Agz6aR928FFpvw741.GCYCxR2L7JL7opA; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-466b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8d57131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=8,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-21T12:34:16.243654Z","times_seen":2,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemStats-BXlmppzY.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItemStats-BXlmppzY.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=zjyMMAGyY1DSvjd5JGvHsHLD5gFrLVC6GbdJpTSDZ.I-1776773847.962208-1.0.1.1-MgRbWg5qLbxW38kVhXLpI7zyVvLAmV1WzZXsjoWqhSVXVIl020ELPnHzeEDM3I1iaEGVI3ARme6lC7BKe7Z33c4H83EIFROzlhoxCK9y_Lo.NoewNWQOtZ9LrWPVGhTn; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K1Nq%2Bh23kP1h8rJcD%2BJ1hKuhSlafxkOiw83b3fIPFyPAly5cBRNqWOM9JbZLz62CdVBq8nDySNdWG0EZLFxLwsQF6bNrP%2FRDonzzE70a0bhoWyxujy%2F%2FBGZAO40mqKc0Q58O9A%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-114d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b97131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":4429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3870)","md5":"5a6ad4919fb9e228ca0e1d839135878b","sha1":"7bc35eed27701315327f9b369ed74d92e7473911","sha256":"c88bc939f2174cf36b70cfef1f47432681161624ec76321a8f91aa62c701a279","sha512":"5ff28aaf23042d2f240d46fff8c7632a2b09356f3400d0093ad4651d1453d9be7abb4bde81f3c6a0f8176d866f13fb2964bf2d8b002ea6a7bc4aa0990102c9c9","ssdeep":"48:jOrkT/A1GF51Nf7/89lCgIGl5SLsK8vCK5Jx5fTYyx7XgxYzm9/L8umGus665LQj:j9A6Nf7/8jC6SoK8vCKfxay9iua8kQP","tlshash":"a791a69150745bad753d0cad659faa00205a072cee58caead5bd1f2e326c04e7337f74","first_seen":"2026-04-21T12:24:48.941466Z","last_seen":"2026-04-21T12:34:16.166516Z","times_seen":2,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoTopWinnersWidget-V5-R6cR2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoTopWinnersWidget-V5-R6cR2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=9_TxfJ1UbM_LVKPbLXTtrtAKe4GNr7IWj2XgLvjyDJE-1776774223.0844345-1.0.1.1-6lxfeGtNhrGcSzMtaUIpAzM5rfiouO.3jeNv.5PeNpdpWrf3weT4SiQsAwc0pCYa8NNwGNIgGFmkWQFE3K1Oi3Wbc7_PPnpnKqm8rDmrKaB2JowpY99xhi0LbRmNebfN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=eSj2z7YXDf0JLleTdhwAAUsF9xzHBZUeiyBOfPEGX1k-1776774137.9283988-1.0.1.1-BQiIuFmXkJpl8d.YLjdy.ZY1LnGT.AOaZNBAn2FRoZNz1BofMMpcCMWvch7PGJB29Mljf8873KyAJhhD6i2II1Yhr3ICkq9ugYvaYplGsLgkpmJu1LRUJ0ypClP9BzLZ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0KKvHFv4m2ctDrwhnlF3CyTIOGksO2g%2BST5r1plkwLsU6knLN2avatUQgVwRiUz1y0H%2Fy7BtRUIjjIhHeoTgC%2F%2BVCbnWLpBCjeHvYYsN4pR6x78%2Fkcm2I8OiOT314cQNjO3lQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a8e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c900b877131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2702,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2701)","md5":"bea6b670a780fc65e39f0a0ebe6e565b","sha1":"41e427cc4127c97ed09232444fdaf0767cf32b95","sha256":"d6412710f818cd5d46a5f268811a25c01b710078086407999b40d08d5b93d3ba","sha512":"b2bbb5298ed420d48e04efb70e13a2d4e70c19673629296ac53ec5f38fb93fb75bfa9af74cc76d93457a84df84464d452c5790bdee0bc9a0b9cde984d0b2e3ce","ssdeep":"","tlshash":"49513606d0008e7cc3578dd67c654019aaa50aabd5307fe0e5bc1a118f345cdb58e7ce","first_seen":"2026-04-21T12:24:48.88207Z","last_seen":"2026-04-21T12:34:16.125188Z","times_seen":2,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpotPools-KN1b5yYb.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-KN1b5yYb.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=4MV22HnsQn2DxxE9Im4OYPooMnWdGsdeQkr.7qhirvc-1776774223.1993089-1.0.1.1-pSrjxRdWSqaDCEPbutQCflCD0IfxTnvBsRDijlfZGSgIjerQ5DxLl3SgA9N8IpP6a2Xzv_Co937BnLOPYpw.b9vu8FBy4UEaLLtGhzr5cRcYLg.vOdukZZeRExg0CUc8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9s0mftMjxyB6kiJyDuvfrsrwhZHE9blSveJauwtOgqnrs1Ka7y8f8cvAavqb1kCmkAOso7EQsCgidO8aHH%2BuiCFgxlDLmuyzTrTD6y7U6QijP7NMR%2FGgsDhSLwnQ9LdreJxLaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3b7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92af4d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":951,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (950)","md5":"c7641e21acb04ca46b3240c69bc0e9e9","sha1":"15289450c67bbb58ad7ceeca1e758eeac307c743","sha256":"9dcbf02b33d6d52cd8b80aa0a37ef006775470184050e9385851111bb20f7803","sha512":"e51b1bfd88a1e4fa3545da0668d0c33e405af695569a3807a1783879002671e2fb0a84a2ee9c8eecb5679f1e92d6d97633d0eec6d61196508c734cd377c1b886","ssdeep":"","tlshash":"001121cb706fe2f8d59c18e180a4521e033c2f39f61092c0505c0b3897a1457f579bc2","first_seen":"2026-04-21T12:24:48.87158Z","last_seen":"2026-04-21T12:34:16.200726Z","times_seen":2,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/casino/partners/751/platforms/1/games/icons?ids=5000010,500008408,555575284,3300892,420019457,500008373,31050013,210039,806666,555571021,426636503,555574799,500008238,33012668,806666,806666,555573746,426636503,555573292,420032616","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games/icons?ids=5000010,500008408,555575284,3300892,420019457,500008373,31050013,210039,806666,555571021,426636503,555574799,500008238,33012668,806666,806666,555573746,426636503,555573292,420032616 HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_vbMvpzpC6NZhT_CLkGndSTN7xmEDLYeN3KXUISu7pA-1776774224.2803512-1.0.1.1-n2EcYhOHPShgaT_YIv8pB9qRjXQ5TxVYQkh0U_AjeQqm64kIm.arArFTC8I_MyIdqH9lvxyQEFp0_rVWb8V7luFC.SQIiF3WuNhAnQKXaxaA6qKvfk.dD9ekPqphNdRH; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kGrLhvfzCN34h26Uvw76mdxa5aGKzfzKM07shDfp0jCPFd2rTsqI87JRdTPrKYRjOxWPILtegkdUlBsBWU4Ra9Y%2FVUl8ekf1rkpSfbAea7yL11ne8p354pspI2FeSz864VSND8Xx06eP\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459677131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3946,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4a0f459ce391df115fdef877652235cf","sha1":"5e48088470deafe43ce2d1dce459e166312d193c","sha256":"d6548ad8a802dd124bafdab7d2ec445ef0a651b5b311a5f911e804a33e4dd0b6","sha512":"e287aa3ef2d50c523a9dde66d1173425b7f449c502d36546ccfdbc10fd4918f2e00e9395037619e716c31f44078f2d1427325032b52726b5e45b4152469cedc7","ssdeep":"","tlshash":"a58184231e18f7ab6b255940b4276d0ddcaa6bc09a42fbc00d67719f20f21e41e753e7","first_seen":"2026-04-21T12:24:48.943218Z","last_seen":"2026-04-21T12:24:48.943218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":379,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/49d657962ad82901d4c2dcfa1210bbc6_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/49d657962ad82901d4c2dcfa1210bbc6_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28746\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Fri, 24 May 2024 12:56:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"66508e73-704a\"\r\nexpires: Tue, 28 Apr 2026 11:02:29 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 4815\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:45 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SCID0TwbSMdGZT3TqyXr92kIxL9WaQVHiOTg%2BxQsSEQrn3QPlu3uQY8%2FOydc61M0yERB8GbmhDFX9fHTVymWX1svbLCxsz1PWK3FkvkuLfint0fnIb1IFUDdNSF5lRuXW3kZslqy5Tg%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c976c3f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28746,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d625311757b22ef12d6f6c9baca4c599","sha1":"178252135a6968c4e9a5149b06503c365d09ca08","sha256":"563d7d2acf42d671c309e9a9d4a438505bdb43f531e5d38181664221a084fee2","sha512":"a02af144c06face2d13ff6dd319a08c3eb11ee2e08cbb0ac5000c8179fd13d797dde66ba07363af6f80f782dfbf9b2eb47fa0f050f436bf7f6d3624ef2a5d490","ssdeep":"768:VyZjkTYIqhDWIuiIAgz8LKpeq1O6I18QKd4fiyuxgomGK:Vy9kUDDWPiIB8LKplBIGQKd4faWomp","tlshash":"01d2e193df9e064ed93f8f4339ac6bda72a63a648105b3658c1d9701fd7beb406c0909","first_seen":"2026-02-24T14:23:51.406196Z","last_seen":"2026-04-21T21:26:35.744206Z","times_seen":16,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/1410.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.720Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/1410.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/305/611400.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.371Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/305/611400.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/favicon.ico?version=1776758850673","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /favicon.ico?version=1776758850673 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=sNlA7QU5BxzNIwwnzdbEQ3hEFNTV60fo2XqamtE9Pog-1776774064.7361422-1.0.1.1-N7vQoNtkEYRLl897gPSONNiuBwt5DEe4HUlmXRHzJSWBzy1vFT6w1OKsPDvK1c7_TpKsX_VHfwN5QQYT4t1WNtHN6IiVXz0Wr0Z.zPF1wQ2AbmleiXa78BGBHJWU.dKQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 7019\r\nx-powered-by: Express\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=pfVHyiCxk9TY9T.1_DsWOr.u5jO2MhpcTnQd9SyTsSE-1776774132.7946563-1.0.1.1-WOz0FwFq67uxHJrWa86GCWr4So9dqB.phEO7CWevGj7R_9OEb3Evt3QJHAYaUbQ19NwJpPHh4ChqKLFqnjWtEoI_atqh0lAvQqfICsN9294tgccPnP27pUq3JQm0.sQ8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:12 GMT\r\nexpires: Tue, 21 Apr 2026 12:40:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8SJBA8cGncv0yFObHphl0BJNYljNxpWDhNLSI1gqlDgtaiiY07Y1ARScSx%2Fog8qoz3TzQ51MkvoNrA17Ha8C1oyQ7E3%2FUgGAaK5l5geQUkKHU9FnB9bi8CXzMzLPvK6InnqjFw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2518\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-1b67\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\ncf-ray: 9efc5c825a627131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7015,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"96a66de67adef28337580739eab71404","sha1":"2b93f9d9f5ccb809e454e812f9dfa7ce9ab02b0a","sha256":"1b029ff1969f7f867742ed30370ab8f76f58f3a00c102b51740cee61a5bae6ca","sha512":"efd763159644683e2aedb05be3a541cc4792938d3755e0b0a1e8850c6240e04c3ce03e465ac5160ebea03b7ba0e9a948bff584fb163ab1db1677453bcb13a7fc","ssdeep":"192:AA9risdBVS6QwidYsQ6ujzwAzxyKjuDqc:AA9pORYsKIAz0KjYqc","tlshash":"40e19fc31979540617e9f2df05c4386ab74ca88793a2a4f927b931343ff19cda613229","first_seen":"2025-12-24T22:39:15.963833Z","last_seen":"2026-04-21T21:26:35.600086Z","times_seen":71,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M3Y4A1QHP320%2FDLKYuPgf4LUL5kuvujPTY8hc7CkVlSeuovQtQgy7f4MEr%2FCX%2BBsFjqBxCsbDsGJyZPO1kTu51AQntD2NLpQMgOllnzH7P%2B9lQ%2FlbPRtpnJ3L1DZS9qhBFZsqA%3D%3D\"}]}\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=XnuQ4AV831qp.oll5exS2uDvwRBKL1DkfHHo3CMp_.Y-1776774099.8254232-1.0.1.1-cU7tNi.WRyyVNfgAbUYCUap78k4Tlf_iBgXhfyIbStbefXacKzH.INORdn_ThgwJJvJBghMaiSIDvRH.WJZVl0utdb8IX8QgJ9Yupx.23ZydiU99Bi_0uhLVo_zwaPai; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-b2\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8d27131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=4,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-21T12:34:16.341909Z","times_seen":2,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Odometer.Dtmtuu8d.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Odometer.Dtmtuu8d.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 13:10:48 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 689\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=hpAGE4p98NOjJP5yRmdwFAoa7pBSsa4Bw8cHQQIXflY-1776774137.6836786-1.0.1.1-fV1hWOYyhX7.gXuBHF29gd8hOE77FSN3vbyLfByhZ2BUrf0FvmmKv42A.HJ8W0koFYYqPexl3R4m.RsWIZFwhGUipaoxsj6WCAZvzVbkrFVYEM6lXINnjdpiuwX2M2TF; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTz1uw2vTqL7WJ5tKO6wfDnB24kimm2HowXDDa%2F2VcBhnA2rr%2FEEIC5AQZ0D3n933Hq2GWB732fO9NfTNLT8rkW9jfo6iNM8VtJL6OvXUq%2Fi%2F0V65K7zBBTlA46UR4QWahQDXw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-ac6\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c8f2d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2758,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2757)","md5":"e60bd0b6b84d162ff84ef731b11ed036","sha1":"09af532026627df2629f1a98a049ee8c50194631","sha256":"8d2a9d2617a60055e91c6b16f4cabd14851836edec7bf90fc8760e1d31a39df3","sha512":"a85638b5f89d49c50da5f9dc0cfaceec033c45f524a51bbf266fe9cf67f9ce63ef157745964b9ab7c1811f8e2f2d2c5d6348efebe6818d6fa5beb8291e36c725","ssdeep":"","tlshash":"2451e1154f910364633a7906b5c81b51bfece5415223c58e7329a447cf83db9e398e1b","first_seen":"2025-05-18T15:21:59.195484Z","last_seen":"2026-04-21T21:26:35.592534Z","times_seen":189,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipControlsNumpad-CAXDjwGA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad-CAXDjwGA.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=lYO4_p2WImTdQEqnN1ygbmflrhzT6c9CnvsbFX3lYLk-1776774224.2246802-1.0.1.1-rxpx.d1b8OnedIq72SgVJlRtN8FuLJV.HCFH3OV87j7DeWgIVxjvSl4y8_9ZGO.miAKTIUePPqS8fdrLguKczqr_FD4tYgN5IovVVpVLJQMo1D6yepVXjOOCBeRCQ3fv; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7yIWewYhNDDaBahI%2BwAvtLddP%2FZArYIPRNA14PNVlx9TEzSRbi%2FXryA8lWYMho%2FRKhDTGCeH71xdbRgfRcfjfYrEyNg09J9hPhgAMHlWXj923EOx2RaSJPzOXOzOYdkBFN%2BBIg%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a2f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94191a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2607,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2606)","md5":"afbb768c0fa9bbf5976fa3307a1fef58","sha1":"02db4f7af2328930f9a45486c6729248e4b0f88e","sha256":"890a2650543c557f657c8b7e22ffb5a358fe1e418ffd255f364d849d093bec97","sha512":"0a543d0f22bc3f173d758d569d31f97bda8de35bdacaaf0de6e1d5113695575a5de2117690cfe4cc9373ecd90c1d518823323f9b46aa526a2f9b5159336a57c4","ssdeep":"","tlshash":"5551dc51b001ab7de6778aceb53e0020b00f2ba8d66811d7e47dac64bf6966570436df","first_seen":"2026-04-21T12:24:48.913998Z","last_seen":"2026-04-21T12:34:16.119306Z","times_seen":2,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/6c9a077cb1453365a0f01b45648c6c4c_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/6c9a077cb1453365a0f01b45648c6c4c_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29468\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Fri, 06 Sep 2024 11:51:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"66daecbb-731c\"\r\nexpires: Tue, 28 Apr 2026 11:40:21 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 2380\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:02 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rY%2F7Ng0mRYJR5FLF9HVkn6%2BxqaN1hqwmdH3Bqz90BrPI9%2B3CYA7qTldd1TURA7zvxjn8LYf0MJjjiER0aiAcbg3WWzN06KwVDMCOFgtRAdxkHMmaC95yppjRJ19PfaUO6nAx%2Bh4yPJk%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c972bfd7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29468,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2ae874500f815dc02c1b0fe3d1288e81","sha1":"4b0df1e0f9fe91500f8d164143d505991cce9686","sha256":"a12e17db44c4381fa7cca6c64af9cd315dd0139300a8b001bcb96559ec4b8857","sha512":"f18a104ac5c3bcb268db6ab2c4cf041210f6eeb555f05105e52f0f42ad488bfbdfd4f4676c15e62e49b297c1736d1c36a3d9574ff67be8be5f20a3a9b6d7c299","ssdeep":"768:4oBQdPQ+RyOH//eCMwSnIHSk+WHB8yzGFaIkL7IEcF:vBQV7yDZznIHSkz8yKFaIS7IEcF","tlshash":"72d2f193806aac9e939de5a3c098d96b505dc111fccebd6187330654304ac627decf3d","first_seen":"2026-04-21T12:24:48.950392Z","last_seen":"2026-04-21T12:34:16.325803Z","times_seen":2,"resource_available":false,"data":null}},"time_used":843,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":776,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/6/12437.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.129Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/6/12437.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=VT0nRGKV3wK6YlaWZZIOpouGbfGpYsqex.bCjDAEEKc-1776774224.9643528-1.0.1.1-rrrve_FLeSRvqRQV_MO0.qjUgqoTwjwH8QfK2LwohrcVe_9zAYpddHYnVzFBj7gprIDAJz.0q6gTslLiTivRhLIDA4xglrnN1dhVNLGWcfLpdBD5MMu7F22RaGm.vcut; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Wed, 21 Jan 2026 08:14:20 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: J8ajF9t6IlT2U7tuuuuEWLpJqziHNggp\r\nserver: AmazonS3\r\ndate: Tue, 21 Apr 2026 12:22:32 GMT\r\ncache-control: public, max-age=120\r\netag: W/\"26d5c6e9eb5b8acc5d7f0a4acb0bb17d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 9SIOrqFSEZlAjvuB_LK0_EdyO8X5oJBB81f5_i_s1FlhaSftVPiMvg==\r\nage: 75\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":108916,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-04-21T21:26:35.819592Z","times_seen":34,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":77,"dns":58,"connect":2,"send":0,"wait":23,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:39.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9efc5c79af88783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-22T11:07:44.006028Z","times_seen":46087,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":27,"dns":20,"connect":1,"send":0,"wait":8,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UImAF54wNRuo5sbEQ%2FOVX3bNpLnatUcLJOTR6HwW2GYfwR%2Bmzsd1RXk5tbWepVtowI%2BKxiqHhoF%2FoXE11LdWEgKzDtXNrwtlCgeItyuOLqriAVKnlbUBNHn5zLZid%2BEDJFJZ8ckoG3TY\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c8a2f49b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2821,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ed84599d293d187c97aa6f88754332ce","sha1":"f950f5294b5fa13bd1c3950e5cb28b1a2ee241fc","sha256":"599500c94c302ac02594dd87a6652eb51a9f45042f0fc5fc2bd2f3935f8fab81","sha512":"d94fbe4938b707b2595582d942cfd27ada4874b5be459851f77dc5371f705af81eada3ddc170697813c2657a8404f1303b8777279f716eef4ebe08fdce284cd7","ssdeep":"","tlshash":"71514f3646b21421436710683babf31ab23ad2433689e9447edd93005f85f68d9b3bde","first_seen":"2026-02-24T14:23:51.260409Z","last_seen":"2026-04-21T21:26:35.779688Z","times_seen":34,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":41,"dns":22,"connect":1,"send":0,"wait":201,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoWinners.D6wkh6MK.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoWinners.D6wkh6MK.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-1737\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PoRkHE.ggCGsyRbXsSx.DO_yr_6n4Z0nMTIyGKTdvBg-1776774223.066636-1.0.1.1-Fp.KnjMSBdoRJjsFULszfXvbcnQ1apYk_yuSllDbBqNE54fdweEAU0NXiyl_YQ.9zcY6OHx1KaCwnNKWlch9W_G2sAUXfqRLAfxvn8DDpG08sqIpXPUdbZq0YIGw9UHd; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m3v8t5RawFf1TK5ykEPnGNnjJD7%2FHStdpafQxHEEquv46vyZXTmLAXEv9p8LlHvJ%2F%2FQTW7JJhlb%2BoGw9V23Lm4hjy6VVpE9j0KlYETiV60WvWYf4FaKCZU6zddGJewDHcMjnlg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8caf4a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":5943,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5942)","md5":"4fed55af4cda2614fb46b15dd85952a6","sha1":"ed43ab46820bed88680ab9d5e889d9eaf10eccfa","sha256":"f77f3d4a79a0ed579bbc51093ca6df8895e4cd1798ba890143fea4686b3d94ec","sha512":"92f32d01ab9bcffe13f7972d6dbbff390185c62389fd388bf62f8439a676944116475998648f1194b2458831b54a84ee7d46067d3d323f99844ffb5e38564040","ssdeep":"96:dNC/PAiELUuMyH/KEwlyUUYm6wl6llLlDlulNAGBc1h8FtmlTFtHjWeBwlEXkqWb:q/PAiELPxqyk4FcVFlBkqWAc","tlshash":"c7c13243564a2b7ab3f7ca872520435c79195c9ecb232b48ada81129c3b36df11387bc","first_seen":"2026-04-10T06:10:39.526453Z","last_seen":"2026-04-21T21:26:35.561384Z","times_seen":13,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":334,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpot-Ds_Uh2fF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoJackpot-Ds_Uh2fF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=VVOy8j6GUZuCj9ZUg8qY7oYAAOWVna0POssjBEoWtSI-1776774223.2152967-1.0.1.1-B3GFOBDAMquNKnlZWVugYAELBvtZZowHXTgHqT07viz2R8AdU944IeQBx_CqvVErRJmrL7.vYxPM40Ic93sTWfZP1sZsfELIA_Y2a0CATtO5LP_qa4zViBwokGWz0b.t; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lSZghig3BfUVoVk%2B5LMx0stq%2BXe3o2GdAKAAstquiBC20JLSWkDtsxP2ZWinIAtTSLViYBIF0l2uhO%2BAkrUKYW2sMJNEsLCZ9SUlBeSRf3i80KUZhDVphWSVtGyHi%2F%2BSWwH6OQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3804\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d78447131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":14340,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14339)","md5":"ff69e8053cd08055491d54c9ffa17e5c","sha1":"b76c9c65be8dd666f8f4f164fdfe63db082dc96a","sha256":"937659cac0398acc7c77d5122d0718f21e212b18abc83b97368c1b33a9778d86","sha512":"03f409de70b47e6514a62a18e389e49c8c7debea7dd8b9775f4b952f47baeb052d679194229e951ffe90b444b7f651bed4137dba273a109ebea1a30a40e2d512","ssdeep":"384:lwm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKx29TQP8FJdr:lwmB7CEGOpyts/U27dr","tlshash":"3c525c04f012f7edb8a954f7487ee0687a5e1aa9c71809b8d1bd6c313d2c455760bbac","first_seen":"2026-04-21T12:24:48.955014Z","last_seen":"2026-04-21T12:34:16.160409Z","times_seen":2,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup__platform-l0sNRNKZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SportsGroup__platform-l0sNRNKZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 1\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-1\"\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=p0G0gNM3JfWLEklcYdtBgEAKKPWwamDw8a61U37smRY-1776773847.9402764-1.0.1.1-dkYAqpvCGRFJ8kO_qtQi_dugtgdqTwF8ibqkb1jN7yNDqhyVfbiSnznjsLcH2s.BjPv_P_7_anh1LtNeir5zunLvqeyqEvGGsf4MSZl7F_z4omPduEI.qshqRTvKRI2S; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4icbAc4Ofhies6W01bKrpicpjMqnY2oBvKZQe2shXd1sGXVwTi4JvDAkwGpnt62zYZIl8ZbCnIlcvu5MmXccFY2qNZ2t6ohHmyRnlHXLuC5mWy39HxL3ymTQwM2HJ0hHSoJmHA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8dc8b57131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T11:06:44.477856Z","times_seen":191454,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org/sealassets/32e0c8788ba9aa29481edd40c7a06d26-galabet.winwingames.io-486c6ced63392226b7bb98bcb3a47c5e200f727c81d94d94704379de531211a4683f102c172d4031615d4a731a036011-c2VhbC5wbmc%3D?status=valid","fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","domain":"anjcdn.org","tld":"org"},"ip":{"addr":"52.84.50.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:43.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anjcdn.org","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E8:BB:D8:6E:0B:96:2F:6B:79:F4:51:03:9E:0B:82:DF:B3:89:F2:61","sha256":"FF:12:4C:5C:69:6A:A0:75:A5:73:2B:7B:4D:C8:C5:4D:08:45:4A:89:9C:9B:40:21:53:78:BB:ED:95:B5:55:19"}}},"request":{"raw":"GET /sealassets/32e0c8788ba9aa29481edd40c7a06d26-galabet.winwingames.io-486c6ced63392226b7bb98bcb3a47c5e200f727c81d94d94704379de531211a4683f102c172d4031615d4a731a036011-c2VhbC5wbmc%3D?status=valid HTTP/1.1\r\nHost: 02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 8352\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncf-ray: 9efc5c933d1dd40e-FRA\r\ncache-control: max-age=1200\r\netag: W/\"20a0-0CMsEHK7JUfLiNPEcRMRtiLOq+U\"\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 f3eb7b5e20267dea293dbfae056ecd62.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: SAfysHv_hUBr_gvGDR2Pr7HpzNxB3gbBbrkDxotbncqRmTP2wScfzA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8352,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"d6c01103a32e013ebab7d848f09e6889","sha1":"d0232c1072bb2547cb88d3c4711311b622ceabe5","sha256":"e3b866fb93581c0c64e990b95e617e0917486a36de53984eb3677de891800bed","sha512":"c047df683fc00b984fc8e049467cd8610ea2e9f37fd1f3601ccc28bb766909d20ad8e69006f67fa6293f90e42b27ac94f9b8188656b11e527038480c57830f68","ssdeep":"192:y4+zqjii0IkqqqVV6eafN22bGhKWyZ3IHYga7b5yhoRW4at//j:KqWi0/qqqL6Lc2bGhTsOYga7omo4eT","tlshash":"cc02af8277eeed828412257c76e5e316c3679b49f635405d3382cacb6f94215cc5b182","first_seen":"2026-04-06T18:37:56.60452Z","last_seen":"2026-04-21T12:34:16.313182Z","times_seen":12,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":132,"dns":111,"connect":1,"send":0,"wait":61,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/3b6c45adc9c8a79b3a63a6895f0d90f6_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/3b6c45adc9c8a79b3a63a6895f0d90f6_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34004\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Mon, 28 Apr 2025 10:18:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"680f560c-84d4\"\r\nexpires: Tue, 28 Apr 2026 12:23:44 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=S6Me27LWMEihcgchXw4CSbtlROaWjKAODPNquvP.mWc-1776774224.7997353-1.0.1.1-ed8zl7psiHSFTAa.JkKzcLe1ifl3P7v4Yxm2gNMu2MQJuks7aKoHqQfOugZZzq8TBmSRN8DTPZHj4hnhdNpHo4RchIjFjMoYuZJUTG8A_ODYJe_bDMO37B5yOjO1s7U4; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JO16EugnnVjojEXZ%2B5rkHRy7azmzU20Qit3F%2B7eWKuWB8k%2BF4TWa7sz3Z%2FeWpQTlsWK%2BoItfwbwh%2FuG1Db4E8MwSv0xRS2IxqfqfwSWVvFyFSylXDhpabP6jnQUpigBki8Z4KojM16E%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c975c317131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34004,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5bea529d0a030e1aa075d45977c25fe5","sha1":"facfc12b0244e32f5c6f5135b4eed0cc5e194435","sha256":"33fddf52dc22cad83cddf3c49afd36d2e1c73f62270c9deca08183b74f810ec2","sha512":"60d1f9ded3a4b43686d68f0d4cce69992398f183ecdc55a5895f9fd1caa445495b8cb45a9133c33a67f0f3add7c17bbf64a1ff1ace9054d981543b760ea02983","ssdeep":"768:YepUENB1cuCL2yGmz8aKuStCipDQxi2BAmhjZu6G:/pUQgvyu8aPi2Or6G","tlshash":"e9e2f1a2671fe9596d209e6fb0db0e84d26d432d2079f61f2fd8983e10f542c6b64d13","first_seen":"2025-11-03T04:12:48.440174Z","last_seen":"2026-04-21T12:24:48.959412Z","times_seen":6,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/if-defined-CWaLTnLW.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=SJ_0w6qtJoB4L4FMFb6_i_B0bYvI9DIIaw6WE6qz8sk-1776774133.7366178-1.0.1.1-rzG2ii8wI4evm6toUMpP3sW43sgPGLqC9WVV1YxbKCxDWQfr60ZNa0BZKLyBdv.mV2LJ7xT2VeIo6UVJsNstaqti_9sw4PLqaDr3VHV6lXilXc2_tWkHKGxl8LQfctD2; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PF59ArzOLXPk9L5aT5xtVz88bAHhz%2FJ8sLBPQGKkHV4Zo3qpTWLYwrICJCUnZZ5OuPIYmP8UiCtAarH1ys9HkQve3UB3ZyUSNMxSVn54yUiX78kaUlCqz1m9I3ikhQkTbVqLYw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-cff9\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c891b477131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-21T21:26:35.697782Z","times_seen":581,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Tooltip-BxyEk8_4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Tooltip-BxyEk8_4.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=DLdeBwTUiUwoCZpnbW5WCnRYyPN3gGuvNAxclJHRsbA-1776774223.2225864-1.0.1.1-BlAp.QCAFTPhX5EfIISH4Y_bCEabiIeCzvMkGkRvaYRHBIMHAiv363e9TfrAmOEqK0FTc1UB2IO8LbgzUhpz3HCuxTprUPPpocmJ.ifTuz2yVY6wj3.jvkQrF..xrNar; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RpjnwNINfHZgADNG1Iy3jWA9OoY1eNxATFbQeVUapvUru8qYsfp62Y7o0ifveZOA798Ir2Ickw2fLaiC675fUF9tWObfMudkX6MnHOT1luxHzhWjnd2fBQG6Nfn0DYkTxr92rg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-333\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d78477131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":819,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (818)","md5":"1bc8d21796179e001b4a17878a32af96","sha1":"09ad98308811505e38b2708695aa4637a517b411","sha256":"abce98c3d30f7ae4c36377777ebc8f059710382987c75131d66ee1b1f6e69428","sha512":"a8edddb8ed281a34f1b29f3d4f75e6252f85f350f26c5888d420b7e86b3a9dd54b6ac77afd8884e9b6334bd49bb7758fe0af8131e4d3c90b5ffc8e6f6b37f487","ssdeep":"","tlshash":"a001ce46e022fbf8e276549a142d866d72632a6c7e2f59f16038018e0aa4984d317b8a","first_seen":"2026-04-21T12:24:48.930431Z","last_seen":"2026-04-21T12:34:16.135215Z","times_seen":2,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/casino/partners/751/platforms/1/games?category=28\u0026limit=12","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?category=28\u0026limit=12 HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=zh0XytjZGIKUV3OlVgDJWevQQn7YFVUcFuRPXbIe14Q-1776774223.3485584-1.0.1.1-xsLpfv68uEKigORtNKAJ5huopAy9gCo8.kaBO4.gQtebaTC4yofXlp065OLHrl.rYbz7uSPKd.qk2Kx48XtyPa1gnUeunv.mON_E_uqr8QfK9Cy_AL.kOVCDQtiKN1eP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gt7I%2FTZKPF3HwM8DiRZ1rmHBpVSN2OwPpqQ070K7v%2FJHthkd34NxeMtOAdSU1lo20wVKGj%2FjecKQ3XLnDP7l%2FyLu3bXmQKPP5kok2dqZKGJJyPIzy0xeTZUsZfHdBxVc9Yxub9UH5ECE\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8e797f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":6313,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"81cef0fcfc9f6204c1bb9618e43e337a","sha1":"6c823bea85f709522723fd581fb49eb1a3e48a38","sha256":"dd800e67b8cb4c4f0320a5c7ea5d407ea614f7103a5bcb6bbf9e676e6b6c42ef","sha512":"3a5bedd1c3459c50a22a0ec947b7b64f891b992b17f10baba4e1fc596f70d5cfac80ef377d5078d606cb19de1066b1ee2d8c74b997077e061525695765982e43","ssdeep":"192:EpSpFvUQpFCPXXpFC9iqnhhFCdaFCF/FZOBUBupFCOgSqn9NXp4t5qnkLe4/g2/G:UGt0Z0jTkoUtRf8fG","tlshash":"bed1f0894924fadfbb5a0948b4423c4cd97e13c2778d7d50cd968a5f60da0e512336ef","first_seen":"2026-04-21T12:24:48.963566Z","last_seen":"2026-04-21T12:34:16.311826Z","times_seen":2,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Bold.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Bold.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s1; __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 74184\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-121c8\"\r\nexpires: Tue, 21 Apr 2026 12:57:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1587\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=jOSMujVL4Xpn5REiWZHfcxCRpP3k0URtCiYR4nztqW8-1776774222.6458628-1.0.1.1-7oUElbEnNi0CSHITv0t7KU0f9UWiZ7B0O6evd221hcgAGhBO0sPfioWFMyENDuJD_wP1KiGxay8IPUUhH3V9SUNYV3Q7jpjGkdWg7GqwV.O4it8yQC_xk727k84FYl1s; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7dX%2FWHJMc9aBG3t73SxexdnPv248VBjRQwORBgEUuZbUBnP3TMThyF0nceGTidALv4BmrgDT9mz%2Ff4a%2F9ApHlUfEfznqhzzzQj3T4PKpZVNO2DlSdFJNqAwfhC9m%2BPHyHvZH%2Fw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c914dba7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":74184,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 74184, version 1.0","md5":"b270a087c3e5691e8dcd9c65c47146d8","sha1":"eca2667e8e4bde8fcfb4f7bf60bbb173b253f012","sha256":"a263682614bc107fe67de6eed6bd2e02a7225cba494c307732bb237bd5fe2e5e","sha512":"7377ab397d9ad4f74c194429c95372d83899fdb831cc2d63b80d84898be9b14e6b43889470ac2b5ef017989e5ab1d3d24b74dd461c9781c83e14dc9ad37b7b67","ssdeep":"1536:0VL7PKKoeF5SBEVL8FqoDceu/+6ab00LtFbsCbE7pr:IL7PZnqvasb0EtFbc71","tlshash":"3a73017c44e03055ecfded5b329f20a3ca3863e258d59e88fe79099d1cb6bb8118b449","first_seen":"2026-04-05T07:31:10.868394Z","last_seen":"2026-04-21T21:26:35.589187Z","times_seen":17,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/5e98bbc54163e0ef8c8ab3f363be8653_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/5e98bbc54163e0ef8c8ab3f363be8653_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30710\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Thu, 25 May 2023 11:23:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"646f451d-77f6\"\r\nexpires: Tue, 28 Apr 2026 09:33:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 10236\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=zBdwipgyEvPSvTzIxHH_bqE81pICukAIeDkxKRzq1Is-1776774224.79194-1.0.1.1-g_RCj2jb.0AMAQmNfIz6QGkiDL0cy7RdqBVrIo406Xv7TRRyWc07GENP9Y9BoZFoI5KWig0kFE74ClkkFSubl0DwwvqzH.wsYoQFZE9.J.Rpimi0YVoClwjFRtjRmn5c; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X2HjPIJRqEuvIamRDI3sJGsNSfOm913HSL04hSsN9MgPHu0rc4Dvx8IJqGVDtRGJbBZ2F7DRn0TN%2F5iuNFLQmz6jt4qZIhdZSKxLAVaquCvA%2FIJSH4cyzCyThjK7rAptbFZ7IaOdnSo%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c975c2f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":30710,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b941916979d8ca60bff55a95caf75f62","sha1":"d3c2b8ccc34c5de67ce5757f7a626ba5ccdb20c1","sha256":"c9311451eb434fb362fb5229ff187f9fa0c1c7fe33703a9edd3231d82967dbba","sha512":"d9872686e59df982a618a17e94b5618bb0845b0ad08f2aef65513fc1e024ca3fe965080e009034aa60e2d2fb654f539ccabd8c45a7ee996b226061403069ee19","ssdeep":"768:fQYg8M9IAOW/U5e75TbX6oSWtV2prGWOzd19945Bqf:fQH8OIAOqU525TbrSgVaFc199Df","tlshash":"abd2e12f28f51ef707b1425361ad1b56e9ef48bd8460f972bee7ca8380b18127514973","first_seen":"2026-04-21T12:24:48.966539Z","last_seen":"2026-04-21T12:24:48.966539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/13/26367.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.744Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/13/26367.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/payments.json?v=04/21/2026-12:07","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /payments.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=sNlA7QU5BxzNIwwnzdbEQ3hEFNTV60fo2XqamtE9Pog-1776774064.7361422-1.0.1.1-N7vQoNtkEYRLl897gPSONNiuBwt5DEe4HUlmXRHzJSWBzy1vFT6w1OKsPDvK1c7_TpKsX_VHfwN5QQYT4t1WNtHN6IiVXz0Wr0Z.zPF1wQ2AbmleiXa78BGBHJWU.dKQ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nexpires: Tue, 21 Apr 2026 13:21:04 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i4GQM2vkXah7%2FrdWZXLDKrwM6yD4zYkSZrpKJCPD46FGhRsK22itghQsbXXPpVejIC9y8d817%2FpKYdxh%2F3v4809U%2Fvx18KhpCuKvWZ0NnP8qypXrW8fm80VgzR0Zu4A4VX2WEg%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=cuHaplGeVPOS4Ymdu0h1CTOiqeDVHI.8lvFn_BhMFe0-1776774064.9243116-1.0.1.1-OU4ZxwjpAX.t9oE_DLenjpwa_qzSlMjDoD229CZ3rKWHwdD.fOYgCr1.RqsL1NT4HSF3PFzbDR9FUMvpPUOJhq17ycTZDzGOXwz0DSn_m8A78byoChRreQtJefvFKoxB; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:04 GMT\r\netag: W/\"69e7308d-d73a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c80d8f77131-OSL\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=3,cfOrigin;dur=35, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":54873,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73149a14eaeb1a44ea42662a26fd150a","sha1":"aba78ce79126b27efed404b5936ed27c3fa136c1","sha256":"3242d4e113a7adb9789a9e6c70f798a51a4192434aa9d2d635bfa2005e23b94e","sha512":"b66b6d586fd969b97d6aecf7bf30f8edb7d3e01cfc187c3c99da0350dfbdabd9c85cacf6f0a1ea0733c8fbf17a905f4505b6a0c06cf5227b9967382d0e4991f0","ssdeep":"384:UCAp9w6i3DFhwDtX6rN4PgTxzqAbIe6JyE3VQH6Vc6Jck16EW416XKkUWvK6+i2G:09JBJaR3sh3A7","tlshash":"c73362c4241b8cfe8fd5b3c075ffd10b715a62468aacf989c1a9ce350bc9a1aaf41574","first_seen":"2026-04-21T12:24:48.968924Z","last_seen":"2026-04-21T12:34:16.272278Z","times_seen":2,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveChatAdviser-Bp3CTXDT.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=HP6Low8vjNN2srHybCyr7v4aKMWEz4mTWv5cQSQQsTo-1776774134.1296082-1.0.1.1-5cqoaBvGW.flPB9MF3Erii.nsrKatU9Lkl9OS3Sm0oRXMacLosuZDHqXFZrMq_qRBydPr91bSP8NYIdcOYNdbkQ9rFW8XKPmCi1wkmgPGd18LfAdHB3yEgXCwUdby5Rx; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fqwzTcKY5KJxYInaOEOf92aQcYZKArOdOXQTZo008cefU8ofHjzTE%2BLadaxfs%2Fm5FHKwpK7E22i3oqe338LSVg22dfcIdtBgolukDMjDWj7dr%2FA%2F0Xt7XtULw%2Fagpedwd3jZ2w%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-35e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0db37131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-21T12:34:16.229612Z","times_seen":2,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipControlsNumpad.P1RjW1Db.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad.P1RjW1Db.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 13:10:48 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 689\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=hPq1cTDP7bdD7FxNo30Ezbunb8cegs6XDb1zkeXZfAI-1776774137.806886-1.0.1.1-vEYOEt1zTzzc9aBmVEW_Q_7KrNNtqfdojVH_VR4FtC8kqsR4vXQ8O6KzBA6Rpc6WtSIltW.mmJK2pGe3flijDF7kQXnxqEIfrZQpYWdbI75roxrPj.ljti6iBf..lj8L; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a4OGwqtAXw2bhDXvGyVKffcZWolu3pC9EH6H6ER7u0g4MJz3ETWOhNV5q472u%2BaD5ZEiJJl0W7%2BMUATYyoNvEXlb6X8R48uik4eBNoUbPtYkA48BnryFR5CUPOuTSdM67CYpQw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-b81\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8cbf577131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2945,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2944)","md5":"f1b06021c6f0e7bca8cfa1a372a6acf2","sha1":"c8ec376a610de93a1bc0da1db1e48d87e8597746","sha256":"66c8d53991bd2e654604955300c09184c5cfba652b64e32ef5a0ef144b31513b","sha512":"dea5e4674c6542bf855c9002e9a233c47d991f684499475fbe9dced9db249eb7ae5fefd52c4e94d3314c3e245301a3fded1242629efd9053af2b8a6b6dd025b5","ssdeep":"","tlshash":"82519ca3d804223ca732a78e82e1c3cd71259a8add11336f787192b187d31da356643f","first_seen":"2026-02-22T15:45:37.931001Z","last_seen":"2026-04-21T12:34:16.194518Z","times_seen":22,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/getLiveGameAdditionalInfo-Bn5y1a93.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-Bn5y1a93.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=5NdtND.hIrWHTP0laSqzpfXR6XUQLjRJ6kgdzzcfdsc-1776774223.261618-1.0.1.1-o_9hvD2CKXlcXZH_a77Ql2e77DRknnBdgz8XFIE.BKL1zcmtBDMvFCGD9jVXcvFtyuPEKmDjAFiGj5zxaCWn1h0LD.UBH7zE72kVPOI.mTHb0qgnskOVa_AL6H0YBksO; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PPpDVb9%2Bp8eTeTT3wseTRhhyAI7q%2BCAkV%2BL3NGAzbZOppL%2FXQ8hIDK9%2FZztL2uurgAXnqvw%2Fm%2BqvAFRFUext8DHgwnGTGKn2Mt3zvPpbIeLmTPpQoJwHR6Rre4sV3Gw4itZdHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-47e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d987b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8b743c5d72844c3db6164a2a1f684358","sha1":"e2b4e8733e2d176b5e0f2b2b3189221f475c421b","sha256":"dfa7b4b99866043001b4c7d477256cedac63f2e95dcf2308cde374d13111915f","sha512":"d78cfc2f29330f3f33bfcac2be9a20e7b9a0b56054ac138d2642499694c9a8db4595fba66f2a20cf63ffc93129110474f6c7926dcc35dc20fe332f78cee67654","ssdeep":"","tlshash":"e82114b6606e92bfb5da4d945ab01b31a2b5ba09394445ccbb3cc9091977484a7e203a","first_seen":"2026-04-21T12:24:48.897175Z","last_seen":"2026-04-21T12:34:16.199809Z","times_seen":2,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListCompetition-CDufXTne.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListCompetition-CDufXTne.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=j2z00nTqg.Jx5eaYm.G0OTvsWcxvWFLO_CnQwqkF6pE-1776774138.337623-1.0.1.1-VNApNNcF1NuerZCxHdVnYSAkGGN_bX_6_ZXf3Pk6BFQD6dbnJr7DUvy12aNGoMg1hipwAKTq5dw1NOsd45owyEF16J.wR99AYsiLKryar9oIdHbaEbYfvx8KnozJqDhT; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qsN%2F6PYMzugFBhx8Dl7qWu3Gzw2F7GuaUO0EPPVNyCDd7TIOd8F%2B7JXDt3lDHJgX3ElZ%2F2Ai1a5zConY0AANHeGWnKhk42dRcyL5M72LuxjtAhjrL0azSrAmiDPc7TB1BZifRQ%3D%3D\"}]}\r\nage: 717\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8bf7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":167,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"cece9291e7e9a4b3d0ef3ba4b6ef0c46","sha1":"63e5889fce2617a81f38546d664e3f7fc63ed119","sha256":"8decca4ccfb6045463a8d709a6b02a8fe5b190a5b9ff71da64faa9fddce8c399","sha512":"c3b4296a20d2ecdd0e4efa985b818d53dc390004dfec6b01cd759209798a2a80a50812d4189be2a0e93fb197808dbd948128a1dcd6f9c52d36b006b40593e3a2","ssdeep":"","tlshash":"96c08c0684659bf9a91719e28b69a4421132853efaf48ad0c07486158e34aaae40ee9e","first_seen":"2026-04-21T12:24:48.975891Z","last_seen":"2026-04-21T12:34:16.098038Z","times_seen":2,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesContent-Dih0wve2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-Dih0wve2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:00 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:19 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2kBQp2PTIPfO6tpHW6TYOQ7Xit8ZTlmUj486P2J%2Fpvazic4xeKMXDVVI0yOffXvp7SXSFPfnQynKxqYXcnve2QFKFk28sO4kPasY1TwXEaOfBVr4IkImALJtvzOAc2kpnmN%2Bvg%3D%3D\"}]}\r\nage: 340\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c53\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f1a507131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1734)","md5":"908b6f08461acca2709ec911c51197d7","sha1":"888cf903783b8dd923aad19acd1eb664291a7891","sha256":"0f950782f65e4b79ef1b137414bdf3b8ecc50182087346bcbb50663d509c7077","sha512":"191364915a5ca76736f37b7c6b11eb165567184fb9e5a3e84eec324e41c7f32687ef026ccf2f82159e37549795a72c5508dd6d1234f5f4498e131f70ba17b33b","ssdeep":"","tlshash":"d651761101009fedba9eadd92e5bc1a054f6078c6155c62ead785f7e302da407137ff9","first_seen":"2026-04-21T12:24:48.915813Z","last_seen":"2026-04-21T12:34:16.09431Z","times_seen":2,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events.eu1.segmentapis.com/v1/p","fqdn":"events.eu1.segmentapis.com","domain":"segmentapis.com","tld":"com"},"ip":{"addr":"52.49.34.99","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events.eu1.segmentapis.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 09 Apr 2026 00:00:00 GMT","end":"Fri, 23 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"80:2B:0A:D0:B3:DA:FC:06:F9:B7:DB:A5:75:3A:61:13:22:30:63:C4","sha256":"D3:09:11:A4:26:13:76:07:B4:FC:A0:69:DF:1D:DE:76:68:04:AB:C2:81:30:80:5F:DF:9D:75:7B:BE:35:D9:7B"}}},"request":{"raw":"POST /v1/p HTTP/1.1\r\nHost: events.eu1.segmentapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nContent-Type: text/plain\r\nContent-Length: 844\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:47 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\naccess-control-allow-origin: https://m.galabet1069.co\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"90749a50019a27e1f32cebdbaa7a1bc1","sha1":"8329e3339f928f8591024bb0f938dab99c0ad4b8","sha256":"12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254","sha512":"b3959e671f729eda8aba59886df18c60ed5a768a3357dc09b29069b0da9c9fad7073d0072dc47f3ecfdc945351fe82ad3b653dd5d79d01096e5ae8bb42af2bcc","ssdeep":"","tlshash":"b8700022000000b200a0b0020028a802a8a08c0880820028c00a000a8a022802082008","first_seen":"2023-04-06T01:58:03Z","last_seen":"2026-04-22T11:47:51.168079Z","times_seen":6145,"resource_available":false,"data":null}},"time_used":1008,"timings":{"blocked":487,"dns":14,"connect":32,"send":0,"wait":33,"receive":0,"ssl":439},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/lodash-CeISZwwN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/lodash-CeISZwwN.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=2VTlBkm7PNdSnhYNtQji8rb3yWbNr.fJ.nD0WwXuRPQ-1776774052.2182107-1.0.1.1-.DlkYm8z2CbEmWkHQD7tegpGHOJGAcG67W4HJx7AGvjqJGQuFn_M4OdYFWYuOs13b7Ay3rClF0IyyaFDSqZPaXnYf688OqvaTTljDOP4FT6w49lphtHt.e_4fZj.Da5G\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1eOlxSTHbECCDRamqe%2FNnSUUUrOD%2B1%2BGCqJST%2FyzFjLFeSBFxxZIAB3nMv4iNsiI9p7JUB2XjoKkrgiVH2X73EvIf1ysSPSJe4FVdHByIXnAfbN9gc4Ch0%2F3iGHk6nJK07BJhg%3D%3D\"}]}\r\nage: 3371\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ajiDgLFFSTB.3nuqkN63mlgzyFb6DD4p8733xc8DDw4-1776774052.1608555-1.0.1.1-L5NhFwov8EzUVUxWcTCNzRL0veX53iUqUd6MLFOOcxu_qtW9uRkPtcPkyuBQ0B8nVONp5qTu0yGf1Mq5.8SkRIw4U4Gt_cQpT1nJLX_h5LINjTXQs.F80_a3iBeOEWQf; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:52 GMT\r\netag: W/\"69e73090-284e5\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7c5c7e7131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165093,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35092)","md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-21T12:34:16.221964Z","times_seen":2,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/seo/page?platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/seo/page?platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=yt52QFs_jY0gOC86SUr6UpJPlkleC_v2cCw_tt4hJEw-1776774222.730421-1.0.1.1-Px2BvFUIN5wgNWgF06VLxlWNOveMKyJz9CMM2ZtS1EOZwLrMjDkSGB4.kUX0hN3XqZdPx2Letp_b3_I2Wj8GPb_GGvtK.eQy5iaQwa5qj.VQWpr8x0TwrjChMAsfY5bb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YQgq4%2BIhYcoYRtNkio4FgtXJKscb9ufjI0pyy4he8gPY1XyXaxgxP7YBI50TR74jV43exmYJSpf1Dtj4jRDGOwVdmO8OUAbuPg7hPGpSM3KSHsZpWeCTRBTjAQLHawsznTKCqDkP9UAU\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8a9f9c56b9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7671,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c3cb355e0745f8d403e214af1595e2e","sha1":"ed786d0ae61ad6adce28150c04a932c4e9bcd6da","sha256":"2b7c48aafa192476fcb639519893f40c28c1de98bd5e66b84769edc55b047be2","sha512":"1c1840626aba24469d43e66cef0893e9627c25afee6ab6a955e6cebf21946e2cf3514c9587cae3c5815a3b7b5ceabdb18cde0fc4b6d5cc52e798e14c7c456b62","ssdeep":"96:E2K/6TXWpoS1kKXplSunUVtRQl8bqOHEyj7fuSE3Ytvkeu5Jbrt:E1yTXENDplfnUtQyDjJE3ovy7bJ","tlshash":"76f10f0e37962d9f038a5fca29564d3c4fd55386fe41a91c8d63ce1e2bcd278d22ae01","first_seen":"2025-12-24T22:39:16.082152Z","last_seen":"2026-04-21T21:26:35.674354Z","times_seen":46,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalNavigationListItem-CWrC71fV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-CWrC71fV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=Wc0EIkouoaBwfwp1NmVcN_mK3rEh4hCKSV_IvYFU8ZU-1776774223.2691822-1.0.1.1-R0u6ZLjMVHRa7lp2.RbZwrKMds_04GW59pmsxhD7IpPbrNrmp6TKFhU11xWRI3HUvrxOE6TL5Gb9IH__p539AFixgd9vRQJkJK8WHahttq5McKtro7MQB2ANwBSkf46P; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BAixg8x2Yr49CkDvJVZWxro21Jvr7tdEDgBboOQlDzp%2BekLKD%2BxlpUG3gB7K2kiqeP7oL2ZxNVRA28fGpOj7xXATHAF8Qf7OQ6zQduk%2F98xTkZxN3ZSr4Sj2WvmNPVdALLLzlw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-343\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d987a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (834)","md5":"af8a8f32218fa186710b4c346897f119","sha1":"28bdcb466974248e4fdad615090d10e8178db51a","sha256":"94c5a4406442328428ce239ae79e35a17048122e28695857983f126a1c4f142d","sha512":"cfca7922b2bf931f048f826ddfa2513986322801af3eaf667dfb09f7f1629865b81e5cf5f5af9e7aa672f10d478ddef3c080777fbb71f236f224c8bd4da23073","ssdeep":"","tlshash":"0301ce16f004dbbc9a2b48dc9b4e1045b2964affdf382cf1a4f4a0011a384467947fcd","first_seen":"2026-04-21T12:24:48.981785Z","last_seen":"2026-04-21T12:34:16.144211Z","times_seen":2,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/emptyWinner-PXmwQszX.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/emptyWinner-PXmwQszX.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/CasinoTopWinnersWidget-V5-R6cR2.js\r\nCookie: SERVERID=s1; __cf_bm=uTV3emlVcIMHjKVDT2V_R4tEx0cLlWDpvO7fGYkIaaw-1776774137.51365-1.0.1.1-QFtzkwoYS7d9S0HcU9fDqDtEV3ehaZEyk2idmWvFTMt1e8NQVEBs0frhjXvCRJzgV.OZB1vTikGO1Fi7I3Vcn7DD.i3ctr_s9CqMWm.Gp_axCQ57QYUg6SA1LgqKaZPl; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=zTjpp4IkHTTYBP0XmqPgLj98iBIrS88N160Dyig_7gw-1776774137.9366505-1.0.1.1-xba9FfAstryzJGnqlyJReHrODm.ZlYpacUZqsU8sH95XAzVjYkPkWSy06N74..k7aXjkyUrl6lwe4cftGrqck5lnHgxJy374QfYv3gfaadcsaQLmeRFrvLBrf3_hB8sP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6jMZQMLz2iRSVHyI2sxT3cZ5kxtMvOVO3%2FUKuwD5zebxJ9ObpiL16dYxARhp%2BPc9ZQOCAx7Ck7noZIhDEZo8CjbGc6q2RH1bswj14opWiDfr2v02m%2FDwft%2FRpwKbgaBCPPmKg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-6fa\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c91ae1b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1786,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1785)","md5":"e7e53d51c28710db55691300fa2905f4","sha1":"dd413489d8bf278a48bc6521e87157a84e7e8dab","sha256":"44943d7e927e35967acc3b28435781510ed8e16677eba481751b4692aa89c4cc","sha512":"e05ff8bea0d2d4cf48ce9966eeb265197be37022741dd901b20d945410c8af7a7ad7a8e13b22a42b3a8662a735cc29d7568b56c44f5c7c876af36969be108d90","ssdeep":"","tlshash":"1231878f9141c934b7630c9695d9d6c4cf142787aa34fed083a80faac576109c65cb8e","first_seen":"2026-04-21T12:24:48.983719Z","last_seen":"2026-04-21T12:34:16.231557Z","times_seen":2,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/1055.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.728Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/1055.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/686/1373691.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.268Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/686/1373691.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fm.galabet1069.co%2Ftr%2F","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fm.galabet1069.co%2Ftr%2F HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:47 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08831f20b51241edfb697e3965057706; expires=Wed, 21 Apr 2027 12:23:47 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9efc5ca77c7156c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-04-22T10:36:58.132093Z","times_seen":97920,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":176,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6444.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.185Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6444.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SwipeableContainer-X9GPeX0n.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SwipeableContainer-X9GPeX0n.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=.Qf1qOZhClfv5TYFFiTUx8SUScVfHaMj5abv_ADc.ZU-1776773847.969326-1.0.1.1-r22Hv0t.BT7K.czJK7Vnp5vmog5J0DJ6ff0VWCCzxO4rIkZ_izPt5xoQQrVOro9oji6Q_lkxCIxGAX8UgU4xQ6Bqg8fJ3sPtpnBldDRqBmw74SMpktKojw5o1iwWfs_H; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ou3%2BnPVmjl5ue02ByVgM%2BDBAkIfNADzcdeG0q1Y2sPyLTxMe7GRnKBB07BrgN3wk2mflAbfv%2B%2BMtsPXPeIwEkytU9y2Cgq%2Fsyf%2Bje1o0qT4xnej%2Fm9PPvCrYZp8sOCR3%2BJTmSg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-74a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b87131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1865)","md5":"256cf910e286cf87d48005f99e79550f","sha1":"10ca9c0a456f565d7bed48eec780a225518d4554","sha256":"90a8f7a1c77844b10286a533a15e2917a6604d76bce574d27e972b178fc7a35c","sha512":"cc85a7c142d992f8b4943d85cb539c22165fad970cfd28dc0c0e6d10cebbd964c371c7102a76ac09bec8b209cc533a85158c9785e4ae8639be6efbaebb24a65b","ssdeep":"","tlshash":"b9318746d03aea74f623045a92998468b77b73a0f60909e4b07c4d28d73529df30efc7","first_seen":"2026-04-21T12:24:48.98619Z","last_seen":"2026-04-21T12:34:16.129957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpot-Ds_Uh2fF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoJackpot-Ds_Uh2fF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=VVOy8j6GUZuCj9ZUg8qY7oYAAOWVna0POssjBEoWtSI-1776774223.2152967-1.0.1.1-B3GFOBDAMquNKnlZWVugYAELBvtZZowHXTgHqT07viz2R8AdU944IeQBx_CqvVErRJmrL7.vYxPM40Ic93sTWfZP1sZsfELIA_Y2a0CATtO5LP_qa4zViBwokGWz0b.t; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lSZghig3BfUVoVk%2B5LMx0stq%2BXe3o2GdAKAAstquiBC20JLSWkDtsxP2ZWinIAtTSLViYBIF0l2uhO%2BAkrUKYW2sMJNEsLCZ9SUlBeSRf3i80KUZhDVphWSVtGyHi%2F%2BSWwH6OQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3804\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92af487131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":14340,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14339)","md5":"ff69e8053cd08055491d54c9ffa17e5c","sha1":"b76c9c65be8dd666f8f4f164fdfe63db082dc96a","sha256":"937659cac0398acc7c77d5122d0718f21e212b18abc83b97368c1b33a9778d86","sha512":"03f409de70b47e6514a62a18e389e49c8c7debea7dd8b9775f4b952f47baeb052d679194229e951ffe90b444b7f651bed4137dba273a109ebea1a30a40e2d512","ssdeep":"384:lwm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKx29TQP8FJdr:lwmB7CEGOpyts/U27dr","tlshash":"3c525c04f012f7edb8a954f7487ee0687a5e1aa9c71809b8d1bd6c313d2c455760bbac","first_seen":"2026-04-21T12:24:48.955014Z","last_seen":"2026-04-21T12:34:16.160409Z","times_seen":2,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/998.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.732Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/998.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=_M_Y3VtxWNFy07vXHDqr58i1mXZ7c.RsjS8LKHMnV7A-1776774059.906792-1.0.1.1-LKIEzfqra33Kc2v5bcF8jyP4hVTscgDNiakAwXkO8t7GLNvrfxqn3yYDxnGQp_fAzSjfD_czggbAbuoeFJl0ULHimi.yekfzptjlOU0ws4LOTskd9U8B6HOumF8xeqF6; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6446.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.179Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6446.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=p933nrU5ma4369FwqUOZxG6APrN_ffw0VsFaMNnPAKg-1776774220.7228756-1.0.1.1-i0_DysgHUX3J31OufeIIl2ElrlTn845X2I1uHUXepSH6x.Y43pm8j1GakcN6yGca_hsYMop7freASlavti9tGDW5y0dMOP1OeLM.vIdwy2lj2bfoZHXshimUiiq2khox; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:40 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IBEvOXHOPBAjViPS2cmJmbUGnQ69mOiftt3T52JCITCV6CYFmTT00Cg6u%2FG5PQ8MzZ6Ln4xTIdlNETc5gMLihTEAxRgXTtAAmNAKJgNlyPKjzugZTU8Qtj%2BteXoktDdes9Ppdw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-6c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7e4e867131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4ee89984d6fb4aad941e7cf6cc639d8b","sha1":"acba0d60920c61a2499c425d0fa8d6fcd06b53e1","sha256":"adc12bf71cfc37b9889de5d878c36ef74224dd986fcbec05656adb2d12016e22","sha512":"998b96b1f3fd723a177521a6a54616931aa2e0fce8dc23940f0fa573b14a711d210dc1dccc67e69db74abd89413badacfb21edfc081f3fbcb642c1a20ca98b9e","ssdeep":"","tlshash":"95b092885a6dc80033c0e08822856b04f304f1ce8ea7025e201701a88af0b268ae080e","first_seen":"2026-03-21T17:26:39.627607Z","last_seen":"2026-04-21T21:26:35.704309Z","times_seen":23,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-Bt6bZ8ts.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=WnHp.BEBYtqEHfyF14htLHNR9d9_aWVKje2lV1y8WBM-1776774134.1249044-1.0.1.1-pJd6_oW8Vc5v6UduIaKhPf.GVbTRIGJhWmuzTnlaJR6BvDZY6ZaC6Q92AIUqX7KE5sXi8gn1_NQIKLa5SQ_cyKT6JT8mGgiTSlht8k3ohSgAijO83sO6x0p.55gUpaSy; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AHTDEcnWhDv4BUrkKw3XZRsfWyuS07Ml19TvK6M79mFXVD8KCixLooDMvhlWRSokB1kBc9132VHcsdo5w2URNVrfJ347lJeMJ%2Bt1GpzlN0IrQXRzVxJHJcqVDPBMCpnMxGRq%2FQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1ab\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8add527131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-21T12:34:16.230276Z","times_seen":2,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C2pyJjPN.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/DataspotTracking-BNSAxMZE.js\r\nCookie: SERVERID=s2; __cf_bm=SJ_0w6qtJoB4L4FMFb6_i_B0bYvI9DIIaw6WE6qz8sk-1776774133.7366178-1.0.1.1-rzG2ii8wI4evm6toUMpP3sW43sgPGLqC9WVV1YxbKCxDWQfr60ZNa0BZKLyBdv.mV2LJ7xT2VeIo6UVJsNstaqti_9sw4PLqaDr3VHV6lXilXc2_tWkHKGxl8LQfctD2; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=r.WzE1ZDtUNEuWiWDQy5jPRaL.qDi_lRXanfty_MIM8-1776774135.6849077-1.0.1.1-NQTbMEkFrjGLoMq0tPYIi7tGsu.g9zFpLc.iG.rryXl5y9Ra1zSKu3W2m9m55BGr1SuQbfjYqQG4mZ6O2E5KlVLG4j4y1yOMEz5hDoQIMh0clphYw6m3RnyRb6tqtE4.; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2B1VGDBeweHYzFNQifUzXwUz2q1dW692axzIXNdfsPZuelJEke3qGcDdoAKHkou5E3Z8njC8m6FMtffZiBSXZ%2Bw7EPTsJYrPin2e2WSVrVodmctyZZX5KnU%2BX1BxnhpeytylhQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-e7d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c6eef7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3708)","md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-21T12:34:16.221159Z","times_seen":2,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/userJWE-CerqSAJV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/userJWE-CerqSAJV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FastTrackTracking-C80GL_Ah.js\r\nCookie: SERVERID=s1; __cf_bm=N391VH8h4Xqe6N4hTszWyPesiBeXIZ3kikAz14NMZq4-1776774222.7873437-1.0.1.1-T122zkE3KccEEuTFrkQNJsluPnoMOGlSDHEtvCMUEhkF2Nxraq6RrGzlQUW9shzFYGH.nw5LnHSaSeg8k3q_uKVLeWN4HV6p.3htClLeudL3SByYroGc6K8tM2yTAJu8; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=syYJLpLI5Ud4YO4ujwvYTQY.roQf2fcD4mzSFv5f5_w-1776774134.1972067-1.0.1.1-jOj5Ie..Tn6jbuzxum7qifPBTi2AlKBX9Jc3ZyXnCfhrugB2CuIvzAWXf_2xSxIQl1oPAHxLMkNPPiVi7TsVAqMnks4d17FfD.LpSU3MJ5g0j6sMqWkcPL139PbYt6zX; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IJRDrh6mpaC16PSKdrxc8jFNXm8cGUH%2BYsVOPaKiOY2KfqKmrG9FyHfjEtAdHS0n0V3LzTfcjLeFZTL5by1ZMBxl87WpAGoZH%2B8ykRgcEx6t6w3Ls%2BiOM%2FTk6dhQIxI0tMZXgw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c1\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8ec9d97131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-21T12:34:16.233362Z","times_seen":2,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm.galabet1069.co%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__qpadtvim3c","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm.galabet1069.co%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__qpadtvim3c HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://m.galabet1069.co/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://m.galabet1069.co/\r\ncontent-length: 392\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":392,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (392), with no line terminators","md5":"d1eeaa4d9b0db78c0eabbbe5d2dc3eb2","sha1":"eb210a5ccde7a1a9e3aa08c745da81192f271be8","sha256":"ddbf4db830a60653c4bd5aaf48c81882d96b438c4c314309add2230c1a4c57e1","sha512":"9c1083c4dec7946a6e7c06d69cc40579d66295bb135e502aa65ed45bf827183d165ed8ed7e62b0230450e22d505222e4a3ed6f4bb14bfefe5555ee9d6780ff65","ssdeep":"","tlshash":"e1e068a7a15266b5abc8e3be94046a037d300aa7210996bdb4aa1240562f7de721454b","first_seen":"2026-04-21T12:24:48.992062Z","last_seen":"2026-04-21T12:24:48.992062Z","times_seen":1,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/5634185bd1ac1a7d3377419b485f803d_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/5634185bd1ac1a7d3377419b485f803d_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/6e7e34fba1109dc601e2399e8b687c43_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/6e7e34fba1109dc601e2399e8b687c43_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36548\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2024 11:56:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"66e96e62-8ec4\"\r\nexpires: Sat, 25 Apr 2026 07:13:04 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 277782\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZC1ZYqufoBqMOpC28UDoCFnJhSXXqRsEMwkSmi9hjjh8KuaHt%2FcqbcIHU%2BUeUWP9te1TiLcNLR00kJDOv4pmDjsPbdhA17u6w4K%2FHlnHHz9Ue51q51De%2FhqoJjHYDUtudy341JhCrKM%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c976c3b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":36548,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f2a7b9ddc903d992c4e1cd085e3691db","sha1":"6e7b3fff627f67044f21637d3c8ab237938513bc","sha256":"5686a8e597f49452347e087cdfb95e5c6647662b99983ef39563eefe66086e25","sha512":"34860aa7628bb324e7c1a57c537b3604a6ad475c174ba94ea5489479d96769320ffac9ce6161f2dd289e3e617ee0b85be71d2fe1cd06d0606eff340caa183061","ssdeep":"768:vM4Jmz0uTGV3a3lwH2YtNwlEWdVzHaV0zZ+apxi/PEtrG:Ke3ablEeBaVcoQ0/PoG","tlshash":"56f2f2ee07233fa6871cf137d6c38c3bc9d88e4bd186c9666ce14150c5216d867e5b98","first_seen":"2024-10-06T09:18:54.173516Z","last_seen":"2026-04-21T12:24:48.99372Z","times_seen":9,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.30btcoservice.com/?type=json","fqdn":"geoapi.30btcoservice.com","domain":"30btcoservice.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"30btcoservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 09:12:29 GMT","end":"Wed, 24 Jun 2026 10:12:27 GMT"},"fingerprint":{"sha1":"B9:1F:75:76:BC:B9:7B:E9:F6:0F:E1:CF:47:1E:70:58:3D:CE:72:DA","sha256":"98:10:14:28:C2:C0:43:49:EF:BB:28:85:FD:58:58:F1:2F:F9:10:20:89:24:83:E2:40:E7:73:03:FC:A4:08:D4"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.30btcoservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ugl9x8qC7TWU%2F01VDsAta7jd7PD8Br5N23pdiUcUsmsie2eSDedJw5ELns7yvr5QCzvYe9BAwzUeMohp8aF%2BVTRPMjlDNvyoQcZddJGgW5AXQBTLd82%2FfU982wOKcs4oEbGmbAvhMs5CjOk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=zBz1up5bHvWUNXQmB6_GQxKtSeSYZKd5nqTVYyReZD0-1776774221.3805327-1.0.1.1-Sgayy3c6WzUW25Ipu0wHj306ri_mcORI4QuH2Ag4W_ssEUv1uwmW_hmhgXqutePNfCaCSkVRroQ32cGE_57Sw2H7ytXW2diWs96goFf9BBA53ogaeEiz7uPu6Olfkk8r; HttpOnly; Secure; Path=/; Domain=30btcoservice.com; Expires=Tue, 21 Apr 2026 12:53:41 GMT\r\ncontent-encoding: br\r\ncf-ray: 9efc5c839b985690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-04-21T21:26:35.620659Z","times_seen":130,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/UnavailableMarketEvent-CYfp4pDc.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-CYfp4pDc.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=kvIZRibgwLKPa1QUYf1KghZYyA0gzu0OnMnkBR_sDQs-1776773846.9953792-1.0.1.1-rkeS85UjqnR8AejH0hVqJpWB064zjebCWAj8IOWir86_vuwLmCWH.DGAmuXig6PHS_XgbN96q79AaYQFxIqb.mlcuuH4CPd51DQvjCvhzJ.L7akDLxxsZGUWkyoKBrmb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bZPWgGKaJGMeq1mkD9Ief%2FuZE3wAO1EWLXaWG0gNSYa%2BuIn55w5Hm2XKTWFPODx9uU5oACOPm5makKSzAWksuojso4g0%2BOS%2FNOpX7rdwM8OSztOnTSe1UggIF0byiXLgBiI7QA%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-134\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8da8867131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"301b968db5a1b6c70ef45f96a70caee7","sha1":"af0ad681fa2065e8e6fc3de5be1bb8bda7c32aae","sha256":"ccc3b33c3b33fb19d13f76b0790ee81c1ff29d5aca03f7a0093e100de40fa405","sha512":"244dbca0ebc897e9105bf0be8f0d97267cf9ec27d0d0d3313109bfdf2892c75bbc7031a49e17dfb6d251c76ffd8e9dbabd80f3d8821c3ea4aab452f28fdf7845","ssdeep":"","tlshash":"6ee086096104bbfad5261cc8ce3a4b49511206a5c7a949d395a910281b34265350ae9a","first_seen":"2026-04-21T12:24:48.997389Z","last_seen":"2026-04-21T12:34:16.137485Z","times_seen":2,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup__platform-l0sNRNKZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SportsGroup__platform-l0sNRNKZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 1\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-1\"\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=jWuZn6Guh3HiP.xSveZCcSZARcUTQ6FLqUuFrYyf43k-1776774224.2728612-1.0.1.1-Q5DjHSH8DX1Takk25PbmtflBm9FCJJdm6yajbC8Cw1KnNRqDEhmQM__eyjLwntz6A2ijjKX25gWCQouFft1CxlPXp59Z.RjUjr1MWyPqc3v2UI8wjFg0hIoq3CytqtLs; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r5rXf%2BCz7N8jUkQy7bDSvzNDIe0X7ACYoar2dApRzehyNumxu%2BU94gA01yLHg%2FDfOM5ZF7v%2B8ypedL5b7p0N%2BdNett0kBPmd2n%2BOMQHv23jM%2FmuR6hC4R785QxM5h1IkIp6HKw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c9459537131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T11:06:44.477856Z","times_seen":191454,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.30btcoservice.com/?type=json","fqdn":"geoapi.30btcoservice.com","domain":"30btcoservice.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"30btcoservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 09:12:29 GMT","end":"Wed, 24 Jun 2026 10:12:27 GMT"},"fingerprint":{"sha1":"B9:1F:75:76:BC:B9:7B:E9:F6:0F:E1:CF:47:1E:70:58:3D:CE:72:DA","sha256":"98:10:14:28:C2:C0:43:49:EF:BB:28:85:FD:58:58:F1:2F:F9:10:20:89:24:83:E2:40:E7:73:03:FC:A4:08:D4"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.30btcoservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zezEKMTpy%2BlH5Zm4UhMCkqhca86IM1qOErJrvggIRiEhVtqIweCpWaHQItaVEWVrV32IMEbqD7GqtTsp%2FtqKUAD1eWX5pNmHdPFD6fgrBg%2Bp85H8ontG1KJ%2FKGKo8kfBJl9tujZG1e5kHz8%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=JQ9DH3aMvGFxjbFCyDbZTMT1xlmXOzFYt3.3nvFjmN0-1776774221.1194239-1.0.1.1-Fue7mmg3MTK6iRakzpaFqPMtvpqL1BUdGQ_EByVEA3wqaiZWjLWrP_gSttaus3fAss0W6rrOhc84lijX7FsWJpYAw6NZUcKrwlX9BGWegfzyM6iFgnKVFAVqgntxufZR; HttpOnly; Secure; Path=/; Domain=30btcoservice.com; Expires=Tue, 21 Apr 2026 12:53:41 GMT\r\ncontent-encoding: br\r\ncf-ray: 9efc5c81f9ad5690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-04-21T21:26:35.620659Z","times_seen":130,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":82,"dns":63,"connect":1,"send":0,"wait":89,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FeaturedGames.BqGfbibX.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FeaturedGames.BqGfbibX.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-1baa\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=9.xt0UCUDMTICbyII0PF0zhBGjHmLuOHTT13ULcGlWo-1776774223.028384-1.0.1.1-aYurXcL36DzYGW62_pg_nuPoqT9nmfnd8nwZACy.u2zqGPzPhw.1UIm6xVqBJY.roxx2syASXv1hfzadUXG1xcAeJjRudEKkOk6otRh61BAaMdW2SJQoU4ZVHDUMUQ9I; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KMKp1TA6zUJfxNhOj2L1CpXW8OSBasVg8AK670X4lyhhQ2%2FTnEtm%2F8tPIRMjsAqGO%2FNwDi%2FVHGttc5O8aOEBwVdLtmplAK69T%2FZ4%2B4X34xBva0u3V0%2F7UwaZCeRjTp27%2FbHmOQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8caf4d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7081)","md5":"b9d344659eda7f84d59b2ca785922590","sha1":"5276c97b70f3ac831be147bd9d3184eb8532a2dc","sha256":"e89b502316316e94643e2b764cf5688400f9359a0dce35ddb32f4d1b6025e20c","sha512":"56e9d6058b85b8fd878993b2ee6e6ed7f5acfe624e013631471f889e36f34543c3ec77987f452bd46ec2e5c5d93266f4e01a5f80662867760c46463fe4c7235d","ssdeep":"192:TYFnOFceEDvCElpcFpgZFcV3r90CCkPaifKLwp2xA:sFnOFceGrcFp+FcVRWg","tlshash":"cee13115710e3a387a23a1ff26905b8ef4dac0f1de2a2d3ea490272bcad63560535d58","first_seen":"2026-01-23T19:25:36.430155Z","last_seen":"2026-04-21T21:26:35.568598Z","times_seen":347,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-Cld990TR.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=i7.AVmD4XvF0RmtIGBaHhYdZv_jwlUM3yFecgdX0s14-1776774223.2206354-1.0.1.1-a4xlmSCHFjDAUYMWoLBps8QiWTdIYPGTTzZqmMzIQ2dCTfmFqYGcVou4VLNTee5a6DkKO_h5kypKA2RSjJOf7SJn_Kqzt1Q3VBS6QgPpfNiSlg.2RWNSNR.tGCCow0nW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C4%2BwbH7hCWMWA5rzFZrWJ0AapXVludHZE9Re11wYF6o0%2FVjpp%2FIvb9%2FHQN%2FcQwOJasQaOx4PwHFmoWRgQrO%2BujCxD2O6jWWvnzNhon8q3FDwWnq%2B6rqB451lrBjdKyIYafjO3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-84e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d88667131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2125)","md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-21T12:34:16.195822Z","times_seen":2,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=iwp8HEaN80qorXE.B20Dtp720RNRc9kL_sIUxmiVpHA-1776774223.4362319-1.0.1.1-weU6Ll3XCQ5S.fUA5wb8sL_gurJn_LwkRKovQ3_NmfKuEZ79pnN4657p63SEsuK_tLcm9ec2t1BeFfmEz_QZfq5dpu7LHKYEOpqcwkfZBjButNHza.UpvTHBEGtr85t5; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wOk5h6oviL%2FQ9GFu4uEvP%2F4xffu4SnmstIPYZ2uob1OzKEkL%2BRAFKbwwte0AxmhAKvjXSREK7ChWrF1WdzheW5gZILAr0WqgO6sOd0gSpUmiYUBnSWNA%2FeQRlPCO4NapbolACyY0jyYc\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f0a3d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":442,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3e688eff611505361213be34e03b40f1","sha1":"819cb38ef8ac173a73a015f95f6e875a368625b4","sha256":"3f40ad62d5db7c753770467c8ccfad7a322f33446bfe89ec18c43bdb0fd0efb8","sha512":"268f8d8f367836aae34fae8f783b8469be428d259ca31124818b93abd120b6a1d5409fe75b00d4643fb29f852144d6bbd47acd7cb39b96bbb56e8a9a10ccd073","ssdeep":"","tlshash":"19f0dc36972ed92067504290c04f343a185e028cde00ee6c999dc37048e8379e1220a9","first_seen":"2026-04-21T12:24:49.002765Z","last_seen":"2026-04-21T21:26:35.808196Z","times_seen":5,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/gameDataProcessing-DhO6G1u-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/gameDataProcessing-DhO6G1u-.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=zTjpp4IkHTTYBP0XmqPgLj98iBIrS88N160Dyig_7gw-1776774137.9366505-1.0.1.1-xba9FfAstryzJGnqlyJReHrODm.ZlYpacUZqsU8sH95XAzVjYkPkWSy06N74..k7aXjkyUrl6lwe4cftGrqck5lnHgxJy374QfYv3gfaadcsaQLmeRFrvLBrf3_hB8sP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=rQow36hCQYLS_OTMueW9rubAUxSyzor4e6bVK8SqV3I-1776774223.1925576-1.0.1.1-BD._J3gI4TMPqna.eii4yUGmitbYZi29JBEAu.dfJCkAQVp7V6llqi_tyrE9_SgMgSDVcZNZAGvbz338AGpoP_BZsFNgK3WG.LZuCCKgpysfxZsgSRs5XYeJ3RfDYpcM; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a366EZDtNry3SBHX6Y2m5LqhT959tnC7gA8O9kjHxK1yorgiTlA%2B1ps2STpmI5tJjRjBxuSjG4Ur15V%2BuCxbaVj3QIoR0rYhcr7pS5HNhqTWRBpDGxStH6l6uI5kPf5vHj1iaQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-436a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c928f027131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"7d92add8b657e8ffc36532ff4e0b20c4","sha1":"ea6fa4217eca2597ce402372cf1a9c46d02f8258","sha256":"0f58f99cedf29a7eb280f7965407701e051623228442c7c65cdd239fa5697536","sha512":"01c712a4594347b2506e51f0ae0703c892fbc95b5577941162783a1351f62d19c10663715fae7ffe17a3903efe1bbe02ec93a7704db0071e323e7654d0357c42","ssdeep":"384:9wphrrZxhxlVz12awqhvTXDsB4Pzenac0aoK4A1n1:9CptXDe8Q5X1n1","tlshash":"a572750b8a024c12c97e4639c0ae15f1b9781b32e8b8cdd11a555c7afb5fa5b31e1738","first_seen":"2026-04-21T12:24:49.004569Z","last_seen":"2026-04-21T12:34:16.187578Z","times_seen":2,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup-B_tOjaA7.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SportsGroup-B_tOjaA7.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K2TcpzYkjgIGIterKYcePIpUUDFPvjqz2nEUocqse0RmG1YzqlE0RMuRYXsHmNDNQPi4zt%2BaMlvFG6hmbB3%2BbLfswIRbvYl%2Fp2JSbJp3NaR9NAgHuzyPre6XK8If%2BOhYLPPCKQ%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-27f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94594c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (638)","md5":"b503b50fa0f771bc1dd1b8be6de93220","sha1":"af0d2d427f35c4fd11d6ccc32ad58fa113c84590","sha256":"753f8c285d79eeab5cf0a8feff56252e7dc57beb58b9bb0670c242b4e9b0fe91","sha512":"41d1a4f85c75421df1a00af94c477cf11967be5e8f48985ee33639765106afe7688246d7d358bd5a876eff97606ef43cc58284437662f7c33794bc2ecd9807a8","ssdeep":"","tlshash":"8ff07d04e034ebbcd53b09c1969e0418305e0a74eaae09e3d0fd193aba780d57a4efdd","first_seen":"2026-04-21T12:24:49.006572Z","last_seen":"2026-04-21T12:34:16.147229Z","times_seen":2,"resource_available":true,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/firebase-messaging-sw.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:39.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /firebase-messaging-sw.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=3bmOIYJYLzBqaFCFwGqsU9e6SV3PHeyPmPlNvzGKibo-1776774219.4293203-1.0.1.1-SvNAkjcQDYLBSydzU3mzE7UECzJtlbIANr1geDEu3ve9p8leLkUUvkFYIPUUnd.GvuGN_iEmg_pXaXPW31HMj8x_vxdF8lDgttQVLSkmpdTFOpLc1YyAkCrpCBKHDOjW\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nexpires: Tue, 21 Apr 2026 12:53:10 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YQ07DBLpYBWWhtFQC%2BsvBDmqqgFJG4Xikoif%2FdnhlF4zRTNhrqoXYlNALCn1gZN%2BXLAzn1Cwfy8f%2B1gqmQOPZAUjxvIkHEBGlK0HkI4E9lskapmDKtXbfJVnmtwRKQAiEvXNeQ%3D%3D\"}]}\r\nage: 1662\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gOSSlKd9QYPCtXfif9_x8fzkH9D8yiIzQC29ivHxUM4-1776774052.08095-1.0.1.1-qLFhihKiO.KbvY0Bv2ZrpZJTfTA.ZVlYZNDxkjoCui26d11tdQpFZsGaRpjT9IjmKlqGxg6nhqff7DWUQq8IR0u8_U4fa4JVllK1gQKNWSy6m9Vg4cfhQMkqRUlun38I; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:52 GMT\r\netag: W/\"69e7308d-465\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7979c37131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=5,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-04-21T21:26:35.827176Z","times_seen":53,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/localConf.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /localConf.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=yE8AKYd57qSYdwc1dmAM.yEMOXntcRELIoJcaIrWvOE-1776774220.7653875-1.0.1.1-vX3c7CDM17lJ0n5GsEg1lfPxTFCg7I7RwPqC148ZIliX0nBF2raiupQa8nV5tYKwJb6MWEAywlu7wx3L7.rbHJFgRLHlI7bc.L1XLv5v0IKWP7t1HTQAEOCaDSlV6ZvJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:40 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SG1XrhnqsIoYh3l4JlSEWp70N41ZHLh5XdxGxcFPdZdV1%2BirfTZcPOB2OWF5rVgEjHEDnOFhJTPM%2BdY8wzWMqBc2Ad153HVB2eZtBeJLoScQhbY5RzOdqM4OA%2FHhHf7LpUqdrQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-1177\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7e5e927131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4471,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b406e9c7fcaf80e5ab91f27ea0f0294c","sha1":"54ddf99952cf9b0fabd829928125026af457240c","sha256":"a327cfe81199467e7773a331449db596ff5a5da012ace64d4ae1889c757bdf15","sha512":"50bb2149cb4177578ffd52d275d2f399922cf5dc4fe93ec9e32b840532d1dc7cbf148a136fc965a7e353fab249d5849f33dba3146a47b9f8053a574661b71f4d","ssdeep":"48:YuTyTbGhzyQnA8qA+9nIok/we+NPhwxbwPAjgCfk/wWp3Copi279lMFDQJSLhHan:xu2ByQA8qAHTwAsAjgCuE56szUn","tlshash":"7391cc9d31458cfec75eeac3788b679f3042811387982c06c27cef4c5676f19650a2ab","first_seen":"2025-12-24T22:39:16.189594Z","last_seen":"2026-04-21T21:26:35.738145Z","times_seen":53,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/RunningLine-CH7nI64D.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/RunningLine-CH7nI64D.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=97nNSknGpDFPoJJz19wDlQPRW4UGlPEJKiKdObLL6A2sH8DVDRCpmt8kA2v4XPbYd%2Fmmpu0JVN4r0Bfu947BeZUMT96Aw1oH461dHlSnHP9eIf3B%2BJTpVTvukYC4nXPZVgn24A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3e3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d88637131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (994)","md5":"6bcdb91f80d37da6a2e4a7bb6f6e3ef2","sha1":"bba04b041ba9ae72e22e24a501c5ec69d5fef686","sha256":"2af1a90f48dc3ca8cc3ec86abfbbcd85ec472a3de25b8bffd271952f5a8ecf4d","sha512":"1d9bc593e2faa93f543a3cc084d1c0e8cbb9d6b0c50894dd8ba196bb395c255048b902e60178488dbf6fdcb288b165eb30bd308e6b6a9171fec01b82edd4f06e","ssdeep":"","tlshash":"ed11c2569015f6fccaab06d6b53e040c299701a5fe175d90e47e18562a29180bf37fb8","first_seen":"2026-04-21T12:24:49.009967Z","last_seen":"2026-04-21T12:34:16.111922Z","times_seen":2,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":414,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-BVrbva_v.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketSlider-BVrbva_v.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=jfES_Vghttt82sdwVcaeRC22YexaeLjwEDQjXvcGx44-1776774224.2884045-1.0.1.1-0EXpBJIsLyBvyPADk2enOTNP6AElWXNkytt1De13Gal2oUgjxisr1BqZa.JSkuJKG1BL5mmf6_.6KDL3cUyWnoi5w2kU8zUuESeu4eXgQeFJzcwzUio2tmwzT6GG76RA; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ve6nykWMC3NtZL8qgTd2bcIE%2FteaQinXCyL00nPU7eerQcEn9kel%2ByYZSfmXsDpRWt6msR%2BDp25kGyqJp349cDzYSekg1vONoCNe4WxsJZBpfhiUl6mfENiV1VRThtpeIAL%2F5Q%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2bb\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459657131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":699,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (698)","md5":"4e46f6f2adb9e911987e05d839d0789e","sha1":"258094b1669b4c50fb6c694fca472ef42cf28306","sha256":"0926899db74002bb6a8a6ebfe890d69d802b2c6a0022f09f517fba863940c2af","sha512":"6e47510400dc885c5a0f2a654ade997cc9cb93f4cdf6ae5ef955d3bc69fac22fcd375a6340cf80dc03a17270b7a3ff7edf00867b3bbfbd3e8c004d51f8c821cb","ssdeep":"","tlshash":"7c01c0cef400c67982a5058ab2b5ad4017382595b71091f0b07a0ed55d60c8dd2defdb","first_seen":"2026-04-21T12:24:49.011851Z","last_seen":"2026-04-21T12:34:16.223772Z","times_seen":2,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6439.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.186Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6439.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=CXN4hl9CRQXfmsU_SavHfIw5nwGavsayXPtR60Sob6w-1776774222.7201607-1.0.1.1-IdCHS9U4l73O0cea96fhPLhb8_e4XTvq78e_numoy_EaYlowcAPOag8amf2y2TkQb5Hb_dG22LL7PJXHF2_QVCfySmnx_buPL2YatOzJ0QhQ3Mp96_V85u419IU0.jlO; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vVQ0Uy7NJMqU6WLFZqh9MNuJaT%2Be2bUhvmzQ5E%2FGCWu5pP7%2FjVGhGCYuTKpKlUkKz%2Fx%2Bux3GtsGusB15B6fk879Xc9xgPKD7RzzBHT8gnCJrXmVEbrROhqucnlp8BmyBXcPrYmuYlHBs\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8a9f9956b9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1259,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9b0c33372d0797fc73b1ab42dc7b98a1","sha1":"303036f0bee04002c713cb9d1ce362594b80a768","sha256":"d2a64f8f27ad6558d6d4ea6a7335ff6cdcfc796382f78574fcf73ba2a89a42bd","sha512":"0a1857a6d3522b874249f0da1677ac48a383120244747d619f378ae20a34bd4a71b540c01a404a43e456fc394095ad945c37b6d79ea9f85a1fb442dc6f3638dc","ssdeep":"","tlshash":"1e21103ab20dc4354f0a39e164c56d9e4dbe7d2b9c0ca9045e5e8f8c9270616ece3697","first_seen":"2026-04-21T12:24:49.013555Z","last_seen":"2026-04-21T12:34:16.248527Z","times_seen":2,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/AppSettingsButton-VpAExZZO.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=D712pL_wOl96bNDT3ckyQSKg4Qjmr0tJMLfKQiN9bog-1776774135.2970243-1.0.1.1-6a4z95pqYZbAWdDJldKttekfVqR8xWqLy7Y1tZ.1HFebJko_Dp2M.ZVeSxOq.jd38dwkIFTB27GYFUzSvUjDoHknVR_ZqnF2SKTQ1Aax1kwdirRUJUUoZaVlSV73zP2J; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=py4uVjP6OnVG%2BFkzm4aJ7EyYNlNXwXMuok7LPIOfw69hNQVW7%2BlbhHyHPwspDC4KODTHZ2nFbaGBoGG6zG3mSGOxcqUst0ftCxJYhSz%2BM3MKLmWN7VlWeXGhJtXV%2Bhxf63%2BYwg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-181\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0db27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-21T12:34:16.105722Z","times_seen":2,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/UnavailableMarketEvent-CYfp4pDc.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-CYfp4pDc.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=_cSKZzW5aJvyYzNAVohKEvVxEV97t_jrMqymjQZJnE4-1776774223.986149-1.0.1.1-StDHwWqok3yMoEJ0ypTe.m91UrC7zy.4Dw8naM42LstVfMUgl3_z7hqyZCqPSr_C8TAo6mEU3cj1fYpsylTgnvWa3baAn_DzMsDoPoRfS2gIPIRzrDFCPhBU0B55iffL; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=05tL3zY4YhN2ByAc5ESR5ZCtwfEfdxu189eDziTuseIsrijL0CTbPkPKV8bRbqs2jZFvqC3QLpmXLNMXJe5nDeO%2FH0zmF732OarDoKZdKkpjeq6IqWDbs4j1Ce6kRnOeDprI3w%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-134\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f207131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"301b968db5a1b6c70ef45f96a70caee7","sha1":"af0ad681fa2065e8e6fc3de5be1bb8bda7c32aae","sha256":"ccc3b33c3b33fb19d13f76b0790ee81c1ff29d5aca03f7a0093e100de40fa405","sha512":"244dbca0ebc897e9105bf0be8f0d97267cf9ec27d0d0d3313109bfdf2892c75bbc7031a49e17dfb6d251c76ffd8e9dbabd80f3d8821c3ea4aab452f28fdf7845","ssdeep":"","tlshash":"6ee086096104bbfad5261cc8ce3a4b49511206a5c7a949d395a910281b34265350ae9a","first_seen":"2026-04-21T12:24:48.997389Z","last_seen":"2026-04-21T12:34:16.137485Z","times_seen":2,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListCompetition-CDufXTne.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListCompetition-CDufXTne.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=j2z00nTqg.Jx5eaYm.G0OTvsWcxvWFLO_CnQwqkF6pE-1776774138.337623-1.0.1.1-VNApNNcF1NuerZCxHdVnYSAkGGN_bX_6_ZXf3Pk6BFQD6dbnJr7DUvy12aNGoMg1hipwAKTq5dw1NOsd45owyEF16J.wR99AYsiLKryar9oIdHbaEbYfvx8KnozJqDhT; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qsN%2F6PYMzugFBhx8Dl7qWu3Gzw2F7GuaUO0EPPVNyCDd7TIOd8F%2B7JXDt3lDHJgX3ElZ%2F2Ai1a5zConY0AANHeGWnKhk42dRcyL5M72LuxjtAhjrL0azSrAmiDPc7TB1BZifRQ%3D%3D\"}]}\r\nage: 717\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a7\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459617131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":167,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"cece9291e7e9a4b3d0ef3ba4b6ef0c46","sha1":"63e5889fce2617a81f38546d664e3f7fc63ed119","sha256":"8decca4ccfb6045463a8d709a6b02a8fe5b190a5b9ff71da64faa9fddce8c399","sha512":"c3b4296a20d2ecdd0e4efa985b818d53dc390004dfec6b01cd759209798a2a80a50812d4189be2a0e93fb197808dbd948128a1dcd6f9c52d36b006b40593e3a2","ssdeep":"","tlshash":"96c08c0684659bf9a91719e28b69a4421132853efaf48ad0c07486158e34aaae40ee9e","first_seen":"2026-04-21T12:24:48.975891Z","last_seen":"2026-04-21T12:34:16.098038Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/3/7557.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.738Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/3/7557.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=9PXpqmryGZGpyDhKG1wLf8Tv_.cm0oP.dEouRAH0CUk-1776774167.3695188-1.0.1.1-_4NEhvfGKaEcrhvIF1nZXRuwlnfxLtxN7phKz9gJoppqYK2FeX_APqghdbJSqC6HCuoqLdpM2UOb3X9AWNgxXaOS_.TurYVF7xhQzsyLfhIWrNDpnrJ.zmkJSK.1hh08; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/menus/app_menu_751_tur.json","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /menus/app_menu_751_tur.json HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=9epz4EyS92N2QU4WE_FIHYFvnKnxw7DCbW8dzi2gLQU-1776774133.087888-1.0.1.1-dvfC3ImS9KcB0aQsH3ctbg9Nn25EhALUMg3WZDHP23nlCXX3dJ1n3o7RteQ5MX1FwhR28hZYfLWJPWXvjTNe5ysVW4WBWYRuZUeCGdmQJ.OyKstuTqUW5y9tcID8StUY; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 13:22:13 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3hz9jef0vn4oTY9MXzfoulTFNdOwxnGv2Qz0DcBNcw8EOf2zk60y73dSQtTvQpdcCEKhej1EAHyzNdARErV3djqNZN3qcLwgGEF6irI1ZVczWyVm%2FYaqLESn4MDZ4euUX3yKRQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-2b56\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c890b367131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":11094,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fa2350da5ade95aa04966b376fe45ba8","sha1":"3508ce0495f4418df230eba5c34f5d9133710d06","sha256":"faefa36b9e69550edd0919940d952d9e8780f4a85ab448e592f1388b44657a14","sha512":"30a572f3efe65dae280e5c32ede94628ae228d011d1c73b4d20316f0c80e94b729047a0cd07b15e6650f242f40358e99a0f99cbc9ebdeee574d5348ec87fcf52","ssdeep":"192:SSkcUlkiU+kuSkxUdk4kvUQkZUcktTU2knk95kEk/kbkAkCUdk7kkk2UUkoekIUe:SvuxuvPtUi2k9W58Y1g4ZbCCQJU1whju","tlshash":"bb321602f01d5976d31c3e00bcc76d5b988d5099ac9d49419d4d8acecbda4afceca2eb","first_seen":"2026-04-21T12:24:49.015167Z","last_seen":"2026-04-21T12:34:16.09255Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BJ21FeBp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BJ21FeBp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=4QzlWQ.sc_xIFaN8pQyrqHCswqB7lXOzHOLIgvV.zeM-1776774133.7025094-1.0.1.1-WARJlTgvtskAgrNjO9JJlQ5ZElUFncO3q1KTC2_0NGh1Q4Hp6rE66qJ8ysIjaDAcHDSPuzvnQ86xd4utqzaCbFZG9CIcumxDmCrGJb3TSsrNg_YxtgP0nK9gUyab3ibJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D7tqHliwxNYUS9YewdkIBDiD5s3MPjfxjs4RfDRkF6YLtqvzdRInWYItXyL7JTDnuOz5gXl%2Fa4VhpM2lX%2Fxr0Qi%2BHfy%2BZUSIpQ%2Flb9LIV%2FhtkUGk12RvuRt0glX1YEQ9Cge7FA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-26774\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c891b467131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-21T12:34:16.306535Z","times_seen":2,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/ExpressOfTheDay-43DWSrHP.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=F6vYijAq0BTOqUaWVnHeJG0cWPpnrpRa7C.ZlZLWt.c-1776773846.998852-1.0.1.1-NTJ4MkZS5hh9BrGlRUBsoMD48CQb316Z0QxBlCri4NiEO3vG8XM5Dzewvn2WCW5kJ8SKWfnYru610G45zwtpK2YFZd47otpGwvDSv6TmUtF33XAu21cx6AfrRyZw7zdS; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v77KcaoUvjwJTtXAhpM%2F2jyQn6ot7oeE6jJyhCA0grkYH17Q0Y8E%2FS%2F13%2Bhwc23Wjt%2Bo5ub54cnnjOUYygETfYmQT56b0s%2FhUjExTHYAAJhnUd6rltK5ExLoneOtexFnbubH4Q%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-4529\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8da8877131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":17705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17704)","md5":"29a4feba57dc978d4cacc40dd9c4484a","sha1":"9c5bc3381940ebb51fc21dcb34599bb7b3b44330","sha256":"2d0b096bfb50494d69b04b8dee99ca90e503795ad31e571a9c0bf43eb5c1e4c9","sha512":"56d290b4472b91cfaec323eedd93d2f80a711daa22a76009501f6e760f75ec0a3df4313e63416edff564e0253cad818a58745211be27e43e44c523d7e93697e5","ssdeep":"384:GzgLUxzpiANNygg/aazRObFUSczDwLhg8fTddMKnLLyHC4EK3CH:GGUxViAKgg/aazRGF3g8fTPdyHC4JQ","tlshash":"6982f856e009d67dda3e04ebbabe600530250ed8c26106e1a57f1c2817dc45636effed","first_seen":"2026-04-21T12:24:48.902861Z","last_seen":"2026-04-21T12:34:16.206185Z","times_seen":2,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/jackpot-jNbP6Duk.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=b8V28WarNvZ2fVI2RNyvGMezHbVCBSuAXAXCbl38Lyk-1776774137.5265-1.0.1.1-HcaTM7rIiUq9K4AtFoFsS6BnGzBIjWc4o9wUNIU58MfR5XIP62R38bHcMz2TquM4Zo4i6466aP.1yWHQy7_IRsorn.1fW.XCoNRZAEPfRsJ041JU0k5GZaKDOTyoO.Gm; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ioaqek6QCoVKZYDWAFc1HyrvQxXqUA0z1cbTho3Q4fajTcVk6OgzpvQ8heUbPK7Ul0GDYj9wgmGqhZr45C%2BQe6GJHS6WwCrvxt%2FfSSK%2B1CyU4qtSkjO2BR1fyJVrrrqcdj59Tw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-178\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92af327131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-04-21T21:26:35.58754Z","times_seen":43,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/3a04ee1baee0571d35c58bde9822e219_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/3a04ee1baee0571d35c58bde9822e219_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 43004\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Wed, 09 Feb 2022 13:52:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6203c72f-a7fc\"\r\nexpires: Tue, 28 Apr 2026 12:23:44 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=VT0nRGKV3wK6YlaWZZIOpouGbfGpYsqex.bCjDAEEKc-1776774224.9643528-1.0.1.1-rrrve_FLeSRvqRQV_MO0.qjUgqoTwjwH8QfK2LwohrcVe_9zAYpddHYnVzFBj7gprIDAJz.0q6gTslLiTivRhLIDA4xglrnN1dhVNLGWcfLpdBD5MMu7F22RaGm.vcut; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ngYkYra3Lkgbt1uBQjBroDm3ei7kSjWavBLVL%2FWIIrldnPe1qBnIALW9xHpBYp8lw06z4rtbic%2BnOQBuhCL8UQvNOF6AuWehsAInxvteffjJAWDZiWupDlQwQDssIAJX0wBOx2bvBsE%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c974c227131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":43004,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c3df4a3b94ce271bca16345ca101fde","sha1":"469560139a886e2cc525c1bcb00ca0d80719108f","sha256":"91a70ec193d3b3fcf89cdb1768cea8d8bf1eb580daa7ad7dbf70c48131bdbc6a","sha512":"5ca41826ba296256fdf19685168ef8f86f8bbbaa45ada3fc84130bb90e39e06171f1272d2cd1991f503af39e8d98a5f14abc2d52c8efd066c2900884f997df25","ssdeep":"768:EhAv7J9uU6k56t63yu0Kt5eEo0OFZs2PGCh2UqNcOC1DfWA9oWWUIif52tnOOImv:Euvtp6l5K6ESZs2PVh2UsS1Z9U2f5yFv","tlshash":"1913f2a0f15fdc0f638da2a0b5da56c839c546e30b95d1df793114a189d3ce27fba888","first_seen":"2026-04-21T12:24:49.017545Z","last_seen":"2026-04-21T12:24:49.017545Z","times_seen":1,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/2520e3147a6c8e147a442bc42b8dbb81_casinoGameIcon3.svg","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/2520e3147a6c8e147a442bc42b8dbb81_casinoGameIcon3.svg HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/svg+xml\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Mon, 23 Feb 2026 08:17:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=9PXpqmryGZGpyDhKG1wLf8Tv_.cm0oP.dEouRAH0CUk-1776774167.3695188-1.0.1.1-_4NEhvfGKaEcrhvIF1nZXRuwlnfxLtxN7phKz9gJoppqYK2FeX_APqghdbJSqC6HCuoqLdpM2UOb3X9AWNgxXaOS_.TurYVF7xhQzsyLfhIWrNDpnrJ.zmkJSK.1hh08; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:47 GMT\r\nexpires: Thu, 23 Apr 2026 09:54:27 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r13AjdpCjc33JfnG3v6c%2Bg05pcsMeQAY1ehchW3nIQmY%2FtBp47uEMOXSL9uqLRv%2FFCgBqtYraGb6RNrZzI8wgkpA%2B6COk1aDfGXpbCg6x1b%2BWXNaMqt0gVDLk3UyS79AUMvFDV%2B6elw%3D\"}]}\r\nage: 440900\r\ncf-cache-status: BYPASS\r\netag: W/\"699c0d18-3d6c2\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c976c407131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":251586,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c20a1f03741549ae782ac42336b5009a","sha1":"bcbac25eee0478af61d33694c5eba601b90ec630","sha256":"798fa80dce22184d619a93adf6d6908be1aa29cc21c671bcd4158f6a5ff07cc1","sha512":"2c5147ba27e7dd41806289e99c9d067987917f85842abb18674586e899cd5c8f338551784d5ad64383256b816bf4e39618b810bfee78044f703ecd4e42b5f91f","ssdeep":"6144:2SxopbSdd6SGRuvMKy0pE7FMqEE53iJP1rbv+:jCSdc2pboiTE6dn+","tlshash":"1a3412701c2539420e94c104c69bb92f1d259ed3e5abd183fa936acf66ad5810fff236","first_seen":"2026-02-24T14:23:51.458986Z","last_seen":"2026-04-21T12:24:49.01933Z","times_seen":3,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321027.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.325Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321027.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/ButtonWithAction-DSAfkmWo.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=5pXdNzo6HVWDhaf1tjuJ4r2S_CqxzW5XLDn8ll0ysPo-1776774135.3317273-1.0.1.1-IrDzYRL5QqHBEPcJ6gbHDUMn1kf5x9awwIORecP98ZP_5JIluHKO5GRei946D7jB30HDvzEvFVfuSa.fr6x_XzNy98FQm6l5fvcdyLmC2_5cMXTHPAYANF5U3ifKXSXl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MXDf5Ayc6ZIP5wHn%2BClTuPmV%2FL5xfjYwa%2Fxp9cIs%2BecDCGGNzvUkvZFPjvk0lYn8bqLc0OPTlZQYUhxMlQgtER8ZSPIPYnUFidLdmRW2XH4gntUkgWSiuxHq8pBulUhN5z0zXw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-10b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8add597131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-21T12:34:16.100563Z","times_seen":2,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DepositCountTracking-C4f65rk6.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=hCaqHdr9uOAX8qtQfhrVO1yjMbtDP7C_sEtrRrSp1eI-1776774134.2112994-1.0.1.1-3EffNgHqPJiDCWLb.Bl5.ynUIvVYb6yN3.NoAGMlGo0KRGdQDEvs1SYAMSBE8of8tXeUI6lI7t_jR7CBsWYn4oq.19JjsguwQnYMFo2fbWmG.UtZBR7MZ76.D.Pupgwo; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2F0aHsIeYqv3skU%2Fxk%2FWCiHaOocPfXramzYrtYcdmM7Gun7lrUEjKGl0nljD2kyb69lA5Vdo%2BZwCl8ahU7KO%2BHNhi5mZ5O484u7bOqTwGHONIrXh0DbS2bLC3KPXSasggkoZBA%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-285\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afd827131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-21T12:34:16.158041Z","times_seen":2,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.galabet1069.co/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.214Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=m585ZbP7fdVopNPyHt8t_NmuZTXis36EtPFguRU_E88-1776774223.0408502-1.0.1.1-i1RrKcnv8rjNcpzTHwO7IgKfZIxoVQ3JQt434kXSJfmu7EqRXnZGUSR.5wboKWD3BUWGXxBj6exJHZjBCgOXYy8_7x76luLLRmBAprlHuJCLZD0QP5C3PLAfO4eHyfAg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/1830b468630526dedca34ab46ba0df76_casinoGameIcon3.svg","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/1830b468630526dedca34ab46ba0df76_casinoGameIcon3.svg HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/svg+xml\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Mar 2026 11:36:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=jyK6FjsBUOuQMArerFTC8S3nuzXeI2FVscw6JQ.Td1s-1776774167.2263126-1.0.1.1-iCatAGQaSb939lUNsgOkYGBe3l8NJGwQ50EQsLSpY9DA1NmzSzWF6FR.kT0STeTAQ3W0r9Klmfxrf.J7792jSHuW.Fo.j.oiQ0fgquGMpsGcxgrsNiiIscWbooqIK3oN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:47 GMT\r\nexpires: Tue, 28 Apr 2026 11:54:39 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c5ZxsA3ENVIfFT98LVMRtzdmPMUSDlFCLUDXRNo8MIF2qQz43K1fKL6%2B9WWVepYz6pLEZ3A0W20sFDWLDbbyXh2GNO5e%2B09u5nIjl2ZTk7ug6Urkod%2FdLLuepHVtoK7LgpKnJfJByns%3D\"}]}\r\nage: 1687\r\ncf-cache-status: BYPASS\r\netag: W/\"69c66bc6-3aa27\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c976c3d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240167,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f11ef0e8b39dc13e9675c823eb54e7a2","sha1":"39f4a0e48dd9ce704358a3d679d7e747077c4206","sha256":"f3030df04b164bb1d0f43a81cba88b0461348ab3a357ced6a7418b58b2c8bbd6","sha512":"adfd4fdc49bc23e1650aef23f1ec1effc0effa52c43218cf91980061b9948fd5ca61262858aa8489ae6017d085d0a7f89176a3e43a68cb0903941b90d580a4e3","ssdeep":"6144:z/yzPPlQD3wpQWXGOthyhpBRngyeI0+UEONzE1:DaKD3iVbthyfngyQHNzE1","tlshash":"4634027dad08140dc1d28751d3df2bb90d3d6a4b825d08bbf2a7504b38a87a14aefd5e","first_seen":"2026-04-04T19:43:27.533058Z","last_seen":"2026-04-21T12:24:49.0242Z","times_seen":4,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/769.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.665Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/769.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=LaSKo1fKY_ZKhFFDWIjCOQKvtZheJgJg9O4wyuX4OWw-1776774167.3562272-1.0.1.1-e.pFKMy0gORahSP3yoTTp9x4h3Ku9LwuRTUcqqCVDJPRIscOTS6r4pJlbiVLLiCIb1PZuTTTtouv6EhCcxTDXiordB4jxEEndZ7BY8wJ3FCiKRHi4RWXP3JodMcwyI4R; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/664.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.666Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/664.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=LaSKo1fKY_ZKhFFDWIjCOQKvtZheJgJg9O4wyuX4OWw-1776774167.3562272-1.0.1.1-e.pFKMy0gORahSP3yoTTp9x4h3Ku9LwuRTUcqqCVDJPRIscOTS6r4pJlbiVLLiCIb1PZuTTTtouv6EhCcxTDXiordB4jxEEndZ7BY8wJ3FCiKRHi4RWXP3JodMcwyI4R; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/175/350465.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.359Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/175/350465.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-BEZjG7h8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-BEZjG7h8.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7R9PTYkpz2fLAgv0%2FSVudRMm4qdelI7egNVacO7M0Q5LGvmh6x1RUb7Xw848TLLNtpiQqJb8y6SUBlnRntChojvHdCUkLwPwPZlTULDgXtKqyXiAXHXsdzZfXs88yN1Avs1Q4w%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3410\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=AeEhC1c97XuXod52K51gjgxZjMQuRIRs2fzWAZAFhcY-1776774100.1168032-1.0.1.1-KA_.qdgcfPfPMiw4m8zxm0OEfHDOd4BOpV9idbAbGv4YttNQYGeQvm9ryO6KomHKjeWvnYsqKzza2GrcvxIp7Ne8EfKTluI3so4iGlf4BWWNud1Dc0ngcYvP1Q9uU.nb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:40 GMT\r\netag: W/\"69e73090-35fd8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8d17131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-21T12:34:16.09989Z","times_seen":2,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-By9i3a2L.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:39.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-By9i3a2L.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=3bmOIYJYLzBqaFCFwGqsU9e6SV3PHeyPmPlNvzGKibo-1776774219.4293203-1.0.1.1-SvNAkjcQDYLBSydzU3mzE7UECzJtlbIANr1geDEu3ve9p8leLkUUvkFYIPUUnd.GvuGN_iEmg_pXaXPW31HMj8x_vxdF8lDgttQVLSkmpdTFOpLc1YyAkCrpCBKHDOjW\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=1S4zPYfYZJqx9rU6ENlPxz57FxipjRgQ3LAN9JOivrU-1776774067.84588-1.0.1.1-H_rd5SlY5JtgjFTNqwwx_HgrkipnTVyLfpbOFQd7isbzaqakt3.xMKb7mJnGGCtT0GL544j9gADsAMHskJTR3nVS_nZk3eGInpbaHHZrtHl4ExyMt3MzCoJoKBERDTxq; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:07 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oKDXfBrZI8NpXo9QCi6SIi9tPuFV2JjpAd8BTxyYh2gqJ00YsdWobTA5ewhhxdVWeCOIple1LlP5ViHvisf6m3iBdtEfIjNHARXPhP4LORBJwNSL5zHLYkdnmBBE0Cb2e1VXbA%3D%3D\"}]}\r\nage: 3387\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-115c3d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7979bf7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1137705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (24532)","md5":"525f18d133fc7af7dc17d955d550f2e1","sha1":"87932d0c9e71469049dda2aed0b69c205a843493","sha256":"4cfc091498bf2b15dfcf5191999bdb06e4330defe44913f83748a4ac8a6ef1cd","sha512":"ab722fa4fe31ec8d0e0e66cab67e8d3a8896d3b6c3c44dfba22c0f807d69548510effb0dd57cd9f36442ae66671e953aee70f988abe5f4d3a95be730328edd05","ssdeep":"24576:lHo+1lCm2qTwWJPwgi2DwWTgExZPq4WhYKd:lHo+1lCm2qcWJPwgi2DwWTgExZPq4WhV","tlshash":"9a257d85b155b87997b709e564af0102b1391e00f44cc460f67cedae29b9809a3bbffd","first_seen":"2026-04-21T12:24:49.025629Z","last_seen":"2026-04-21T12:34:16.172648Z","times_seen":2,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/flags.png","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/flags.png HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 94974\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-172fe\"\r\nexpires: Tue, 21 Apr 2026 12:55:17 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1705\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Oywm9.4QTcjPBo.mjxvvOoDb4Jb8pfCmq7ysOkEFA6M-1776774222.6624353-1.0.1.1-2IE3FBNvL_UrIdmV5SpKU7IEprKHTxr7vy.MdaG6OWOaneC4A1UcaW.nytxeQyKiGBgo4JtYaHY8ZOwUUq7b.ezLTqw.l95PqKVUX_z2ORgYxOsvQXCbmpHKUUmnjk4F; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=foCDBNfOOsObpa80O926lE%2FSeAaQH6Lx8rgaEf%2FUpzRXog3PFRAe6CnWvEuSiw9oucf1o3iJ7JY6vb%2BzxjChgo9T2pj3j55OmsqJZaOlg2klq9jrWer31edPEGiBjdkhpkM8pg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8a0c4c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":94974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 17960, 8-bit colormap, non-interlaced","md5":"02c3b5af3d0ec1f21c51bf21a22241e9","sha1":"c39c097d704c754294e3fbed23b80e502054396e","sha256":"1c0578c469db9a3da5c0b6fa0258f99b2a2ac602d0027ab6fcb7b218c3acbb75","sha512":"bb097e3532e83aa4db8e8dd7cd16d95d83ae77f4cc19207f04f3b929ca695ebcd7f5730e9ea888763108c95028f40f81490a03093ef8d57665c6f4393091dc63","ssdeep":"1536:wxq8h3gUrI89XxfLcduXa08ucH+te2RIr8T8hKdPzgkjM+PDRzSKR2JLDpzm5NLX:Sq8h3e85FquXPAeExk8odPFg+tzSKe3M","tlshash":"509302ab06de36c6e10b2e9408902d3c720f65fdcba545ad497cc743d8e5a68d48feb4","first_seen":"2025-12-12T09:55:43.277784Z","last_seen":"2026-04-21T21:26:35.605788Z","times_seen":541,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-CdCbiusO.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=W_ESe7cq9Fv0bgLy7BcqmzoKOkmS_.YcrcAi_ZTg1nQ-1776774134.1904767-1.0.1.1-Wg7ba4qbXwegh87x5ZCjAp1gHFi7HgkuSLCndALpQdE1ZfDWFP0GB4AgqQjJ81QhwGjJTCCqj2um8ZdAcXpsy2s7ExEHytELHJ7kcghGoKSYiRrThTNQxVHadFHpDoFV; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bq4w9EHID00oEGFueMVVBKDqKatM%2BFGAAi6D6AwQY3CHweV9PBrR44Xz1HmuR5HwLna%2FcrjUwzaCNqxhKEbDgux4JGbRLpYb3Max4qEXCVFJzQHyrv%2BjKgMnroKhK1K5iJ%2FBNg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 713\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-5509\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b1dc57131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":21769,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20471)","md5":"8092f19af0d544b86d813299632cea49","sha1":"2a2f19e245a3b90225ad62325564de85b7c9a93e","sha256":"650ab75e6147be141f3a4476b417f0e600526ab598f46c7eb19e0c7a76e3a01b","sha512":"6312490d3bc25ffce5c91d94c2468a485fa971f4983b2e418880ec833bcd12f3103ae0c930a8db6da5c1511e2cc2db1632660c24150198e8b4a7232e3ad9b9b3","ssdeep":"384:DbjHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:Pj4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"d1a2bac7f9a548a0b5bd1fe81fc2528635b1b65af49144707c9e7c0c223cc4ef2b5aa9","first_seen":"2026-04-21T12:24:49.027905Z","last_seen":"2026-04-21T12:34:16.129083Z","times_seen":2,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-app.js?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: fvxi.f9MCKb2jz3JV5VaJQagZR.MS86d\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=337xxIp5lDlIISkX0YQpQDVHxK7mDgvKVUvXsRfv2pgXthUNYLsIfxYH2EqLgMuMSy8eYFYgWZQjTR9pwd2dzeajtodl%2FV2yDVdP%2Fi0%2FVu%2FffuWudVwiYxTtnKJT5%2BmaHAmGM%2F%2FMvmAR1ODhhVZQbtc%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1ad6d29ff66cbe7838d3a30dae2f9382.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: TSfdfrpTFGWGEYBYuicxhzclLVqXANRFV4Lj2564zUESIOr-OZkoNw==\r\nage: 223\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"7dbbe1a7d40a4a855e0411c1a19652de\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c949d221a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":75126,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7dbbe1a7d40a4a855e0411c1a19652de","sha1":"c5af0f3dee6aacfb1b2cf8ad41c734f8039bb3a0","sha256":"7370b77a09553209c1fba44947bd713c2f8d842a282e296200398c4dd4c7afb6","sha512":"dc2ff9d25cc20706eb4719c0fdebc53267e7649d8a0d42b76d6a6eb96c4f0ff08b604fd2aff94db12a629bc08ba6507bb8a34cec6dd59bb42dbc5e002ce921ff","ssdeep":"768:HPZ1UbN3aQe+roEuPT38WwK6PhWv0Kh4y6QewkNzy2mh+slc38kCVoO4kB:vZObNKQe+UJPwHQe81h+slcCVo2B","tlshash":"1e73b78db1d2bae94df32021535b3604f23b1974542bd484f7acedd52928b0be227b6d","first_seen":"2026-04-17T00:47:10.101067Z","last_seen":"2026-04-21T21:26:35.675673Z","times_seen":12,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6443.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.118Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6443.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=VT0nRGKV3wK6YlaWZZIOpouGbfGpYsqex.bCjDAEEKc-1776774224.9643528-1.0.1.1-rrrve_FLeSRvqRQV_MO0.qjUgqoTwjwH8QfK2LwohrcVe_9zAYpddHYnVzFBj7gprIDAJz.0q6gTslLiTivRhLIDA4xglrnN1dhVNLGWcfLpdBD5MMu7F22RaGm.vcut; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321043.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.241Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321043.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/493/987301.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/493/987301.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FastTrackTracking-C80GL_Ah.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=N391VH8h4Xqe6N4hTszWyPesiBeXIZ3kikAz14NMZq4-1776774222.7873437-1.0.1.1-T122zkE3KccEEuTFrkQNJsluPnoMOGlSDHEtvCMUEhkF2Nxraq6RrGzlQUW9shzFYGH.nw5LnHSaSeg8k3q_uKVLeWN4HV6p.3htClLeudL3SByYroGc6K8tM2yTAJu8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P0o0iyC8E4sh0BTQ3ixhxQQShODzDIkzrEqzdt2M7dBYL3P82Mpy2lXyU8ErqiO4KQAw3CelIJ3KzLzTfKFlrT%2FQLTakPmvGcAu1L22%2B4SdjvR9tCYtX%2B9I51otPT6JFbZTcdg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: MISS\r\netag: W/\"69e73090-569\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0dbc7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1384)","md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-21T12:34:16.26796Z","times_seen":2,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/JackpotPoolsWidgetContainer.C5xbwG7T.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer.C5xbwG7T.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Ei9j5LNXpWbnzERqwdXSE.BZyQZoIae8DWbC1eUlr_M-1776774137.7765157-1.0.1.1-inF7iwidIFJCoLLF4SGRj9CTQBjcxjpKuZDqqDdE65cB9ARDFUZZWVmFaKdYfOqfmCXfxrVRnBIjDtopDZJ76euMD1QKKtbwbPNUx33gLLGQ9KAwl6hnDIMme6TSnPa7; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UmfKj5D2ATQeyC6h3FtHRKIkuoBq1PfB9ULvI1UkuOXT5GCOpT3PqbSpUF12HXRdRtXF1x2okgPX4f8EOav%2BrA98kF4Ahg8ntDfO4gGb6%2FI1rgpokhqI7%2BEGKmuCPooQQRMpqg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-1e9f\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c9f3b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":7839,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7838)","md5":"e5810a6dc4d39ef75c921489cfd463c7","sha1":"5fc7f46d4da76fb2a42c52007391d21797d606c1","sha256":"152eaf9db05e66e0b7e8ad6961a68ed2bacc25204acec7a0cc81547e002b278e","sha512":"07eb19ac6e96b910645b4e77b14840bc99ed3c4be03c78a7d8af8449906dff08791eb2701c710245c329b38281b118d422921cb1a3272c97fa5ea1d1de06bcbb","ssdeep":"96:Xnxo6ZIBmmohvoDxTTFQPHf9bzsV/bV/YgV/FxV/QV/OV/tV/IV/EVSVqV0VOVB2:XnX1Xx3erZg+L8Pyw","tlshash":"bbf1651352ab33ac6eee6937a170e31c7b7c083dc7131559adaf124a4e9aef1061971c","first_seen":"2026-03-17T07:58:07.338795Z","last_seen":"2026-04-21T21:26:35.739733Z","times_seen":28,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SmartMarketEvent-DZJsJGjf.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DZJsJGjf.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=WRiYkc4gypIHuKryFEmWXRsF6Bqukw2MwA6QQ6g.7Sk-1776773846.8373098-1.0.1.1-nG48ZzGt9E4DxgvLcBAZRYl99leVgWz0To3AZ3g.jhHhnfA4ZKueV8ODX9Ni0caqQafR8WcvKEkq9I5i3vboUSIjDRh17pMesUjviKdupzSqlGsH5GbjgD2U2G45KZpT; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:26 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FQW%2Fw4aJL5zHPAAnbcYrmEBwakkSiwFKR5Ktk3rWD2U7Y7qfl%2B7rmHePAq4Gb0KBj2GSvHpXXl5zDfgA2%2FUiENF4gCQ9waVOKR6vSSCBe8mceMD8f2RjcJDgMPK%2FHgWbp7yoZA%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-393\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d987f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":915,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (914)","md5":"21b42cac8d14d53da8603d367bdc0b4b","sha1":"1ae93919079837a6d354731844adc4c583a82ea9","sha256":"6398ba42e5f92a177f7cd5a8fdaa6ad138e05f54e3d3bd66b8ad7373726462ad","sha512":"b3ab5f11b9dd2a008c35b9596b60a1e7e48b12d11b15f7d2929ee112ea485f8ecfb46b716a56b099a3a0f9c2e7eafb419fccb54dd6bf3a45400f9046e76569c7","ssdeep":"","tlshash":"8811e3e6d540727e0632c8bdd1009f82415c02d7cb70035ae98b86f573bd4fda25de59","first_seen":"2026-04-21T12:24:48.844386Z","last_seen":"2026-04-21T12:34:16.136014Z","times_seen":2,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=IrxfvCJO9uX.eqknLIYCVIkqBIXHbbR4K6vgfFmUaIA-1776774223.3383787-1.0.1.1-eFJrvswPEI_Gwt2KZYDFgGTe6WBYadAYA9Cv6tnEHZ__.6XX5sJA4jQf1u6bTfFIn0l4buO74eb6sqXfOF9uTxuJ_sW.SkUNGFqW6uECzN.mQ_pXNbH9doKvhk1PbVtH; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iMClRtAyRYkI1WYqinojn8yyv6oSQ0e0RpOdJp0s8i6QpxrOlHdK9yd01xWjEJNL50URdkOrmfwYBFpAyqIIy1IUB%2BXE5O1aOmdGuV2fq3JmTiBm8j4qWUAlMs7I7g65oqs6zVOqpwd7\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8e797c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2178,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"80e36b13f42bc25d4d6d155cbdeef0eb","sha1":"412b570458bbe7b0cb9dbe39a3ec05c4ffed0583","sha256":"7ac2b940c65a1babbceb939b03ab3c75cbee36ba441648deb3335d68021b4944","sha512":"3a8990ca492f72f9669d66b4838944c03c0056682521dc4e39b14a7fb476c9af26ab1e42be56f3d30d994ab25220750d5033aaa71236d6728b12edb6d01b79e1","ssdeep":"","tlshash":"9641bb13b42c9cba5b543b40a0d3394ad9ad5847ec0f9570cd498f8d92ea62ec6d33d7","first_seen":"2026-04-21T12:24:49.032925Z","last_seen":"2026-04-21T12:34:16.268722Z","times_seen":2,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-RegularItalic.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-RegularItalic.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s1; __cf_bm=Vc.DlIgjSWd73CpepWJubngK7d.957da17Znzp8Z23U-1776774000.8075159-1.0.1.1-vynEyTLThCBKrpz1Tsd91x_F_naZaOY8BskVbl2nzF.Q17PcIZh7l3UDtcpqzCBC0n_ToumnyIHoxq573lE.ReGH85.iQcnWz3t7jiP4Aq4BGjNXIl6aV53HOlDMRJxY; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 78564\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-132e4\"\r\nexpires: Tue, 21 Apr 2026 13:03:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1143\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xZZA7NZ.3YVx0pEVq0eSbVht9Z_FTEswKdNZn.6rrL8-1776774164.922294-1.0.1.1-2gb8VC1qbm3Pj0nSrSD_MW.HxTmfGx0O95HQfIhGG8R3xCNo69b0HiQT9WrNPLWte.L1KluGz6eGRk4Ak6HM7.CoMWoQhEDlVQU3CLYgypl3hXR6enJStGtC7fgvvOIg; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DeDPHy5cLE58DzIKRIS%2FAowskPlDtjFu0an6Xt2HVt%2F0mXAQosHc8cNSZuUbk2MeHGTo4DY484p4JCPjeiXBfzStqU1xtX%2BpJ%2B13uTki38GSj6i6qrCLozu5RRxlrwfuEupc9A%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c914dbb7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":78564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78564, version 1.0","md5":"ffa03f9099e16b1ed1a0158f01961b69","sha1":"f1b97110bb1dba1c8985b4c48fcc8f5c9cdb3e98","sha256":"84d373e980d8f7d376e80725c42737d1f76f34bdaff56575c866ffe61916263e","sha512":"e57c2b94d74e334cce5a9f880442efd3a3b90eb91b09b2384d3c2c109e087f51184a4a34d248ac980eee963d5dd4bf23f09d3032fa85310d925cbc2849d5199d","ssdeep":"1536:TzGsd78QYdAOQGSmGmOMz0En342rWzm4XAFVZ2lX8z31t6:TaQsAOjGmOw0EIq4iARqt6","tlshash":"f6731260bc8f5f5878b48e2c73ba52a89ff54c0824167356697ec6238f99344b24e74b","first_seen":"2026-04-10T06:10:39.548975Z","last_seen":"2026-04-21T21:26:35.68864Z","times_seen":16,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/14ccf2a31350f1f060b4ce7d19123cd0_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/14ccf2a31350f1f060b4ce7d19123cd0_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=6BCU.NkqR.U9yP99DnY0mITpPPq901LrJBno8RAKDNQ-1776774224.2670226-1.0.1.1-aEzlPnR3HyCD3Yr0sSF0peiQ4.Au.nx36v__IQX7cffWFN6gn4pQtAPmMyVda7dizloGXqLFKJOUhRRlZp.0X.01CZOfo2GARvpuM0d35HM0VDY8sE7AC1vOwoRu8s3u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MultipleWidgetBg.png","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MultipleWidgetBg.png HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay.BAhUD-ZS.css\r\nCookie: SERVERID=s2; __cf_bm=zBdwipgyEvPSvTzIxHH_bqE81pICukAIeDkxKRzq1Is-1776774224.79194-1.0.1.1-g_RCj2jb.0AMAQmNfIz6QGkiDL0cy7RdqBVrIo406Xv7TRRyWc07GENP9Y9BoZFoI5KWig0kFE74ClkkFSubl0DwwvqzH.wsYoQFZE9.J.Rpimi0YVoClwjFRtjRmn5c; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 6298819\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-601cc3\"\r\nexpires: Tue, 21 Apr 2026 12:55:19 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1705\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:45 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nitm0eTI%2BZHNbuAMh%2FubN7pd%2BTbs1bhg1zxh%2FB9T1nHS8EezF9HfVAQFCicZ0VoxBKlcu6WxQZdHEuqgUgS1%2BM%2F1ajfwa5dyIH7GDA3LT2npln6aa6jQJkdgUtoMbi6S%2FvH7Gw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c999e937131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":6298819,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3168 x 1344, 8-bit/color RGBA, non-interlaced","md5":"253db80929acf6aaeafb36136f0b0484","sha1":"ee4081ceeef7fbd14228714b315c085e94199ef7","sha256":"b1b942b22613cd4265938558743e573555549700467d4fb4dd6c94cf93a0cb98","sha512":"7d9d4796a85d101a08b57e7244f5575043ecb93963a2465632bde46f4255ee866b04d40269266c9502590513e8b0cd0fb969a3967de374d1ce4d95d9281e7846","ssdeep":"12288:Pt7pZ16FAwiCkfnT7UkVxYxwTgRt1lCzIDRdI/c4+GNPTuqr6nOOTn99uqBBV6u+:Pt+ACkUEWxwY4ZP5Onhaus5","tlshash":"d22533f165f00e0827843b1c19218d6dedcd4153aaadd92e518ae7a75f20be87047faf","first_seen":"2026-04-21T12:24:49.034263Z","last_seen":"2026-04-21T12:34:16.323078Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2218,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":1923,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/10/20313.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.364Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/10/20313.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Bold.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Bold.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 74184\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-121c8\"\r\nexpires: Tue, 21 Apr 2026 12:57:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1587\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=jOSMujVL4Xpn5REiWZHfcxCRpP3k0URtCiYR4nztqW8-1776774222.6458628-1.0.1.1-7oUElbEnNi0CSHITv0t7KU0f9UWiZ7B0O6evd221hcgAGhBO0sPfioWFMyENDuJD_wP1KiGxay8IPUUhH3V9SUNYV3Q7jpjGkdWg7GqwV.O4it8yQC_xk727k84FYl1s; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7dX%2FWHJMc9aBG3t73SxexdnPv248VBjRQwORBgEUuZbUBnP3TMThyF0nceGTidALv4BmrgDT9mz%2Ff4a%2F9ApHlUfEfznqhzzzQj3T4PKpZVNO2DlSdFJNqAwfhC9m%2BPHyHvZH%2Fw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8a0c5b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":74184,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 74184, version 1.0","md5":"b270a087c3e5691e8dcd9c65c47146d8","sha1":"eca2667e8e4bde8fcfb4f7bf60bbb173b253f012","sha256":"a263682614bc107fe67de6eed6bd2e02a7225cba494c307732bb237bd5fe2e5e","sha512":"7377ab397d9ad4f74c194429c95372d83899fdb831cc2d63b80d84898be9b14e6b43889470ac2b5ef017989e5ab1d3d24b74dd461c9781c83e14dc9ad37b7b67","ssdeep":"1536:0VL7PKKoeF5SBEVL8FqoDceu/+6ab00LtFbsCbE7pr:IL7PZnqvasb0EtFbc71","tlshash":"3a73017c44e03055ecfded5b329f20a3ca3863e258d59e88fe79099d1cb6bb8118b449","first_seen":"2026-04-05T07:31:10.868394Z","last_seen":"2026-04-21T21:26:35.589187Z","times_seen":17,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":287,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-DtyOsLF2.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=7sv4RDxlc.MzjWDZO_PG82BDD7NLz1Shq9ljiIRYJiA-1776774134.9040303-1.0.1.1-zWGp2R8D4hsGLy7XhUkIJoZgVTVlWwfRds4M3SrBUU1cjSmBtPoCgZGbTvn.GUhveJGEHSxUWkYikE_t7bz3F9yWB3uTMYp0Wt8z3qd7PxZRyTv.kvMTXnmQIlmp3Sgb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nmeW%2BH7QVGc5B%2BA1p3kVQJvfAZvzCctUNDX1Se8AZULT44ArTh9xXacMlOPzvjrjl%2Bk2byKcWmv%2F%2FkEAFsaPUmcHaVTzYRP1y8PgMI7NoJVi5r6oaxkB8Hnq8NJ7AuANfGCk%2Fg%3D%3D\"}]}\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3c8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8acd3f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (548)","md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-21T12:34:16.186009Z","times_seen":2,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Odometer-BwyieHyx.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Odometer-BwyieHyx.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=RPMk89e0jEUbrIs02.r0iN7btxvHEyEFHYvi.nG19tM-1776774137.5344002-1.0.1.1-2AY1sll1m4KSw3GoWAefTLBxIl9ys0Occ.MRViwyji_wZGa_N4XE7IkMMG0N7_seczio5zIHg.UTVw9dG8gs8kYUUEtIZeI4zens0Y6Vm8QjnxYgw64m3bHp6nDS8ZAr; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:48 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vueqUjT3lNFwajeQN5DDelNl9%2BU2geK2pQptDNvPldVGHrbqnVtatdYlZaP6%2Fl1YgVw%2FnVwl5M0m5vfXuWw2VZLtq08CroKzIIxTWYzrTm%2Bto4hB%2BYjZM%2BsqsAgzUmaeqEg7CA%3D%3D\"}]}\r\nage: 689\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3d08\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d78407131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":15624,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15623)","md5":"4391e11450044a64634e667e65421850","sha1":"369ab405bf8b6c319b392f1eea1ede16b741827b","sha256":"56c55ac8a2292f88dc7a5439ee70abf3e6a2531b136c500b37b537e9e6b8332f","sha512":"571964e242a4677bd28b49daea908c06317a2ba230fe3d269d67b08d06414f9c0eed7c67ea12400fd470c6b56fd128959a8d63fca23fea56a632350438216cdb","ssdeep":"192:pd7KNJtQak5S0CGvDF2pXAkmkxm1HjI7kFuLPH7BNeqYpkYaSBpC7Tl+ea4PBD:+VQak59CGbMdmYm1HjoPy9tX3HeNPt","tlshash":"456219897922723443a3b1a055bb4609773e9d6a3c08405db67caeda7e32c19d12bff1","first_seen":"2026-04-21T12:24:48.850802Z","last_seen":"2026-04-21T12:34:16.312592Z","times_seen":2,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalSportsList-CG9uv7Pr.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/HorizontalSportsList-CG9uv7Pr.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=HS.EuzBUR3wiTkheDeeBf.0BG6UEaLhmDyqGx4sfJgU-1776774138.0907378-1.0.1.1-TCsMD8QaYBaVdpCo5od2qyHHvlwFEqjHKDcHH7jibm2EX8gx0MukLc6TubJxm0oIiIRyxzYDQ7VL_wepqsVo_uQB1W.a3YisivkabOKuMB9EMdW80jsX458wOyHgMe0T; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mOaWbHPa8sc6%2B%2BjPjOoHHaI7Widhc4kjyz1lGK23jgBhPSGkfbahRrXpAmPigFjWuKKcc8JeMcRPykuWOgvG%2F82iHqzFmQVo%2BoYtoTEwRsmH2Ne%2FnM5Gwimk3gW00tVZlUeU7Q%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d986e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"753ee192934290df27bf8701176d7761","sha1":"a8351c2e49e7f606ff2ccb7b00307c786af579eb","sha256":"a259f018ca326b43ed4403a43034a162faac3428e5e88c5154a4f8a32c608bb4","sha512":"c31bf1c798efdb234d594b705bcc3abff02e6dfe7871e3341a8078587775f653c52139f56a902545a185b509dc720f32b410589ce938d906b519d11b7a5cd918","ssdeep":"","tlshash":"8ce02b85d8628ef46a2a88efa95c24c46153057cef566a71d2a4921c1b7408bf66940e","first_seen":"2026-04-21T12:24:49.035577Z","last_seen":"2026-04-21T12:34:16.204886Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-May5T4d_.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketSlider-May5T4d_.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=X8rxF1dIlBazxnOciWKLgHXSycdwvJZDb8UOsJRgv3Y-1776774224.2779293-1.0.1.1-jQtun_ZX6gDKrFHuqH_1e7VLiO3qugCgkYHfj_qUCtEJV_vfHFtoBx2w1DDzCuoWDYXsJZCgNY7qFLfKg7wp86W7Jx84HJVbrSgaMWwwafPIel4N0b4sPX8a3VfBlrDG; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZKvgg4hAdDbndJGR5vrlB1QLPrMNy0VMGXjmiveILSxH5fWjNtJMQcz3aNp2oke6a0%2BC51c17%2BIrHre%2F%2F6ia9CyNT6TeSruRq117TdqSd0SDcQw5st%2FG0n1fM69OxBA5Z567Aw%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1120\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459637131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4384,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4383)","md5":"feea55c67b86227b96fac92790da896a","sha1":"1d76497c4a47bcd68cade47f07b90dfc4a31af93","sha256":"5ad5d6cbb54b9abd12c813e38b1885d8cee4e1fb39c4d768b6e94424281ccecf","sha512":"84ff6cf0d5307e322ee2187c4d0b3fb90d061d44b14d08c5a7dbd840e35921cac28c12c8ce7317cd30d6bb46b01382268ea12ba41350049915a3f6b7042f3208","ssdeep":"96:GeHcJa/LobULY+sKOqG/RdMZTuwZctcmXrc1IrRewlUmtRbOLDv:1HUa/LoAhOQ/ctXdhlZt5w","tlshash":"cc918888d039c86471698cdee1376f13a2703973ab7682d3f05b0db94364148d6aeeb7","first_seen":"2026-04-21T12:24:49.03677Z","last_seen":"2026-04-21T12:34:16.253259Z","times_seen":2,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/356/712567.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.379Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/356/712567.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_5a47f8b9a95207a9ed5bd22679a22cf7.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:48.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_5a47f8b9a95207a9ed5bd22679a22cf7.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd; _ga_2CT6DSEQTF=GS2.1.s1776774226$o1$g1$t1776774226$j60$l0$h0; _ga=GA1.1.706332008.1776774227; ajs_anonymous_id=bf0cec70-e7fa-409f-b157-cabb9fed5633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 100426\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 10:21:48 GMT\r\nset-cookie: __cf_bm=gdm8QFM1DlBY3khMWVqxPJkF.Tc1tKdXxSqfIXvVIi8-1776774001.4383688-1.0.1.1-gqlac_7eYTygBl8ZOl4n8y1Vz8lJLIDEzAEMVm1Gpd1iVH_tM24MYOc.lGNDUme.G_wDz4lzi_Q84yiMZ9s.FKl1Ul9GPyizz4S7QYlWxt2witfpmozSlk.dsDvBCqSY; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:50:01 GMT\r\netag: \"69e74fbc-1884a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccept-ranges: bytes\r\nage: 6515\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sl444%2BGgyA2cGvUWLXG9lmqTtLi%2FMPSoquqEd7mqX0MLWxkARmjU0jSoYZiXAmGCOg3THagrw5PaCBXLBDJ%2BX61UdoGikTGGmMGRyjMjtSpR0PTIfxTVZyGma8FAkWrujXB%2FXT9zjQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5cb1f93e7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":100426,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x738, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d30c7a552f5c5a049f954b2f816c3a99","sha1":"aec9e874288c5e36d786063f7e6b4f319a6456bb","sha256":"33c93e27b34ff5fe69fb681f886f19e379e252ba1a749e295a83dc14560b655e","sha512":"29c7a7c38482e4eaf13c75ec50f1bb5212ed60a735b446400af423027dfac472c31a270ae4def929abbb17c522a600b82c822b01589dbf16d2ee19661390a899","ssdeep":"3072:juvt1BhT2tcvFNMSJpy820akYDJuKUTaB:juvt1zT2tcoSJpy79nD8te","tlshash":"a2a312a34397c3bbeae281fce791032b70542147dd9370aa37bb1d12a295f964b13e14","first_seen":"2026-04-21T12:24:49.038232Z","last_seen":"2026-04-21T12:34:16.294677Z","times_seen":2,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameSuggestedEventsWidget.DT3sdmgt.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget.DT3sdmgt.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=J6C.kRROwosB6zRiQKxmtqJdgYO24dHG3N.GmbDXl0g-1776774134.3939114-1.0.1.1-q3FB3Dn021h5sJIW7tbBvQiIGl7qkNZvd3yiDdvDk_T.V_eXi3.hTUGWXaVySwD6l_47twKmJJKRMqspH2vrwb8tviU2oGKCFXkPiN.BSm3cFn9qDSYc54hyP2Lz_fb9; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nXbNFjjLqCLw8h%2Brsv8i%2Fj%2FPcpKN6kp34WGTBorEa3P3NvhCj7bISn2nklVVXp2OFsw7VgZURH2rDox6FXUPd%2FtJFkMaK2%2B%2BvdUqrHQ%2BH7EJMJ4Pi8C1C11SLv8leMydWMOopA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-202\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c89cc187131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":514,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (513)","md5":"b01b938288fcf859a4a5ed01850187db","sha1":"9475b503164c6567f33db7a53919d8dcdb135fc8","sha256":"a4281a5b8b36d566538c2ce2426521cd8cbdc4e125163389344f051ce2d37a59","sha512":"311f141bf66b3227454c52f662427907081bb8b403f4e5ef33a75e1da919f589c5e95b329790dbb87148a16dafb44e5e460a3b33cf1482d0ed89914dad93b5ab","ssdeep":"","tlshash":"ccf02b218e21ac3564ac03ad2a77001a5710e195bc1039f82fa1bf058a047e50cd82cf","first_seen":"2026-04-03T20:51:16.025411Z","last_seen":"2026-04-21T21:26:35.815451Z","times_seen":15,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/660.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.714Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/660.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/985.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.734Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/985.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=jyK6FjsBUOuQMArerFTC8S3nuzXeI2FVscw6JQ.Td1s-1776774167.2263126-1.0.1.1-iCatAGQaSb939lUNsgOkYGBe3l8NJGwQ50EQsLSpY9DA1NmzSzWF6FR.kT0STeTAQ3W0r9Klmfxrf.J7792jSHuW.Fo.j.oiQ0fgquGMpsGcxgrsNiiIscWbooqIK3oN; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e64h1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 21 Apr 2026 12:23:46 GMT\r\nexpires: Tue, 21 Apr 2026 12:23:46 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:71:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:71:0\r\nreport-to: {\"group\":\"ascgsrsghrgc:71:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:71:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 157066\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473476,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"640bcd967bc3abfe8283042becd249b1","sha1":"c952d46ad809b16c676714a7303d1758a4e29fb0","sha256":"79d2863b9b2cb39a600d5fcd08cef79d44ca0f4bfd6c5c7d10b57f0e4d104963","sha512":"a0545a97f4d4f4ad5d6ce9fcd17bd242c79ff4ac9c8ab039c968d0b4dfc8d6263785b64de0342147b8c21f8bf3a3447cbab7c156f7446ea53c9240202cb21638","ssdeep":"6144:dvOJjJnrVZu0Donyo18z25leYiau0XaOU2Cs+KUFlbrU:2nrvYny088dyls","tlshash":"0aa4f8ceb3d674665396f478903f01cba57a28a2b44cc89af189cce02d7465a4277f7c","first_seen":"2026-04-21T12:24:49.04023Z","last_seen":"2026-04-21T12:34:16.326512Z","times_seen":2,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M3Y4A1QHP320%2FDLKYuPgf4LUL5kuvujPTY8hc7CkVlSeuovQtQgy7f4MEr%2FCX%2BBsFjqBxCsbDsGJyZPO1kTu51AQntD2NLpQMgOllnzH7P%2B9lQ%2FlbPRtpnJ3L1DZS9qhBFZsqA%3D%3D\"}]}\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=XnuQ4AV831qp.oll5exS2uDvwRBKL1DkfHHo3CMp_.Y-1776774099.8254232-1.0.1.1-cU7tNi.WRyyVNfgAbUYCUap78k4Tlf_iBgXhfyIbStbefXacKzH.INORdn_ThgwJJvJBghMaiSIDvRH.WJZVl0utdb8IX8QgJ9Yupx.23ZydiU99Bi_0uhLVo_zwaPai; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-b2\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c884a147131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=4,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-21T12:34:16.341909Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C2pyJjPN.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=r.WzE1ZDtUNEuWiWDQy5jPRaL.qDi_lRXanfty_MIM8-1776774135.6849077-1.0.1.1-NQTbMEkFrjGLoMq0tPYIi7tGsu.g9zFpLc.iG.rryXl5y9Ra1zSKu3W2m9m55BGr1SuQbfjYqQG4mZ6O2E5KlVLG4j4y1yOMEz5hDoQIMh0clphYw6m3RnyRb6tqtE4.; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2B1VGDBeweHYzFNQifUzXwUz2q1dW692axzIXNdfsPZuelJEke3qGcDdoAKHkou5E3Z8njC8m6FMtffZiBSXZ%2Bw7EPTsJYrPin2e2WSVrVodmctyZZX5KnU%2BX1BxnhpeytylhQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-e7d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed707131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3708)","md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-21T12:34:16.221159Z","times_seen":2,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/gameDataProcessing-DhO6G1u-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/gameDataProcessing-DhO6G1u-.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=rQow36hCQYLS_OTMueW9rubAUxSyzor4e6bVK8SqV3I-1776774223.1925576-1.0.1.1-BD._J3gI4TMPqna.eii4yUGmitbYZi29JBEAu.dfJCkAQVp7V6llqi_tyrE9_SgMgSDVcZNZAGvbz338AGpoP_BZsFNgK3WG.LZuCCKgpysfxZsgSRs5XYeJ3RfDYpcM; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a366EZDtNry3SBHX6Y2m5LqhT959tnC7gA8O9kjHxK1yorgiTlA%2B1ps2STpmI5tJjRjBxuSjG4Ur15V%2BuCxbaVj3QIoR0rYhcr7pS5HNhqTWRBpDGxStH6l6uI5kPf5vHj1iaQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-436a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d986b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"7d92add8b657e8ffc36532ff4e0b20c4","sha1":"ea6fa4217eca2597ce402372cf1a9c46d02f8258","sha256":"0f58f99cedf29a7eb280f7965407701e051623228442c7c65cdd239fa5697536","sha512":"01c712a4594347b2506e51f0ae0703c892fbc95b5577941162783a1351f62d19c10663715fae7ffe17a3903efe1bbe02ec93a7704db0071e323e7654d0357c42","ssdeep":"384:9wphrrZxhxlVz12awqhvTXDsB4Pzenac0aoK4A1n1:9CptXDe8Q5X1n1","tlshash":"a572750b8a024c12c97e4639c0ae15f1b9781b32e8b8cdd11a555c7afb5fa5b31e1738","first_seen":"2026-04-21T12:24:49.004569Z","last_seen":"2026-04-21T12:34:16.187578Z","times_seen":2,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=324.0.2.32.102.113.2.3.2.269.2.9.307\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=324.0.2.32.102.113.2.3.2.269.2.9.307\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 1902\r\ncache-control: public, max-age=600\r\nexpires: Tue, 21 Apr 2026 12:33:44 GMT\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6221,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (6188), with no line terminators","md5":"aa9950607fa2e2476c2ecda88ed222e7","sha1":"7a7ac11cf318bb7dfac3abfebe073acc6abb881c","sha256":"696d89b921c2d196195ca4819ba890dd572fee8b701c3f8de527ced03610af63","sha512":"10662d79a2e1f810350ded7f60a3bf23160628856724a09261e42c077465de3834dc00a0b51e1f42de8a35fdf0a8d74159af5735d674268eccad11ef2bfad27d","ssdeep":"96:80hUsXhUA4hUwhUcaDl3acJst017gWrZN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGJDTgSZcqQ1Ih6iKn","tlshash":"96d1742a834fc8bb7377925a62cbb70f3508507da5f8593fe464ca7062961c7d202d9e","first_seen":"2026-04-21T12:24:49.041437Z","last_seen":"2026-04-21T21:26:35.588355Z","times_seen":5,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipButton-kdf82NBZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=NurwlHEcXIOg.HiDvdfCiXIHZd708tupAO_D8T_UrFk-1776774135.4193406-1.0.1.1-j3fOQmHwvxSenUNCLOPlOFy.Nemc_2NsnActdeqht3113xJkT9rTD2LeGSWGkB6WMuw6Y8NsCGYFKsNUOcBXo0TG0FCEobFHfEfmh4nCRDscM6lXN9pVMTnI4c7a1D.r; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cjncap8aUowjSkJnQtf%2BvC0SjD5fY2WzixrXey7Oz11V6znFKaueslAq52eWZMopp0cCAS09suB%2FKkwqpIrrOsoVH9t0eNgL0JuD%2FXGMTdL55t7wKQFtf4dpT2RB9c5f1blpIA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a2\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed667131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-21T12:34:16.249298Z","times_seen":2,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/ButtonWithAction-DSAfkmWo.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=5pXdNzo6HVWDhaf1tjuJ4r2S_CqxzW5XLDn8ll0ysPo-1776774135.3317273-1.0.1.1-IrDzYRL5QqHBEPcJ6gbHDUMn1kf5x9awwIORecP98ZP_5JIluHKO5GRei946D7jB30HDvzEvFVfuSa.fr6x_XzNy98FQm6l5fvcdyLmC2_5cMXTHPAYANF5U3ifKXSXl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MXDf5Ayc6ZIP5wHn%2BClTuPmV%2FL5xfjYwa%2Fxp9cIs%2BecDCGGNzvUkvZFPjvk0lYn8bqLc0OPTlZQYUhxMlQgtER8ZSPIPYnUFidLdmRW2XH4gntUkgWSiuxHq8pBulUhN5z0zXw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-10b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0db57131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-21T12:34:16.100563Z","times_seen":2,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/events-1g1c6Kmi.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/events-1g1c6Kmi.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index.es-BkfTJV0A.js\r\nCookie: SERVERID=s2; __cf_bm=W_ESe7cq9Fv0bgLy7BcqmzoKOkmS_.YcrcAi_ZTg1nQ-1776774134.1904767-1.0.1.1-Wg7ba4qbXwegh87x5ZCjAp1gHFi7HgkuSLCndALpQdE1ZfDWFP0GB4AgqQjJ81QhwGjJTCCqj2um8ZdAcXpsy2s7ExEHytELHJ7kcghGoKSYiRrThTNQxVHadFHpDoFV; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=OCDLeMgK48ttUyAXOdzzMw8VBpwWlrCOL..ceSRtFqQ-1776774132.9865928-1.0.1.1-rNjaNjF0KSo2Xfc1uodeJFTYw9Nrh2I9WOLqqTG0HUzZTqbt2cEy._diXyd0krAg3tCcIsHg6VFbk2w6HB8KRplxij5G2.hOv6gVctDF0UX3Co0eB6O.8AVQEf8h4m48; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:12 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QeNRlUwdE%2B6YmscE2D17EzFBzaiPLcNCElfhjTnJGW%2BejUX9ERZmKUz3ScC3Gc43IjZmGSle58j%2FZee1EokHfQNUNiXdShaAJJGvtUf1Xw4wGHIxC372bKU%2Bd0%2BKEiBr1acejA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-17fd\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c1eb37131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-21T12:34:16.173407Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/1/3219.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.179Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/1/3219.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useNotificationsProvider-CDjHBCPZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useNotificationsProvider-CDjHBCPZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=XJyMKXWmSjHY5tK9yCMQQ3y7cTZIF1Css8Ws1VBPgTc-1776774223.256418-1.0.1.1-81xTsNzyujPrOh1Uu52cK9Lh0Mr51NP9yu2MMn09B911leBAsjrbhduONEyKg7UeiVIu5gYe3V1cCTT8myYcUjMliWBKzRRUwEyWN47a86GHktxVvUqB7JmffAYN1WoP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2F5Xw%2BeBtI%2Bc%2F%2B4d62QoSc3BP%2BTCfgd%2BOe4FpBFwUv5sN%2FkpBmE%2BpI7CSqJ9fq02yLzL0ruoeDqwQRqMArWN9buTkgdYSvsF%2Fl%2FM79PHGCB80fktnHHdS0JK4CAUVmouHhdiyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-5c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d986c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"a0704011931a5a01bec0bacba061e934","sha1":"347f1557de03029cb7df1dde97a3026956a3d89f","sha256":"b333c15ca234db1c66b1abe91865568ca9bc09da01cfbab8a9d40844156abd7b","sha512":"5489c10972ebeeb5f7c5d669c7f0611717f8b481d5568f1d16a8e5ecea9c79033d38bff972bb98aafeed060467c6c3d146de309071a667442a86f837962e9961","ssdeep":"","tlshash":"87b01217044143f021020cec011048690732083d37419fa00034010c12e4089830ed16","first_seen":"2026-04-21T12:24:49.044228Z","last_seen":"2026-04-21T12:34:16.17685Z","times_seen":2,"resource_available":true,"data":null}},"time_used":385,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":385,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/usePriceChange-myueINat.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/usePriceChange-myueINat.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=V4ogyhoZ6GVTkOQ.A7Xjctrk4fKu7qmxDXKqJY4YEsQ-1776774223.2632723-1.0.1.1-iXvxDvLJEyC7OJNmQbcGbuKqevRsX_fNT3iOIZ84FDlNXw2ps4TOqXbaGB8oOWSe.L3wwmx2.tJktsyFNzzV6bNP6Dpw8divCMORW_cLJAEyrxIvIzqJf_yeSUnaU6IJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kIBfCMG%2FMIsBEN0OSlE9nDHG6rr1hQLHBwYgHzs6LGWLcMLc4h44wI8Q6eWDJAJlEPNr%2FAqbkY4kpjy8ClUUcI1HFfya5tbk%2BHyNFgtNQZ1YtxieYtTO9McM0U5kiYgEHLMPKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-1d6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d987d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"4295f4c6125344dde02e8b6937f94a4d","sha1":"f1c4952e3da24d3fc5cc4539d0a24cd3f6a7b423","sha256":"f938915b888a934d449471981f2d0496cdf2b87214d09b96f2027f561814e1d9","sha512":"f40c16a008b3d9f9acfce3584d8729a3d1a8b20de0f73f0629682b64621d51c7457b411f0573e200597be86b87c7e9475166fb21d30677c0b16f58e9c1323420","ssdeep":"","tlshash":"f0f05cbd14901813545f0cc4c26485971fd126d56bbdc31eb230882d37589af06aef6a","first_seen":"2026-04-21T12:24:48.898294Z","last_seen":"2026-04-21T12:34:16.277321Z","times_seen":2,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-BVrbva_v.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketSlider-BVrbva_v.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=d25PvRGIJ6mYmUK0AZqtyW_lSeaNGE2Fya2_RiEaeS0-1776773848.264881-1.0.1.1-.d2pZIhMA5__uLDxRY687IM0Ahcw4UrRlk51e5SSBvLcxgwL9SPtuGS52xgitlfeAynQPD4M9PMVxH58TOI_roGrmE.s.kj26kY8pUxbMqjS0IX_k3Rdhq6i5dNhZmMN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:28 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:16 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f4OCb8EZ5EpjAPAIfeBuv2RQoEWlWnlEHicYA0J8SyIhsR3OeUVqGIii%2F80wN%2FJJcPyCCrqG9hiXRKMKRvOQMK4%2F02xUEB%2BWARjfrC8AAaebnASpsxTgQ7oPPV2j%2FsNLslqeiQ%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2bb\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dd8c67131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":699,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (698)","md5":"4e46f6f2adb9e911987e05d839d0789e","sha1":"258094b1669b4c50fb6c694fca472ef42cf28306","sha256":"0926899db74002bb6a8a6ebfe890d69d802b2c6a0022f09f517fba863940c2af","sha512":"6e47510400dc885c5a0f2a654ade997cc9cb93f4cdf6ae5ef955d3bc69fac22fcd375a6340cf80dc03a17270b7a3ff7edf00867b3bbfbd3e8c004d51f8c821cb","ssdeep":"","tlshash":"7c01c0cef400c67982a5058ab2b5ad4017382595b71091f0b07a0ed55d60c8dd2defdb","first_seen":"2026-04-21T12:24:49.011851Z","last_seen":"2026-04-21T12:34:16.223772Z","times_seen":2,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipPossibleWinInfo-BODkpSVE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipPossibleWinInfo-BODkpSVE.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=CTEHfZpNFB.cLzUI2Embd1MdMSlZDRC10NJRsBKAeug-1776774138.179763-1.0.1.1-PBcw_HSAgWhJVYa7N16PiFw6yY85TkiMzD9NdZtnIDj0ow_T6y3myw5tn4tZt3_hUQCDU7gQoitRIEIIrNP7Ey6FD.m8TV9K22dbe0U4Y7pP7H2SdQbRiqJ9sMMP4Qc9; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lW2Km7WC7W3zc6mfQWXTae6Ef3yQtfwFoZ0Apr1uyWhIBbdNVjtBiWJbVUUMMbANSRgV8HP9ACubjoSy9RQuPTQ1XwPiUlIax7fLQa7BBa4eebXaUSBEv9%2FbC0tcrrsZZWAbjQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-865\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9419147131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2149,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2148)","md5":"aad3864d0ced213a2758771417e96758","sha1":"3ab8f87457930f5085e69132786768feebbfa6ce","sha256":"5d319ebbbd4232944ecad0beb30af546e5a9cd6367fecdb61c66420a19adc6cd","sha512":"c8e861d73d9baf2bb62c4cabfb0428880c35ca3e237b7f77012872039caef4369336ce736cc5fb5821dae4d981c3401587ea579086013da48f9135d94aa52a78","ssdeep":"","tlshash":"f0415a11b414cbfdc5720dca794d1134b00e2fa0eb69a191e0fb2e2896bc9d67641ecc","first_seen":"2026-04-21T12:24:49.045458Z","last_seen":"2026-04-21T12:34:16.106726Z","times_seen":2,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketTypeFilter-DYMtYos5.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketTypeFilter-DYMtYos5.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=A5X21p1eVwZPgrCMqXKhOiMg4L.oDL0HkRkfzZfnZCs-1776774138.2427402-1.0.1.1-Y3.JpxYkmkZ607Gc2Kslkxd.JhTvBUvvOAluusIeYSdMCCrOPH98PH6IjTlf9Al_78ch74rEDtnmi2RDVHt0cw3kb82P4I.5S0znkfYIbLu4ueMAALOfLKBy_1osSg6c; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=52HJc%2BUyKX1ceY6p5QNbJbRLxfXNnVkKJYiN5FIhSfODvNIZrAaIg6roXfzlYU2jbibnEmJWYJmMsC6ewGXBbJoruEmtVVpz6qCPelpmHpoRQQF7HtmosB925BM1ZdPSwmkI5g%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-364\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459497131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":868,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (867)","md5":"7074c405da51af2784c9d5ce70baf5cc","sha1":"efbe41e54689d7f18787107761834b149899441a","sha256":"cb8b582f9ed6b75c9bc799db63a35da824375198dc5b44900528598979aa3e3d","sha512":"1d5c5426845c3d7d5fc07c38b32d15116e3c041d8d6b644c4daa6caaf9d5d5b3fc06ab7967c185207c9ada9d4735e41d6ffb5772564485e220223a826337c6ae","ssdeep":"","tlshash":"af11e345f744e3fcf23b1dc8c56d481853110a989b3946e1e02d1e950765585622ee4a","first_seen":"2026-04-21T12:24:48.883577Z","last_seen":"2026-04-21T12:34:16.251221Z","times_seen":2,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/css/fasttrack-crm-app.css?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/css/fasttrack-crm-app.css?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: KYO5WRDjjhiTCKDvpfQiocpWlm6aZ2Pd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BDd5bkPztDFYzkuULYRsAolSfeqeiamhhZs0VKzuWYV3cCw%2FyJDaEQIGgbio9StOcsg6h8SuGSyKaPC1lV1%2BrMULqKzgNzZ5NB1AOWG0vms7IFRVpyo2TdGB5z1YIg4aMjgfZJM1kkwqvPLZf2v19DI%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: l1oFFaeoKfu5aaN6Ne0frk2uz15eEbivRAlr7HsvQB_DrYj5LOxvBA==\r\nage: 709\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"7906aada543698dba1005a917ffae2a7\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92eee01a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":27953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27953), with no line terminators","md5":"7906aada543698dba1005a917ffae2a7","sha1":"7f00d6655894909587fe280ebf09bf57f66b4100","sha256":"5e2a69854668603fcd556f0b8a3da306e3de6d5ad4dee7a9e9a57ca998269d76","sha512":"262f19709cde3e7abb7bb6d9724437b042fe626636083b80376e35a91d1ea9b39aec82463626711cb60a8c516a1b909d53aac644f056e77929e736fed6d1706b","ssdeep":"384:cFukqharVUf5rKbHWkAB1MG4TmpcHyH3XHZw/XNPalHfI:ckkqharVUf5rKbHWkAB1MG4Tmpc+J6aO","tlshash":"78c2442302c02288ac2b892b73d50599d93ec836651b6dedd7433955c7cb77e3a6b34e","first_seen":"2025-10-24T22:03:16.572036Z","last_seen":"2026-04-21T21:26:35.749344Z","times_seen":100,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":74,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Notifications-w2cxzdeU.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Notifications-w2cxzdeU.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=YaY8cPSqH034Tn73sTMfKaLxTmIjGLfnyHiUtKNjtE0-1776774224.209506-1.0.1.1-MExmpho37dPfweIorGGf9vbmkON4XhjnaIc5WxIlta0J3tU2dnC1OO9uDgAzRz8JKdyHmQarCEQj40EjUPSLQKkxVXdia1uHNTAhO8n_QFJRvKvg0mb6lLTlnH2fcF.B; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8eo8NOhN6wRWeiJ%2Fijpwtywhutt2LH7HTEnR66IgC6GaCBgJtuwuM%2FwiKRI35xi9T5OC6RfS%2F1kKJxdg0ka9G1w90F%2F9THh96rUG1ZCLteWf1yIet5OHad5C38htPlRMoC2OJg%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-458\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94191c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1112,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1111)","md5":"1daf003af42fec8d9b9896dcc6f6d3ce","sha1":"d4b08dd14ef567f8d8aaefa2416515655f18fd33","sha256":"327a7a6d6a1d59e3cc8e1687f32e8152027ea7b7a71f9c000a978e673ad988af","sha512":"fdfecf058159d80e76a6018f3172ddd0c46c47519a1163c01973e969d2c4ccc962ee1a68c6c0921150910f3b7a098f02e02f1314b53315e69b16cb9ecdc29dd9","ssdeep":"","tlshash":"652163df6082dafc292148f6432b2a32703708587939481602fb1d2036acb0ad65fe8d","first_seen":"2026-04-21T12:24:48.92823Z","last_seen":"2026-04-21T12:34:16.297738Z","times_seen":2,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemStats-BXlmppzY.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItemStats-BXlmppzY.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Ia7GYofTY_FT2UgwuPZM74RH1cC_nl71zId6wL8_FaI-1776774224.2594314-1.0.1.1-0ah0Yq9gbCClc21llfeIBbgv4UCu6X6oPpN.ByOue.xIAMh3RwwMol8eP1vPJBTBAHBxpf4My1WedCgQDfQzbt5O1qpdzVJlTVdKLUK13pIACWxSkIvrnniua5llvLuD; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7BwowCLOEC%2FWUQjuW1AgJy8AFX4lknmrVh4r42JamUOnyJrAokZqJXZzREc9MsOWscEWHk5%2FrrClnbPJL0eKY4gMOy2SkckM9M4662bpwE2KQ0aoXnyQB2rPgNhrcaDSMWHTDA%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-114d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94595a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3870)","md5":"5a6ad4919fb9e228ca0e1d839135878b","sha1":"7bc35eed27701315327f9b369ed74d92e7473911","sha256":"c88bc939f2174cf36b70cfef1f47432681161624ec76321a8f91aa62c701a279","sha512":"5ff28aaf23042d2f240d46fff8c7632a2b09356f3400d0093ad4651d1453d9be7abb4bde81f3c6a0f8176d866f13fb2964bf2d8b002ea6a7bc4aa0990102c9c9","ssdeep":"48:jOrkT/A1GF51Nf7/89lCgIGl5SLsK8vCK5Jx5fTYyx7XgxYzm9/L8umGus665LQj:j9A6Nf7/8jC6SoK8vCKfxay9iua8kQP","tlshash":"a791a69150745bad753d0cad659faa00205a072cee58caead5bd1f2e326c04e7337f74","first_seen":"2026-04-21T12:24:48.941466Z","last_seen":"2026-04-21T12:34:16.166516Z","times_seen":2,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/logo.png?v=1773142319","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 11207\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-2bc7\"\r\nexpires: Tue, 21 Apr 2026 12:55:17 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1619\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=j1W7gspc54AQVUSP5jsAYXg5NTNBFMRkl.Kn_jbseT4-1776774136.6624072-1.0.1.1-T_07_uKajHM1A5w20lt5TOdazX13xp5v57CIFRYeHi89WU2jWaK1Ca_HTfP6sc9UB5nlNTzrdx5y_fXlKV1G6O0vrl7xS60JCdszKgC8n_xwsok4NGWK41YKSkk2YmYq; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M4QdwKtYcvBDbf6ZkpxwvZSoFImHES86%2FA6GU3%2FYkQ6POVZKTaGOYqeHtZJnRrFIJ%2F%2FtENnFVTgowGT6mrxeopDPlPduRcfEE4%2BFUFO0D%2BTt1oH93vRX6E%2B9GSkWJ1YojaDanA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c89ec337131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"07435eae1f792873123ceaf56d03e8b4","sha1":"2d5bff4e74f8f098fe27f5d0883b4b767c57cf3f","sha256":"db6d4b5791fea04470cd762db779a812e6341957340b2a3a3e0832040b504d29","sha512":"32311cb25314e3a8c54bc7a486b5e20326c096413244025d5419ab254913ec4d085cac09dbf3c34939676903823dd30bee4a1ca1cb7f3d82d9215053357e7696","ssdeep":"192:ymSi6Gmmerb/9e0bjuq8eiaRTUaTjJJCVogmgjV3a8i0NCmN:yJi6GmVViZliUIyV4gR3aoN","tlshash":"8332c06b08f495d1b0046f56c266bc795590ee663038eb119cac0c77c42bff63797e68","first_seen":"2026-04-21T12:24:49.04731Z","last_seen":"2026-04-21T12:34:16.152977Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/default/Roboto-Medium.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/default/Roboto-Medium.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 73924\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-120c4\"\r\nexpires: Tue, 21 Apr 2026 13:03:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nage: 1143\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=tm3qyE1VLDdP6HSFrCJ4Qqo8OxquHVrTDoeemuqjuio-1776774164.9168658-1.0.1.1-MPPaANhdLSqWIN_3SGsG8g4ak3R3Q8XldS7oVwvg6A4kbOixlcH.ceHfH.JfNaUTKYh8A.J_hhTnaVasKYYfouYNvL5_5bGFDTLoQVtGp6K.81_vvOc5_PTSOyFjokGl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZ64I5iWwDrcIjyOj6KCdnrKla87cU%2FQxmlYO2TRHp5XNoKyrze2SiRIzOGmmwu8B4yHsR%2Bn37bcaUUh4jM7CgXhmCp9dePf17HI%2F4BXcIbm%2FmDQVOE19b39Qgbj1PWF5RQi0A%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8a2c6f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":73924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73924, version 1.0","md5":"582c115c3f8f2e13a2c97e6826471c80","sha1":"822180738ed9ad4172d4e8354b81ecb2f7c46bd7","sha256":"9942fe6fe9ded7ab37fe4760990b57f5f43cebc438bf1bfe139c8b508acd424f","sha512":"03b3156c154922f4735e7b828d903c3400b320b352dda9ddb478786d8820fde8e9707cbc45c5e1282059994d65ead8e4987f249afb38534dab27ac59099c6f58","ssdeep":"1536:ckbrpZ5asBRVQFvoMJapYaiDKq4OevyyuZr47+uU76etJD5S1zYItyh+SlOUrfeZ:xHT5dBsRFuWKueK5r4SuU7DPS7yOUtRQ","tlshash":"a673025117a10b2ae42d1770187ebfd421af013ea2f6a2b0fbdc958f6d795bd0a74311","first_seen":"2026-04-05T07:31:10.885369Z","last_seen":"2026-04-21T21:26:35.607179Z","times_seen":15,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c8f0bf30731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4368,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1594744c430c14575dd987b06663f8af","sha1":"6ae3a00b9045083fc80dba950b908f9e7513e211","sha256":"db922d127c83813e54ac9a7e4fb61318bdc34765fde199edd3859da07f9b1a04","sha512":"6dbc4888f6eb430e5c148b063707a5488e01f7a4ffef184ac67db37cb847c0d69eff429b0c1bd3122ca4b1594229d6f4f600497011a876d5ddaada4d1fb9569f","ssdeep":"96:nNSNbh/YiOQxX+1A2teUB7SOMVMrhIa1WUqrZurozkhLQtwN:8OQVqfhSPbUK6J0i","tlshash":"ec9110b79f444a5e2b2407c9702d3e9c855e250bcbc09ceaf0c0cf2984f9eb967559a6","first_seen":"2026-02-01T05:09:11.282943Z","last_seen":"2026-04-21T21:26:35.591684Z","times_seen":181,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":16,"dns":21,"connect":1,"send":0,"wait":55,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6444.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.143Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6444.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/495/991004.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.256Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/495/991004.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/storage/medias/galabet10/content_751_dfd676ba86e06ae3e4db748a4143905a.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:54.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_dfd676ba86e06ae3e4db748a4143905a.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd; _ga_2CT6DSEQTF=GS2.1.s1776774226$o1$g1$t1776774226$j60$l0$h0; _ga=GA1.1.706332008.1776774227; ajs_anonymous_id=bf0cec70-e7fa-409f-b157-cabb9fed5633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 53626\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nset-cookie: __cf_bm=DKvi60L1vc2CIwSn5cs2A0P195yGKdAM.li4F4qH3No-1776774006.2337189-1.0.1.1-RRJkMgbILSb7s8VD9gAD5WVwmzhEU34nnmh71p6t6PC3DE3OG91uAZ12i42vPYuaPcu5uYZ4FQR5IR1p3I7LjVgkOVT2CESPxNzGDrq9x1HBeoPcvFgU9IocAy_.SCGW; HttpOnly; Secure; Path=/; Domain=cmsbetconstruct.com; Expires=Tue, 21 Apr 2026 12:50:06 GMT\r\nlast-modified: Tue, 30 Sep 2025 10:15:03 GMT\r\netag: \"68dbada7-d17a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncf-cache-status: BYPASS\r\nage: 302760\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sgOXvXuaHOvtLQ7uNSkFYm%2B1xNZIpqFejs1cjAgf%2BEngz6LosEXMHe1PeKk3IJCX2wSt32g5E0t26IFiDywxUGhmCKHxqRpvsTeIntp09eEvd4aD5uBxI2uc021kUVx3ys9s6ViYNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efc5cd39fe37131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":53626,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x220, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c21c56afc855ffa392f24a7baf3f725","sha1":"5752baebbfdcb318e960d3d95e129f207240d659","sha256":"2bcb9d6f56b14d357fa9e0d03bba4dc539dc8bede1625bc2685d83f2512b77f4","sha512":"665a1e4f3c696b25d3b8ff7039a381812c5f19c69bbbf75818537a000d69d8c5e25840bcc9fbd8db5a466ac663cf27ae912013d0a4f49a9e55a4824fc6d62de9","ssdeep":"1536:fHAJpKlV2M/dr1MlazrWHtLLvCU/XOIMW9Ko:fysVL/rCGrmCi+77o","tlshash":"9c3312157dee2a80542e1d6c6fa89fe6062e6e25d19dd4728f51a27c2fccb0f7c5a002","first_seen":"2026-03-14T00:30:26.838032Z","last_seen":"2026-04-21T12:34:16.339798Z","times_seen":6,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":67,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index.es-BkfTJV0A.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index.es-BkfTJV0A.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:12 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lQzhJP4jnMvGyXRbKSQpAkq3TIGlENSuZSyRso9EDgPlCnQyeYpKcUEQPB8QIA4ZZ2x9%2Bxv6TlfGyu%2F8zXirnUAJbWgbJNkWIr0VSxrERyoCD3aZoDkos2es99OhDENX4YBLfA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-48144\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c88fb237131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"14273a4e1f174468d9ad125d59fdbf95","sha1":"323ac744c931566d8324a88ebd619c69cabede1b","sha256":"497891c74b3d2f85ae305a4055fd2110ba81387895c6feb67338cc8b454f963b","sha512":"5e3ca72b4b96d9e498548295a2251fbdbfc8ce1bfe4e8bf503e340d06aafcea34b03aba178a2ae5597460018280f8783663549fb0a57c5dc072f67fff4e85619","ssdeep":"3072:bzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UBh:bz77jdU/7sJJMcvYisoljSFN1Nd6UBh","tlshash":"ad54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-04-21T12:24:49.049849Z","last_seen":"2026-04-21T12:34:16.123505Z","times_seen":2,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SwipeableContainer.BGvxD8Ys.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SwipeableContainer.BGvxD8Ys.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=msfnXYTIc6.iPWL6mqYnlIC2bvrFbnpmB.jVd6eR9Wg-1776774136.42081-1.0.1.1-o5aojM688mHQVc4FjvBUG71og_GWzGccloDLVwzk379g9Rves0u99BXAjttBT.8ZZJN4Y8I1HRWgly0RghccX1WmhOTcoQu2Rg12P_TqUMdh.QGL.x8jLlKP8g_j6zLr; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-729\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=jKGAoHymuA4v.6ijTFtwuWlBqujvd8t9Ca74KOdNF3I-1776774223.140571-1.0.1.1-SvZTS4PV6IdHXilEl2IpnExp6HKv1401AARIBt0oAWM0v.3WCsOW4JtTfnw2g39SQLBNvMUFcCF0W_lrw5xPO28Kk4gmKc_y98oIjWPXYfTTXmLCumjBvn7liYTJl9IS; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HGSDidGBwquhzqjsPqNDv%2F%2BzKt2LETYQVc3uiiBPna0ROCchUo%2Bq%2FgdXUymRlUj6KLDVwIFkUc8xyGAiT3CfsgRFVRjiINV6FPEwY2UM9%2FkA%2FCYpn2Xhc6ddlr5EhxZi0xlsTA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d3ff27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1832)","md5":"639c15dfba86f88b79bd3270e784ab95","sha1":"98caf793faaca4ef94b39a65d315eadd89edc449","sha256":"881a88d3e934410159792afe20616ea9aa03fc6aebf7c3a29feda37a78b5fb93","sha512":"556b83ee5cd37491b0bf7ec6730d353b5abb3aabc670f1ace3e0b491064b3e0b83ff05ca29b42455b01fb0ddc33f4510d073ce780b7fb4f300c7a98ee54e2f29","ssdeep":"","tlshash":"2a312144cf450039bbe2223f99cc8df80a18d9b3ea314d8f76c59886c6e255937beb55","first_seen":"2026-02-22T15:27:55.467958Z","last_seen":"2026-04-21T12:34:16.134554Z","times_seen":48,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/expressOfTheDay-DphuSM7z.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/expressOfTheDay-DphuSM7z.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=jaENwNhFOpz34SQT39gXlyPW98xj4aMIDaQTI0GOoSc-1776773847.1248403-1.0.1.1-fUIMp4fcw9JR9QZWSDuS6k1vcSNsq9r9tLbp5MGHjtnwgXI8quDFZf1Ixj99R4CMSCbe4yihDFxnWoIml0jd7_M..4.7ue5YFE6BoNzzdiNftC3ejjw2dA4fPayL6FYY; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ettrfAnnqKy09tLWmCI%2FyALDps7lsvu17ShmqQb6spuzbIf94G2Zw%2Fg0kxDjc2vu6%2FiXiHHcJN7KPAd%2FyaBeG%2FS%2BQmeVl8wkuSA4XNa2zft1Rgx1YidizrnkBOcxH2k36F81Dw%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-30a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8db8997131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":778,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (777)","md5":"22092a8c70eb955087af43f26b5a344a","sha1":"e502fa77042e7b7f3a03854282a6c83f03ae62ed","sha256":"19271fe669c8e2e0636cf9da9d6de5274132700d28b63b9d855a95cae9a53e39","sha512":"6cb612108e131c223976e6396cf14e58f4284bcfd98e76d01876b6f34738607b0c89b823fbb186b7eadb03966dddad5eaba3da3e063e78090bc1daef1039a7a4","ssdeep":"","tlshash":"9d01fddaa11dfb3f6cdba0abaec595851130787e59b271f0b20f0e9646bd008458fb16","first_seen":"2026-04-21T12:24:48.899417Z","last_seen":"2026-04-21T12:34:16.296164Z","times_seen":2,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider-May5T4d_.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketSlider-May5T4d_.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=2_SC45wRn4__ArZbwoOQVL.2pVAZLZctmZiK1hGo8iA-1776773848.25472-1.0.1.1-bu25JrjPOYAUW64inOJIjVKO8BL88JBJn8VlqAYDcp2bn9dGQWe25dMFS2EPORYESVa08XV6J8XjMv5xZyrjrmiwRtrwaqI950gnjA3x4LhID9jOYYU1T2ogSZPanrtJ; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:28 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:16 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WXxOU8rgQSX41JAFk0K%2BLAKFBu4wp8fbdXzf0gQmRubtGzNF22cePS1imx956XdyLHSZI5sRR0WXeLNyz%2Bpz2m6l4%2FVmdg2b1%2BG02K4%2FRm%2F%2Faw3AEcT1lR%2Fub1YUNQeCaiilRg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1120\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dd8c17131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4384,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4383)","md5":"feea55c67b86227b96fac92790da896a","sha1":"1d76497c4a47bcd68cade47f07b90dfc4a31af93","sha256":"5ad5d6cbb54b9abd12c813e38b1885d8cee4e1fb39c4d768b6e94424281ccecf","sha512":"84ff6cf0d5307e322ee2187c4d0b3fb90d061d44b14d08c5a7dbd840e35921cac28c12c8ce7317cd30d6bb46b01382268ea12ba41350049915a3f6b7042f3208","ssdeep":"96:GeHcJa/LobULY+sKOqG/RdMZTuwZctcmXrc1IrRewlUmtRbOLDv:1HUa/LoAhOQ/ctXdhlZt5w","tlshash":"cc918888d039c86471698cdee1376f13a2703973ab7682d3f05b0db94364148d6aeeb7","first_seen":"2026-04-21T12:24:49.03677Z","last_seen":"2026-04-21T12:34:16.253259Z","times_seen":2,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-Pd1BUwU6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-Pd1BUwU6.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=tjmouYhyJNrbcmLWo.KrNrh1EynfR1Xlmb4XYXPDs2o-1776774028.1718879-1.0.1.1-GI5NvfPPjDx1PYCwdxjFDVHi6Y4gddbBa9QzbQ7hvE960V2xc.F5Ohe5.Q35ASHqX4Leh4zw5x648H2hS8iqQ7TSE7P7FjbaPLOG7x_E7wMHVsmQZvhc.Dnku8fNoCIq; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:28 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=goUVx44fOcXW9mhlwUColFY2PeqNiMOpgSpWylCdt7xf5dhpd1%2Fr%2FWdrzxXXsaEyyiJpX9RdH4%2FjVHo9onOA%2BfTYQVxdZS8gGJ0%2FR9UouKK06iIZdaLumKsqGfU%2BpiCca7yL%2BA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 367\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-b6b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f0a4c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-21T12:34:16.29097Z","times_seen":2,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemTeams-CEtT3dwF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItemTeams-CEtT3dwF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=lyYyV3xiNSqeGsjsrdSuFy7rat3MugZF_MpHc5TeYTQ-1776774224.2622855-1.0.1.1-UaFnvgBN4sgYqluTtgSOvMzs8wKdfLQHsJuXAoHfYfPeCd_PcXOSRsrSV8Dh445_EfNC9XanbBnXQVZFAdZUdq4kYy8Bh.WaUCnRRpUmWYHJrXVco6lBLpuLPWReIRs.; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pqPO41AtKBK1t2WvYFq%2FXcH59plZxw2VuCZZ9acADTMOt6c3oyKwS4VyaCiYQYDmZ4AuEqiRVhv%2FNoJ%2B%2B0RNqHDkH5i%2BrMFvbufC6bGprueO281zt%2Bt75aWb4PWfUq0kMIgJQA%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-640\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94595e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1599)","md5":"7cb2f48f38bfb0279904944386f1e2a7","sha1":"cf32f17c46b46eb301ca9c2532b6031f4bb374af","sha256":"331931960cb4393acd95f6f05ca57031fba28c8c78128b7cb87fcfe24c398b64","sha512":"e3b54febb38accafd50c414d77c3af83f5ff80bfac64243a41227cabb853ecb339ec8fc5bca335340b409b3b3b1789d651b44502501507af2756f604d766c444","ssdeep":"","tlshash":"f431e089f020eef5f9514cecd97d4622b11a0e96cf7846d1e12d9b341a34116b31aeae","first_seen":"2026-04-21T12:24:49.053198Z","last_seen":"2026-04-21T12:34:16.242781Z","times_seen":2,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/5634185bd1ac1a7d3377419b485f803d_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/5634185bd1ac1a7d3377419b485f803d_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29432\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Fri, 24 May 2024 09:41:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"665060ac-72f8\"\r\nexpires: Fri, 24 Apr 2026 13:58:34 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 339687\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=bEG7_6IZ0makQ5q2KWdFGgG9ZXZ8YVKLw3k5ZrD0Pcs-1776774002.008422-1.0.1.1-LFi6EMOnqRMWd5FZIRSXSA3JRsOzYPFwfMjjRbnDBn6fpWK374veBgbueFF_wAIYgjuT35XTNKn00N5KcrmVkJvb3mLry0WdinTRcWxmajExH9I.peYzNfOSSXyz1jKI; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:02 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V6xR4dLSregiNkRZk5eUrqGEKHmIDXeZPOSd5R1E0Q%2FTNEbeUarmRU6hLUL3b6Nd3aVeECO%2BFiUnuKRk4%2BNfcsK%2BfbLfPO68r2xUA8LStJTcQ8q4EAsFKgfwKrp5%2FRO5G8ffTxdqoro%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c975c2e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d63b650249dfa5d834285f5977197ed6","sha1":"1d6764f65eecc4fa4213571b610bb66b03ddaa2b","sha256":"3223d8797ed96d58b887b0456ea623fb293ed18cee107c37f2b8953e517f25d0","sha512":"98eb831197d2495b1d4af26efeb1bd5b62942227a576da883e71d74a55d5037338a800986e85ddc2adbc1a36bb2188c9a516b749aacd2e52411ca7a6601ab0aa","ssdeep":"768:j8jFiSkwkHG5TcTpVoMyTmipYkiI/efLDR+EoSkc3S/6:qiHhDyTmiCkiI/DEo3D/6","tlshash":"28d2f2d715c50b70c1b61faf4d571fe6202dabd86bee0ab28951c5887c0dcad8c85637","first_seen":"2025-06-19T05:49:47.512516Z","last_seen":"2026-04-21T12:34:16.102Z","times_seen":34,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/513/1026633.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.198Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/513/1026633.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index._m59fQOD.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:39.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index._m59fQOD.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=3bmOIYJYLzBqaFCFwGqsU9e6SV3PHeyPmPlNvzGKibo-1776774219.4293203-1.0.1.1-SvNAkjcQDYLBSydzU3mzE7UECzJtlbIANr1geDEu3ve9p8leLkUUvkFYIPUUnd.GvuGN_iEmg_pXaXPW31HMj8x_vxdF8lDgttQVLSkmpdTFOpLc1YyAkCrpCBKHDOjW\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 12:24:35 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 3379\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=JHgbDM0VUyY7fDh3ND29EmU3dSe_xI7kBdO6urlLzJc-1776774054.359049-1.0.1.1-aI6MxNDk7Ek8py4d8MLL2ZifYwswPMj4bV3cYpsIKi4.ngzbBZcQ.RYH_BLeKJtbWYegXNcJnscXgDCjZicA.KijxnAoG9XImVnFIzno7v29uDNrnGI3J6RYMEX6jKmp; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:54 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DpOYWk1gx6wyrXvv%2Fm4IMhAZlTZMm5qdhDgnto%2B2BKz%2BHrk5C83SzjIjU8kAM6dGj%2BIO%2FGRu2Fe4roX%2FsoEHl842QYxyZCQ5syfRyC6KoGKffU50dqdtRz%2B7WMIEjOZcHCZbJw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-7e58a\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7979c27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":517514,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62128), with no line terminators","md5":"fc86389ac86e0954471fe6aeded4a930","sha1":"9bfb325f95a0f6b80219dcdc4456f0b486f7979a","sha256":"6a74f0262e6f99ec45b03f1b81495b9e81939513bd5ee759d46d7328574ddcf8","sha512":"02b646d6b19612cce3f8dddf7f0203243a1c740862c296a8aad1302cd5cf2620f7e85eef698b0597dabf70351e9f22e4352d097e0b601541a85f413623a04d14","ssdeep":"3072:HT1qmID/L6Zt4llM9booiOIZpb2jRzseBrQSaQFRBE:HJqmID/L6Zt4llM9b4OlOR2BE","tlshash":"02b4c8a1968822f87b33d91f93d1779cb024f061d9621e6ff18a252dc6d67900263f7e","first_seen":"2026-04-21T12:24:49.055166Z","last_seen":"2026-04-21T12:34:16.113372Z","times_seen":2,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/NotificationsButton-yutPbShF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/NotificationsButton-yutPbShF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=BwxtrNuKKS63fwHDYL.Feww6L1zJZl8M2ijrckEgglY-1776774134.950727-1.0.1.1-3WZXRwP0KeaINUwpX3HD_pjXOhBeytteADf1OtBYqFV_BOroGPiC6sR6OIhUaaR861APvP1bCCo4N7028vG8t11X4S7VK14y.e8zEMNBaolF0AF3lFnxNSj7AgO31ip_; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hqQjtCy8bcIc2L2%2Brnz2r0KZ4rSKJtG%2FcMut%2BH%2BtSj%2BXYs6fDFzln6kL6mG0EN1K7vzWBODRKTP75M5kysCD%2BfcFjSvGNOW4%2BBuNojuR7niH3RE%2B4HZ%2BNWutPmkOXpj34ULyCA%3D%3D\"}]}\r\nvia: 1.1 google\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 3443\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-22e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8acd467131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-21T12:34:16.159541Z","times_seen":2,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FeaturedGames-DWwns83P.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FeaturedGames-DWwns83P.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=XY2aYW5PXagnzL7gkUBCT8g6hkrdbXrFsYsQj8i1evg-1776774223.186602-1.0.1.1-HLuzOhqnNEEX5_sdv4q1TZc2d4KIEUDwTywWBSAh5hkllwBysgemohqh7ub.N.pvFMyxiMy7mJwg6e43zaDf_k85vY_kYH3vYCUSTETOJ_YQn.qtFFyoSfJpyMbaAPiT; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GuTPRWYx6SXG58PXLnU%2FBUc9nJBqvDAUpnvzFdU%2BfWdCfV0O%2BREEE4MWUVaj6DDjyS4gVrKBNpRA%2BvnnmY2UL7h9zhw1IiNAV%2B1S68n9T6CvRzgxDpk7VlmeYtdnRdCKVT%2B9LQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-1ede\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d88697131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"bcfddfb5689ff1c2391259b2f348992c","sha1":"ccb1572c067373494366fb079f2fd90fd898db07","sha256":"50b6bb1d3eb822aa4fc92de52882f9c26159a5376b6bbd24f54e76eff0551203","sha512":"776eb0edb6ce0b236714cf9b2d4153f65bde3c9fe57ead2163122cf7fbaf425b896bf2562c4d72750f762886b555d5eb3dee7a4ff03bd95cd4247b60ca87f302","ssdeep":"192://E3f6HZEUDkH92wlLcoWhCWOJmMwL4Bflg2yjTl:kyHZsH0wlLc/h6S2C5","tlshash":"40f1e90ae010b67de57b49e7b13f5508f47a0ad0e7190c90d0be2d2919e9246733ef8b","first_seen":"2026-04-21T12:24:48.910669Z","last_seen":"2026-04-21T12:34:16.219344Z","times_seen":2,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalSportsList-CG9uv7Pr.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/HorizontalSportsList-CG9uv7Pr.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=HS.EuzBUR3wiTkheDeeBf.0BG6UEaLhmDyqGx4sfJgU-1776774138.0907378-1.0.1.1-TCsMD8QaYBaVdpCo5od2qyHHvlwFEqjHKDcHH7jibm2EX8gx0MukLc6TubJxm0oIiIRyxzYDQ7VL_wepqsVo_uQB1W.a3YisivkabOKuMB9EMdW80jsX458wOyHgMe0T; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mOaWbHPa8sc6%2B%2BjPjOoHHaI7Widhc4kjyz1lGK23jgBhPSGkfbahRrXpAmPigFjWuKKcc8JeMcRPykuWOgvG%2F82iHqzFmQVo%2BoYtoTEwRsmH2Ne%2FnM5Gwimk3gW00tVZlUeU7Q%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1a6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c928f0d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"753ee192934290df27bf8701176d7761","sha1":"a8351c2e49e7f606ff2ccb7b00307c786af579eb","sha256":"a259f018ca326b43ed4403a43034a162faac3428e5e88c5154a4f8a32c608bb4","sha512":"c31bf1c798efdb234d594b705bcc3abff02e6dfe7871e3341a8078587775f653c52139f56a902545a185b509dc720f32b410589ce938d906b519d11b7a5cd918","ssdeep":"","tlshash":"8ce02b85d8628ef46a2a88efa95c24c46153057cef566a71d2a4921c1b7408bf66940e","first_seen":"2026-04-21T12:24:49.035577Z","last_seen":"2026-04-21T12:34:16.204886Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/immortal-db@1.1.0/dist/immortal-db.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/immortal-db@1.1.0/dist/immortal-db.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 1.1.0\r\nx-jsd-version-type: version\r\netag: W/\"ee25-pMHxoJFNs7/Bok84dZEhK2Ol9UM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\nage: 652989\r\nx-served-by: cache-fra-etou8220189-FRA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 19803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60965,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43474)","md5":"54530312c3c2954ae37b0a580c3e6620","sha1":"a4c1f1a0914db3bfc1a24f387591212b63a5f543","sha256":"59944f96e5702f1b513edd112624b4de002cc998a3de8d120b6cff80b61b9051","sha512":"c5edbecc244a90269682a943acc5676b824b2a2bf51fbb9259fc4d69a9de178c34cc9701c5e985c2b4bd4e5d0a6b5cdb84f6a57f92ded9c41e5ad9a697279ce9","ssdeep":"768:bLg8cSjTZnnQ6k18c+pZZq2+7kKNc8Ov7CMLKX:bcwZnn0MrLpGX","tlshash":"ce5374ccb6c2f06607a37570402f540bf1ba6a58b49e8490f726d5d17c7a88ea137fad","first_seen":"2023-03-13T10:59:44Z","last_seen":"2026-04-21T21:26:35.769117Z","times_seen":323,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":37,"dns":4,"connect":16,"send":0,"wait":14,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/lodash-CeISZwwN.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/lodash-CeISZwwN.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1eOlxSTHbECCDRamqe%2FNnSUUUrOD%2B1%2BGCqJST%2FyzFjLFeSBFxxZIAB3nMv4iNsiI9p7JUB2XjoKkrgiVH2X73EvIf1ysSPSJe4FVdHByIXnAfbN9gc4Ch0%2F3iGHk6nJK07BJhg%3D%3D\"}]}\r\nage: 3371\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ajiDgLFFSTB.3nuqkN63mlgzyFb6DD4p8733xc8DDw4-1776774052.1608555-1.0.1.1-L5NhFwov8EzUVUxWcTCNzRL0veX53iUqUd6MLFOOcxu_qtW9uRkPtcPkyuBQ0B8nVONp5qTu0yGf1Mq5.8SkRIw4U4Gt_cQpT1nJLX_h5LINjTXQs.F80_a3iBeOEWQf; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:52 GMT\r\netag: W/\"69e73090-284e5\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7dcdf17131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":165093,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35092)","md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-21T12:34:16.221964Z","times_seen":2,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-CdCbiusO.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=W_ESe7cq9Fv0bgLy7BcqmzoKOkmS_.YcrcAi_ZTg1nQ-1776774134.1904767-1.0.1.1-Wg7ba4qbXwegh87x5ZCjAp1gHFi7HgkuSLCndALpQdE1ZfDWFP0GB4AgqQjJ81QhwGjJTCCqj2um8ZdAcXpsy2s7ExEHytELHJ7kcghGoKSYiRrThTNQxVHadFHpDoFV; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bq4w9EHID00oEGFueMVVBKDqKatM%2BFGAAi6D6AwQY3CHweV9PBrR44Xz1HmuR5HwLna%2FcrjUwzaCNqxhKEbDgux4JGbRLpYb3Max4qEXCVFJzQHyrv%2BjKgMnroKhK1K5iJ%2FBNg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-5509\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afd7d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":21769,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20471)","md5":"8092f19af0d544b86d813299632cea49","sha1":"2a2f19e245a3b90225ad62325564de85b7c9a93e","sha256":"650ab75e6147be141f3a4476b417f0e600526ab598f46c7eb19e0c7a76e3a01b","sha512":"6312490d3bc25ffce5c91d94c2468a485fa971f4983b2e418880ec833bcd12f3103ae0c930a8db6da5c1511e2cc2db1632660c24150198e8b4a7232e3ad9b9b3","ssdeep":"384:DbjHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:Pj4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"d1a2bac7f9a548a0b5bd1fe81fc2528635b1b65af49144707c9e7c0c223cc4ef2b5aa9","first_seen":"2026-04-21T12:24:49.027905Z","last_seen":"2026-04-21T12:34:16.129083Z","times_seen":2,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/InformativeWidget-U7XsexQ0.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gu0Qr0SZPvxQn%2BdZVCAEBlmN4g%2FtJva1yhzSeCi3x9dm7DMe6s3rGpuHlOqU7YZEx4UzzZYtEOWBVw0sSoXMj80SVEc%2BtvG%2FhIvX347hGh%2FCtUs%2Bz1EMcknE5T5h6dJLF%2BsAmg%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-43f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c0eaf7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-21T12:34:16.144951Z","times_seen":2,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 628\r\ncf-ray: 9efc5c9129230731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=1019+1 c=0+1 v=2025.6.1 l=628 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07a8ca43077147f4b93899efbe31ed8d","sha1":"bb87180866adc635991e4867c8222fc4387331ba","sha256":"b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89","sha512":"6d9a2235c65c224e78bd78025eacb630cca9bc9c4a838fd540de031cca2e8c442460eae186359cb98dcb1f1eb867414c6b5b77c78a2f3e1be6f6f36b254111c4","ssdeep":"","tlshash":"90f062be0d21c29ae04842881a0c6c5da472a9b9fb4424c4eaa5f7a67c0319433a54b0","first_seen":"2024-06-15T18:00:08Z","last_seen":"2026-04-21T23:36:13.388625Z","times_seen":2172,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipStakeInputSection-vslSA2K8.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipStakeInputSection-vslSA2K8.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=3VmrPbvDkUdkTlwJHtX_XgOmq_NFhBabZbmHOzvy_8w-1776774224.252456-1.0.1.1-b6n12C9o2d.HD9lRjfYRsFEl3UKnlysjrCOMScJF8bfZdPfo7rQWY0Jwb0vafGWCG6LTk_6fW.1BNdESYHfbDw0TN9zMTpZIdkQpKtzR2uXurawvmy.jNV08mUCMbmIV; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VpJC4PIMrQ7PXrCp%2B%2FWQ85gUlFUks3xi3Wzq1vUHRW8lh4eHvaNKwdA0Vx0%2FQvzt6ldU1mj%2BMQdnwDsF3un8N3kvqYNYRenDtri%2FblBqDq%2FiP77hp3ZGGER0c%2BPSZmByp3ABcg%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3f6\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9419197131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1014,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1013)","md5":"2bdf3c60539e60c464e11faa9ea8bc23","sha1":"e88c9abab73614069ae6b029942b38eef21f4b45","sha256":"e08613c552098f27f960847d5ae657f97ac9c7ef3fdf37ce8432f0f3c57f734e","sha512":"f9a3640470ee81f9d7d312c0fe10e7c27689764ff6398b12dd42371c693087a2d482c719102cc1215614e77788af280d76dbdb8e029b87a182d36ddcec78157e","ssdeep":"","tlshash":"8c11650ef8262afe900209d855af5014603d0c76e1990760c4fe2d7e1ed5459724bfcf","first_seen":"2026-04-21T12:24:48.864448Z","last_seen":"2026-04-21T12:34:16.302906Z","times_seen":2,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato|Lilita+One","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css?family=Lato|Lilita+One HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 21 Apr 2026 12:23:44 GMT\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2f31f582a62929942285136edb852eb4","sha1":"ade05009e3f52242452d23f325d0d60eb2f4945d","sha256":"86d1d33f6f9e190954cb9cf8f930c7ce03e60bb102b64f2ce0baab352285acab","sha512":"2e4b5ff5cb64ede4c3e63e2477f156c55597e1c3ddd83d888fd96c66bf7cc6716dcf522fad19cdde2a4a564f530022feaff488500797d01f3673e52e295ddabd","ssdeep":"","tlshash":"6e31bf92097ba80497930dc212ce7d32ef1e62406845a825afff18dcfc67c699362b0d","first_seen":"2025-09-20T10:36:49.753015Z","last_seen":"2026-04-21T21:26:35.821969Z","times_seen":104,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":144,"dns":0,"connect":21,"send":0,"wait":30,"receive":0,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/989.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.747Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/989.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItem-DPOBSFUA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItem-DPOBSFUA.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=iCUn0Bln.nUhcYwl19B.rQolfdWSIIB1.b5WLtLvUPk-1776773847.9655292-1.0.1.1-1qykKkQGtMcpacwQjbn9_UDyxtuhTV7Rq63Uf9VZzI.A.z8QIl9mj.hYIL5dWJEU8.w5TH3vzXkky7iwiPR72Pp53NPzTAWMSzUlwIK0rNFsHm5twYxrrH1pZ9oTpHyg; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y0RybzgRqRzh6MoFnY1n3jOJMdGWDezhZ3KOYXPI3kqYVZTEEZbqZm7p18iQZGj2mkcJdX0oAZOuy221aWzEfyuky0isdwuW%2F1xxe1OzUqnzKqS1Kq7k%2BvPMwDezISwulNg%2BLQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1234\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b67131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4659)","md5":"c4b5a33034c11189d13a58c3b2a71535","sha1":"925b05f37c74a4ea1f10ca78f28a492d8a508316","sha256":"f24fe06384d2908838e215020b324be57569e56d317e0cb799f4ca6fea3bb8b3","sha512":"56d3b2b94a6f87191af553b91d5f4d9ebc79d4f4cf03719d2f00d3ba0bb45160f180669a9e3d0b758b191efa1ae09f8560b6b9e8b96cd07b9fe3c3d1546f7379","ssdeep":"96:6yzRl44W0nOtWyDHDjl2rfLE5jYhpzHXzoodwd:BzDfI9d2T7X5q","tlshash":"efa1a546d024b738f83bddff75a69a18b4310add87964be2e25d17290242290737afc7","first_seen":"2026-04-21T12:24:49.05959Z","last_seen":"2026-04-21T12:34:16.097295Z","times_seen":2,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/1/3873.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.736Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/1/3873.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=jyK6FjsBUOuQMArerFTC8S3nuzXeI2FVscw6JQ.Td1s-1776774167.2263126-1.0.1.1-iCatAGQaSb939lUNsgOkYGBe3l8NJGwQ50EQsLSpY9DA1NmzSzWF6FR.kT0STeTAQ3W0r9Klmfxrf.J7792jSHuW.Fo.j.oiQ0fgquGMpsGcxgrsNiiIscWbooqIK3oN; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321047.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.243Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321047.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321031.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.250Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321031.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/670/1341728.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.304Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/670/1341728.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index.es-BkfTJV0A.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index.es-BkfTJV0A.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=aJHycliMXNEGy41Y6m5K3yqNND4aQdj9k2.P8Vg3Og0-1776774132.9784489-1.0.1.1-oqfavEF2C9N4RLkC3hgx8SGu2Y5WedQF05Cql89IEC_NZ6KLzr.ETiWKkEY5KuKmma6pUeLciN9A89AUOhNl8Pki9Qf10Idh0Gewj8.iBU4gGBdrJOEAfXCw3fp8mMPP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:12 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lQzhJP4jnMvGyXRbKSQpAkq3TIGlENSuZSyRso9EDgPlCnQyeYpKcUEQPB8QIA4ZZ2x9%2Bxv6TlfGyu%2F8zXirnUAJbWgbJNkWIr0VSxrERyoCD3aZoDkos2es99OhDENX4YBLfA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-48144\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c88fb2d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"14273a4e1f174468d9ad125d59fdbf95","sha1":"323ac744c931566d8324a88ebd619c69cabede1b","sha256":"497891c74b3d2f85ae305a4055fd2110ba81387895c6feb67338cc8b454f963b","sha512":"5e3ca72b4b96d9e498548295a2251fbdbfc8ce1bfe4e8bf503e340d06aafcea34b03aba178a2ae5597460018280f8783663549fb0a57c5dc072f67fff4e85619","ssdeep":"3072:bzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UBh:bz77jdU/7sJJMcvYisoljSFN1Nd6UBh","tlshash":"ad54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-04-21T12:24:49.049849Z","last_seen":"2026-04-21T12:34:16.123505Z","times_seen":2,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/menus/header_menu_751_tur.json","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /menus/header_menu_751_tur.json HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=HRrkBqauEOAqtv3BIzmdO5iMQDvbaajh.N9kKWlspcY-1776774099.6879108-1.0.1.1-BTwEN.S2yvJLjDC.loAHnoZZ67bOGdR9IUubj9tq.hiODNesQmALljxhQNpyZIRT2W2Av1i9v6RQbex.fTBT3xVExZ1zE0Q6VRNLCX3LcsEHulSNrh5ZTjVf57ZkAdRD; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=DtkAlry3361M2x6nPZPpaDyVQYQrZxrfhWVv9D_2hrM-1776774133.0948694-1.0.1.1-JRBf8nVsll3Aued.M.GIvR64UsOPFKCeuHkkY2GwlvfDQe5KFj9iT_tW8oT0JhZ_70ru7KchEWN9Kbwfv..EW5th0k4n_qx.ULqjYRlCcnvFhVU9Zp8Wmn6uFeGKMRdh; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 13:22:13 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRMXODXJiM2diC7BmQeroqFgKKGdZsMDGVoBBIOpBZ5DVXlDAG0DINOjPLfQjvyxLToSbOjW2eq4sLRIeSa2VH%2BatsllN9nvy9TqkopD%2By%2FeB4aa2koKM5TUDUd%2BHm%2B6klcESA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-3fe9\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c890b337131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":16361,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (16337), with no line terminators","md5":"1fcf1e2dc37eb2f467aa7fb24b0bd788","sha1":"17b4e8439c54d9c10e0724f0c2def028035f70e5","sha256":"8073685891167c0367af27c89676c4b9d3b2140aab4cb7219525adea8b8c78e2","sha512":"028f491dd4edfd2d4f3dd5fd7b3f3ba79dc31e65453ce5833d712d1c5d66420c7dcf42aade050d51a2894738e630c663ba8d866a482e07485f598a7b8f1a47df","ssdeep":"384:Mcw+PO9HzZS33bQgevgCnNTiAO2Ba3r0pm+x1A7TEN7VIE+jKeluWqc0F:Mcw+PO9HzZS33bQgAgCnoAO2Ba3r0pm8","tlshash":"73721702f01d59b6d3183e007cc7ad5b98cd509d6c9d4940ad4d8acecbd94af8eca6eb","first_seen":"2026-04-21T12:24:49.060798Z","last_seen":"2026-04-21T12:34:16.217839Z","times_seen":2,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/casino/partners/751/platforms/1/games?category=406\u0026limit=12","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?category=406\u0026limit=12 HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=mFOhhKkWxB5nV8aOAapAOzogdiz__D3CHhKW1fK8IrU-1776774223.38296-1.0.1.1-2ZRuPasqFVbQ2neeGAWgWCJQ7p6vaDGFFccHIW.9Vr_EI1cWD0NQvksR3S_H0WbQcWxU1oP3GLeJL2Fejik0EVmMZ3jYk1WLTn12JvsuaUXbIjE4IxJAyydPCpzw1x9S; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rzFInrIAw1aE1wzcjK3ECyNFEJPmQdioyRue84Gai57N%2BLLqKD4dpYxP7VqxtC54yGvQ5apYyuYvtTP222B7NrQPJ8eC%2BArGu7u9PA7a8Eges9o%2BCZDJ30o7Ri8UkqatKHx7BNVceN0v\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8eb9d57131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5932,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b0e7601164fa0577a214da083ee5c070","sha1":"dfae74e72024ebe402d869d425588f22ef6caac8","sha256":"54e6af8c48331b3c73fb00ff9bc9bce5d6d0c891680dc6a2b2b3a264fe612f8e","sha512":"9e55ae0736615a9d1aae61cd37d775068a84e4de2d8385e3cda6d6e42b6ba8a07d91bc45e2e2f6c1ecf69899160e0d63edf9259845f6156e833b9903bd6981e6","ssdeep":"96:EF1y31M2MVo11O1BYYvCgCod1hi1NXN317mYYvH21rKYYCxOQYYvfUYYvUC:EF1y319z1E3FvCgCe1hi1pB17mFvH21i","tlshash":"b0c1df4a8924faeefb5d098074423d0d987d53d2aa8dbd50cc5a9e4e60e50f126336ef","first_seen":"2026-04-21T12:24:49.062165Z","last_seen":"2026-04-21T12:34:16.093603Z","times_seen":2,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useNotificationsProvider-CDjHBCPZ.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useNotificationsProvider-CDjHBCPZ.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=XJyMKXWmSjHY5tK9yCMQQ3y7cTZIF1Css8Ws1VBPgTc-1776774223.256418-1.0.1.1-81xTsNzyujPrOh1Uu52cK9Lh0Mr51NP9yu2MMn09B911leBAsjrbhduONEyKg7UeiVIu5gYe3V1cCTT8myYcUjMliWBKzRRUwEyWN47a86GHktxVvUqB7JmffAYN1WoP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2F5Xw%2BeBtI%2Bc%2F%2B4d62QoSc3BP%2BTCfgd%2BOe4FpBFwUv5sN%2FkpBmE%2BpI7CSqJ9fq02yLzL0ruoeDqwQRqMArWN9buTkgdYSvsF%2Fl%2FM79PHGCB80fktnHHdS0JK4CAUVmouHhdiyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-5c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c928f097131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"a0704011931a5a01bec0bacba061e934","sha1":"347f1557de03029cb7df1dde97a3026956a3d89f","sha256":"b333c15ca234db1c66b1abe91865568ca9bc09da01cfbab8a9d40844156abd7b","sha512":"5489c10972ebeeb5f7c5d669c7f0611717f8b481d5568f1d16a8e5ecea9c79033d38bff972bb98aafeed060467c6c3d146de309071a667442a86f837962e9961","ssdeep":"","tlshash":"87b01217044143f021020cec011048690732083d37419fa00034010c12e4089830ed16","first_seen":"2026-04-21T12:24:49.044228Z","last_seen":"2026-04-21T12:34:16.17685Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipMessage-BNH9Z4__.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipMessage-BNH9Z4__.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=8F9ZagLRBKiybgk73dFsTFFI8ohe4dxyI_o2KEQGCRI-1776774138.169491-1.0.1.1-ByNlfL34N4DAFysEuCGA_YAalOUua0D5YOUoe5HKeycdbJnGu3XY8a60z3Fnqlte.814m6VomOFWiTS3Oby2cA8_8J7_Z1Rm1Z8uA3fb9ZZrrsRW8uPNpB9W2.ncqnUl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DE64pKGzi0akN3W6wQEfMbt3lNUTANZDQk9kza%2FGW0vSHn9jiG3Mc4JdkEYxjluBvrzeyav8KwD2tan1lAudmc9yHovBjIE%2FF6CQ%2FJfo%2FAR1o9WAk5Xtvt3Kf6IVSD%2FK6ukNlg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 456\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-4f4\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9419127131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1268,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1267)","md5":"9a788dd065734b8baaadbcb7d1bdb747","sha1":"1b4695f19daf85ac64a2efbe2235f7e44d2b7e9f","sha256":"b88acc559e4c6f949219c87afb55a6efd8ccbd70d0c1e713d6b4808ec1039486","sha512":"28dc616aa6a8625492ae8d7397895884faa8bb4a9c72969c67ea4aab10eb60ebb980b0cd7d11bea3f9ab5163d9f064288e1c556752bf0dabf5ef668287d808e0","ssdeep":"","tlshash":"7421b747f2a0db2c87a3096df2583042625401e5bddc7920c5fc394f2f9068e462bfba","first_seen":"2026-04-21T12:24:49.063573Z","last_seen":"2026-04-21T12:34:16.157068Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:46 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: gzip\r\ncf-ray: 9efc5ca2c87bb518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":697,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-04-21T21:26:35.711167Z","times_seen":35,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":48,"dns":22,"connect":1,"send":0,"wait":32,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:46.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 740\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 20 Apr 2026 10:14:41 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: CKnE58i_wQnZHPdUbktjV15jS5tSoH84\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 21 Apr 2026 12:22:45 GMT\r\ncache-control: public, max-age=120\r\netag: \"f7df2cf67c32953fba2d55755ff57614\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50c588fd3255d023d9b9021263f5fa0a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: WiwkSHohc-fINBaJrky-OseuGnWEwKaAB6_yZCCfjueqRpRSnl_-dQ==\r\nage: 62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":740,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f7df2cf67c32953fba2d55755ff57614","sha1":"c008f77891685a384d3dc5907c3732c7576a0998","sha256":"47e40399bdf44be2a456b6f886c5ccdd5376790ded661a92c27cc0087bd4a860","sha512":"5dbe175ee3d1a964c7f40c47a2fed07aa0e766340f3bdd5552869579b67a7db38b9d4cad14f5f2e98b5d5fb16b87936c3b41a83cd70819dedc347124fb0a1a63","ssdeep":"","tlshash":"4d019c8c3420b1b38d5a8b23ca197d036ef648781889653055be5b0c007e9ed039ade3","first_seen":"2026-04-21T12:24:49.065403Z","last_seen":"2026-04-21T21:26:35.789766Z","times_seen":5,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":11,"dns":0,"connect":1,"send":0,"wait":24,"receive":0,"ssl":5},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/tr-BJOLX3p9.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/tr-BJOLX3p9.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=pfVHyiCxk9TY9T.1_DsWOr.u5jO2MhpcTnQd9SyTsSE-1776774132.7946563-1.0.1.1-WOz0FwFq67uxHJrWa86GCWr4So9dqB.phEO7CWevGj7R_9OEb3Evt3QJHAYaUbQ19NwJpPHh4ChqKLFqnjWtEoI_atqh0lAvQqfICsN9294tgccPnP27pUq3JQm0.sQ8; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:49 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DsGf1ZwM5hKwhi1qOqP2tXgHDk5%2BHY3jyv91SUV289ZMgANWXyAvyKeOT0DKRts2XDTRRzt1fJ0v99rPOMNalWxhdxDaKCuoZnSdlMk8QEsJcd9%2FYDLbkkFHGu8SibfPblbiUw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=VKpdzvEX50fDg1ghy42WOdtYoRfFEOV2XTa7.Vvjqtg-1776774089.7753196-1.0.1.1-ZBkmrdj09JY2MxhP0Ex8qsOqUYAFMw4qm_z_G9tSizDlFfNDSKgOV8sgqeScCXn1MW_P.jyW0..wORTfNM7AUj2LYF42qtH3ZG0S9r5GN.dCwhxzmJi5QeyUZCjlEKgG; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:29 GMT\r\netag: W/\"69e73090-5b3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c837c227131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-21T12:34:16.302073Z","times_seen":2,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/NotificationsButton-yutPbShF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/NotificationsButton-yutPbShF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=BwxtrNuKKS63fwHDYL.Feww6L1zJZl8M2ijrckEgglY-1776774134.950727-1.0.1.1-3WZXRwP0KeaINUwpX3HD_pjXOhBeytteADf1OtBYqFV_BOroGPiC6sR6OIhUaaR861APvP1bCCo4N7028vG8t11X4S7VK14y.e8zEMNBaolF0AF3lFnxNSj7AgO31ip_; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hqQjtCy8bcIc2L2%2Brnz2r0KZ4rSKJtG%2FcMut%2BH%2BtSj%2BXYs6fDFzln6kL6mG0EN1K7vzWBODRKTP75M5kysCD%2BfcFjSvGNOW4%2BBuNojuR7niH3RE%2B4HZ%2BNWutPmkOXpj34ULyCA%3D%3D\"}]}\r\nvia: 1.1 google\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 3443\r\ncf-cache-status: MISS\r\netag: W/\"69e73090-22e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0dad7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-21T12:34:16.159541Z","times_seen":2,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameDetails__platform-DeLpPgwV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameDetails__platform-DeLpPgwV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=w16IuAxluKVr_G88SpSZ7a.u_OCtXn7WYKvfw4BN.qM-1776773847.4546983-1.0.1.1-EqQUL2KPsIz6P_7TTk8JSiBJPQIlhokT2paEl9v6n2eDgPGeLXSvNd3g6j7hTps0l6qoooqgk1gjIokbyy54XULyMbCpEkfG_ui288z4UXC_J7r8ioZeSM2E8TTAeNhL; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2Fe0W%2BDhLxjsiSUUbjQSmgEG1XDEFtUIs6Uuu13qv5uU%2BCEtzijjZMX9FzFQXZoNzN7KjXxEHyxTflxh5uHkEzw0j20D%2BzOaCWY4NTDp7in6%2F%2FpZe8mT%2B9t6XCVgMOow9DaxPQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1cf4\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b17131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (7411)","md5":"b1d3729a864ba6f0f038acc8f30e65e0","sha1":"09afbfa1c6972ed430da5ae094230a69170dc4da","sha256":"2c16641def7b54bf96b79561afcd16676fc0c9e8e0869c89a0705a1c5a5cfab6","sha512":"e5941d5433ddc66b45c0a300c64209be0b85dc976b5ed662440aedc50c676edeaaf09f5f59e0147a31018a25fa3a611c6087012bfa203c7ce0d977e0d6eb84d7","ssdeep":"192:2rZFwk2T2D2E0iP1XjkHjjkHE2t2p2A2V2+2DPAPpPuPQPkPAjkRjkKjkJjkPkj/:2rZFwk2T2D24PRjCjt2t2p2A2V2+2DPO","tlshash":"69e1e19e912e6c46dd7f063cb5c12b26bb333fc136440695fdde539aa608687312a72c","first_seen":"2026-04-21T12:24:49.067917Z","last_seen":"2026-04-21T12:34:16.270509Z","times_seen":2,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.galabet1069.co\u0026t=1776774223460","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:43.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.galabet1069.co\u0026t=1776774223460 HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Az0hXYLnYDPJHpTzpC3FAc3CNj4eJUj0mmFBaueBtsAvGAvk%2FrSrebdDdEI6x4qRRWCxIC8X4O7RX3BtcjhlFdOlIm9sHHagr3tNAcMkMz5%2BJnCbPtDsEg1wBxWtw9YyKuku3JYr3JWC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c90cfb3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3029,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3029), with no line terminators","md5":"b2b162c29b26feb3152a7a384907c98b","sha1":"99edc82574f112a42c1222a211d29b169f7c28de","sha256":"87d40f11f4ed59bc3335ed05a8476a439fc08a3ee3673cd6d92de8e9e3694b61","sha512":"6fd63b76221ecd54cc5acbb87f676eac11676ee6e1531605f6383cd8790d06084f8302267e048ecf3ccb98289c3ee5811bfdab0ed4325fd1a4a53c960b6d6504","ssdeep":"","tlshash":"8a5110ceade0249623d90d7f3a36364ee126c4c739dd44496a2098b09fc1e29e78923d","first_seen":"2026-04-21T12:24:49.069286Z","last_seen":"2026-04-21T12:24:49.069286Z","times_seen":1,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2176\r\ncf-ray: 9efc5c9139480731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfepCHWB1qkSi-cNd1o8wsvD9BfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=16+2 c=0+1 v=2025.8.5 l=2176 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b91b6e5024dfdf6e8a4d61f0f74dd13","sha1":"1614f764ed7b516c7768fae0966abab152ac7d1b","sha256":"00e34844a07301274fc65fdbb65891aa95436b94c4c860d9edfcb96331c5487f","sha512":"c3948fdb40f0f4154fce632acb88cf9cf57ce39d2858e4934d8820c4d5729da238c569448b5bcb6d1780e37f005cb9f5ed60093005cfa451a92270c4c0034566","ssdeep":"","tlshash":"48413ab2c3378c72ce2cb5e3e9b2d5168b449a5a91859afc22413d33a4b145cc4b89e4","first_seen":"2025-01-28T05:59:32.007883Z","last_seen":"2026-04-21T23:36:13.370354Z","times_seen":2744,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/RunningLine-CH7nI64D.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/RunningLine-CH7nI64D.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/CasinoTopWinnersWidget-V5-R6cR2.js\r\nCookie: SERVERID=s1; __cf_bm=uTV3emlVcIMHjKVDT2V_R4tEx0cLlWDpvO7fGYkIaaw-1776774137.51365-1.0.1.1-QFtzkwoYS7d9S0HcU9fDqDtEV3ehaZEyk2idmWvFTMt1e8NQVEBs0frhjXvCRJzgV.OZB1vTikGO1Fi7I3Vcn7DD.i3ctr_s9CqMWm.Gp_axCQ57QYUg6SA1LgqKaZPl; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=97nNSknGpDFPoJJz19wDlQPRW4UGlPEJKiKdObLL6A2sH8DVDRCpmt8kA2v4XPbYd%2Fmmpu0JVN4r0Bfu947BeZUMT96Aw1oH461dHlSnHP9eIf3B%2BJTpVTvukYC4nXPZVgn24A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-3e3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c91ae217131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (994)","md5":"6bcdb91f80d37da6a2e4a7bb6f6e3ef2","sha1":"bba04b041ba9ae72e22e24a501c5ec69d5fef686","sha256":"2af1a90f48dc3ca8cc3ec86abfbbcd85ec472a3de25b8bffd271952f5a8ecf4d","sha512":"1d9bc593e2faa93f543a3cc084d1c0e8cbb9d6b0c50894dd8ba196bb395c255048b902e60178488dbf6fdcb288b165eb30bd308e6b6a9171fec01b82edd4f06e","ssdeep":"","tlshash":"ed11c2569015f6fccaab06d6b53e040c299701a5fe175d90e47e18562a29180bf37fb8","first_seen":"2026-04-21T12:24:49.009967Z","last_seen":"2026-04-21T12:34:16.111922Z","times_seen":2,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/aa0393e8dab66c1d102775b2097a278d_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/aa0393e8dab66c1d102775b2097a278d_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 22152\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Feb 2026 17:20:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"698e0beb-5688\"\r\nexpires: Mon, 27 Apr 2026 18:15:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 65277\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=mBWn5ECi2BgvBux7yQOn4UuEIxmEUxWlwebDaT0JO8E-1776774224.7501912-1.0.1.1-jJaT9m_CI32N9IdYfc0hoSOJvAJZT0fUUBnwGX2Hl5nUB1Qak_fS3AQgFErFsLm8aKz7kwNmUQUrKESZXTpt8w7fisFx_RayLT17ZpEYC2WF74KQ5AtcJTah5NZjGloa; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TOfGYXYV5ULEq1MMI2IQBK3i2LieQlujSQKYTnSuIDaAAVP%2FpWAuOSw7UNOE6C%2F6AiIBSJ%2BM%2FkQ24%2FeGregVt6jgSebTPgWZhUv2PQl3oDSKc5P2q83Sk0zmSkpbxwseYq21T7%2FP2Xo%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c977c447131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ea797af703f19de1775a46da1846996a","sha1":"4a3d94a293826de9e47af6465c95df16ae827745","sha256":"bdcfae4f5012cfd8cbd16fe74f253898b868d8446fd4f6c61d96d7e4517f0853","sha512":"e254ae1eaabbbb14f5a54936906064f8da1eccaefd7c822f2aea623a90bad79008f3483d0218eb8dfc8db455d441e38bd13e03dc58c72cbf7b792f02ead02dd2","ssdeep":"384:DHb3Yt3dy873SAwGIc3Dr1ZysKQBG8yaTWwTrgtjLvRo0Q2m8W7YM6dGPZH06zSi:Hm46SvGIc3Dr1ZysQ0C3hrRo72m8WEMT","tlshash":"4aa2e0a22489093cf50921c19093ee1fdcf467b1681623ed86ef45219a2d46777eea03","first_seen":"2026-04-21T12:24:49.071086Z","last_seen":"2026-04-21T12:24:49.071086Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-21T12:23:39.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: Express\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=5,cfOrigin;dur=46\r\nexpires: Tue, 21 Apr 2026 13:23:39 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RS%2BSAfxssd%2ByNjSCL%2BfNhZu1as8N6keUtDFJOF7m8Ec0DvnSt1HtzvW%2Fs7zjuTnDQZm7%2B5D86f5ACrLJME4O354yiJeNS7ZeKK3ThCgHmFwQpORCAoPf8pnYTcxMm6qUeX7Fjw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=3bmOIYJYLzBqaFCFwGqsU9e6SV3PHeyPmPlNvzGKibo-1776774219.4293203-1.0.1.1-SvNAkjcQDYLBSydzU3mzE7UECzJtlbIANr1geDEu3ve9p8leLkUUvkFYIPUUnd.GvuGN_iEmg_pXaXPW31HMj8x_vxdF8lDgttQVLSkmpdTFOpLc1YyAkCrpCBKHDOjW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:39 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c75f8b9b51b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18795,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (636)","md5":"9da1ba804a30c31de189d6ccdf8bb872","sha1":"de480cd2190537062b31d604a65ad6b7ab4b1af7","sha256":"9ff62b84be3a57046dae8da4b795f7020af94146594db6848db441b0c7908c0e","sha512":"925124dab971f5be5404594bc4a65290a75fe81e0fec43f951714d7d15cdbe6bb90447010e246feb7c1dabdff8f0e5a208ef469a506833c081ee7609517277da","ssdeep":"384:tYggeD65kdrsihmN2xGNoWFW+e5iFGTrL204:2ggemNloI6yd","tlshash":"2582e9e66ca270a115b35176b7eff004a175a00f890cdcd17daca69c0fe17444aa7bfa","first_seen":"2026-04-21T12:24:49.072385Z","last_seen":"2026-04-21T12:34:16.183446Z","times_seen":2,"resource_available":true,"data":null}},"time_used":480,"timings":{"blocked":69,"dns":53,"connect":1,"send":0,"wait":342,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/cdn-cgi/rum?","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 638\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":638,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":0,\"startTime\":1776774219100,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2026.2.0\",\"timings\":2},\"pageloadId\":\"2319c284-5084-4606-8daa-0b8c290056da\",\"location\":\"https://m.galabet1069.co/\",\"nt\":\"navigate\",\"timingsV2\":{\"nextHopProtocol\":\"h2\",\"domainLookupStart\":22,\"domainLookupEnd\":75,\"connectStart\":75,\"connectEnd\":91,\"requestStart\":92,\"responseStart\":435,\"responseEnd\":458,\"domInteractive\":630,\"domComplete\":1432,\"loadEventStart\":1432,\"loadEventEnd\":1432,\"transferSize\":7534,\"decodedBodySize\":18795},\"siteToken\":\"fac955246eb64bdd89fb2005ec8a3a3e\",\"st\":2}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DirFpPtDXbkUaeyEN%2BgKzGJYyZyo375vc1KHTFlBWmBJgWTrjlmAW7s9NXFLQ3YS7JtyAiKYtmHFCv54snQRY6mzi%2BforqrSDFmYalBuJGrUX3tUzO0B0KmetIaZ1vMfoIDh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c7e7eba7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-22T11:08:01.85585Z","times_seen":14152,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"eu-swarm-newm.galabet1069.co/","fqdn":"eu-swarm-newm.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: eu-swarm-newm.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m.galabet1069.co\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: b+wD5s5UZe+yNAjppB/YpQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: __cf_bm=pfVHyiCxk9TY9T.1_DsWOr.u5jO2MhpcTnQd9SyTsSE-1776774132.7946563-1.0.1.1-WOz0FwFq67uxHJrWa86GCWr4So9dqB.phEO7CWevGj7R_9OEb3Evt3QJHAYaUbQ19NwJpPHh4ChqKLFqnjWtEoI_atqh0lAvQqfICsN9294tgccPnP27pUq3JQm0.sQ8\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 12:23:41 GMT\r\nConnection: upgrade\r\nsec-websocket-accept: OivrJDu2MxiU1U/pqtc3vI4U4c0=\r\nsec-websocket-extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover\r\nvia: 1.1 google\r\nupgrade: websocket\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=5y5M7dXfLRM_EXccPa.GGBQbf_2Tki6NdQZIQb7xmrI-1776774221-1.0.1.1-ell_aLDYnCxzdrqBVafgAjyy55MIupE3yI7RthsMM.04SKmSm0m.2BxwsMJKqxHcoRweu5KXbb9_M0tj_DlS.S.85WZH6JxmluDBnQmDYSg; path=/; expires=Tue, 21-Apr-26 12:53:41 GMT; domain=.galabet1069.co; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=BLYSCMpSfrC2GvBfpzesY4Uvf3lmEzumiTlA7R6chvA2t0HG%2BDK36EuSJoS5%2F%2FDPU6Ew88dDAF7QNfDctUZpCFdTpIbyme5sqMwSp9jqbvPfdZvAPdrW%2F73zSQDon3JcvQKM7z6lULAaDk4JtukTCZqX2e90%2Bxnr\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nServer: cloudflare\r\nCF-RAY: 9efc5c843b3a56bf-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=615\u0026min_rtt=571\u0026rtt_var=238\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2352\u0026recv_bytes=1387\u0026delivery_rate=3785620\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=520bddb0645e88a2\u0026ts=371\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":0,"dns":19,"connect":19,"send":0,"wait":357,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-DNoJruNH.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-DNoJruNH.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/DataspotTracking-BNSAxMZE.js\r\nCookie: SERVERID=s2; __cf_bm=SJ_0w6qtJoB4L4FMFb6_i_B0bYvI9DIIaw6WE6qz8sk-1776774133.7366178-1.0.1.1-rzG2ii8wI4evm6toUMpP3sW43sgPGLqC9WVV1YxbKCxDWQfr60ZNa0BZKLyBdv.mV2LJ7xT2VeIo6UVJsNstaqti_9sw4PLqaDr3VHV6lXilXc2_tWkHKGxl8LQfctD2; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=qElGAp2_Teyy47XRf__PtHCiRxNaqwFLv85C7DgBUb8-1776774135.7070532-1.0.1.1-449Zgu2w7KLmomf_oyBG4alQ01Vq.rG.6n3E8OV6ZcHFjywKF8UzDpehV5euzLdE8DgbUz3e8u8boUgcOy.oBjrS7OyycPx.1cVJohEx6WYbjBttm2pNKdGNeZTxdDra; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=esnGOy1I6TDlQJCoj%2F2X3qpxph5YXK2s5%2BUznkUnDVj0SfTw7OzEMcMKt1i%2B1Evv5V5fwL1HLLZH8AwwNPNtfrfBPdnW4SIuGQV4xE1QlNghWm%2BT76uCYpOst%2FN%2FIyd6AChoTA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-173c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c6ef27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-21T12:34:16.286696Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/img.png","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:44.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /img.png HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 21 Apr 2026 12:23:44 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j4SmhsUbF6uWJtsmo63tIDuWhceaiRIduQaJ0bnWDQ6CMjQgJN%2BQZaqtYUPzHNSMPRSg5RBew%2BmSY4FUmdvdyuzhwzgFO94heu2sKT2DHp8BvyCBCN0VOoady8D2cwdSErS39bN7RXzd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9efc5c956dfb783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"2ad3a45d82e0940f4c3dc90088721bdd","sha1":"a85bbcda89334914c332b2315aa94f32c843c867","sha256":"bdeff9d8a5ad9b3cb7dcfe91fe91080359bc5a836d18d2f78e1d308c412d87b5","sha512":"06a4f493c0b3fe9ca7ecbf17347ce0aab1e3447c4c62e2876b945fd13f40140cdf11b66e8a799492d8709ba21ccd90c54c7c5f446370bbc7e2579d0b0477360f","ssdeep":"768:VQRzoYMic5jrKBzf/csKDh/GxEsBJWnO2iPRvzLsiWY:KpMVjOzcPVOKJn1iPRHx","tlshash":"3ed2e12fe1997b7a550136f649372eb5124b0e5a54c3f878c31c68a8c217b08cef5ab9","first_seen":"2025-12-24T22:39:16.249591Z","last_seen":"2026-04-21T21:26:35.707421Z","times_seen":46,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"rgs-wss.galabet1069.co/jackpot","fqdn":"rgs-wss.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /jackpot HTTP/1.1\r\nHost: rgs-wss.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m.galabet1069.co\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: hOP/8BP87dF1BpG0WR/ukA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: __cf_bm=X8rxF1dIlBazxnOciWKLgHXSycdwvJZDb8UOsJRgv3Y-1776774224.2779293-1.0.1.1-jQtun_ZX6gDKrFHuqH_1e7VLiO3qugCgkYHfj_qUCtEJV_vfHFtoBx2w1DDzCuoWDYXsJZCgNY7qFLfKg7wp86W7Jx84HJVbrSgaMWwwafPIel4N0b4sPX8a3VfBlrDG\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 12:23:44 GMT\r\nConnection: upgrade\r\nupgrade: websocket\r\nsec-websocket-accept: RUM1laAnuan4M0pDOC52iZo9zJg=\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=akg6Cnj.eg6pIRnUK_f3JC71MCLLyK.OrrvG_gUpo6Q-1776774224-1.0.1.1-cA24YLRwDgOs8ZbWpTW5d4bmg7U4u8TsgHKQwt6QhBi8gJfwtKzvw8ombL2SP7od4UvJjx5CarEHJV.Fk4FoGptJSn5AYaeDni6TWxQFWDU; path=/; expires=Tue, 21-Apr-26 12:53:44 GMT; domain=.galabet1069.co; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yjO4Mg5rmA8L3QduNJAIaJHaywqGKkgbybwa%2FcqJ1S%2FTgr8MmCfu6rAPsn3VMBxDuNesgpy7joOhcFy1ly8GB3TGR1ghcxYfd0NmmIhvc%2Fovk5Fq%2FlZ0vGOnN5yp9%2Bwj9FcXV6sLKOivPg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nServer: cloudflare\r\nCF-RAY: 9efc5c96fb0d49c5-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=8059\u0026min_rtt=7903\u0026rtt_var=3277\u0026sent=4\u0026recv=5\u0026lost=0\u0026retrans=0\u0026sent_bytes=2837\u0026recv_bytes=1251\u0026delivery_rate=318916\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=2f93a32c420bced8\u0026ts=195\u0026x=0\", cfL4;desc=\"?proto=TCP\u0026rtt=524\u0026min_rtt=498\u0026rtt_var=155\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2352\u0026recv_bytes=1388\u0026delivery_rate=5495256\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=45295d95a3129171\u0026ts=398\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":446,"timings":{"blocked":-1,"dns":22,"connect":23,"send":0,"wait":387,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/669.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.724Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/669.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/translations/tur.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /translations/tur.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=pfVHyiCxk9TY9T.1_DsWOr.u5jO2MhpcTnQd9SyTsSE-1776774132.7946563-1.0.1.1-WOz0FwFq67uxHJrWa86GCWr4So9dqB.phEO7CWevGj7R_9OEb3Evt3QJHAYaUbQ19NwJpPHh4ChqKLFqnjWtEoI_atqh0lAvQqfICsN9294tgccPnP27pUq3JQm0.sQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 11:53:47 GMT\r\nset-cookie: __cf_bm=.D.TXocirvjahePsuaX2Mm6F.qbhjhySAGXQpXPLoaQ-1776774221.5510187-1.0.1.1-FQ7_iuawZRH0_UBImWRXKh6au39b4CRi7EZBQHiu3ke_BULPcF63Az1Es5CfHgOhSQewvDSfvAh8qVabOeFYlwJGPL5SyOVgWOjaMTu6pXbtiqnrhfsERbM1dM93i9aA; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:41 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:41 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=09F4OsfuHF8Yh1uu0qEkAmkNwWEsmD9kHTsUqzmNloyWyooo0kVkXC997XNMSVg1iJKBdLNmeroSdnFWd4E9EFy7nSKoJqYBdb3qmBkE0Drj84GXzyScZyrsnhdHZq6daqPQtg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7654b-30e3d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c836c147131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":200253,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63448), with no line terminators","md5":"db5c3b6f15f6fbccb5fa32b4c3268ae9","sha1":"7980f1c916e76ab4866508836cd3c57ad2f1e72a","sha256":"f733996a548fa2f8eebce32c00ba4a60916d96c4a453b5289615d75c1a466f33","sha512":"7b264235717da947178cb9a241fa34dced88a241d301b1a0dd745617f86b3895847888ee6d1aed37100050657175fed34ed3d79ee94dfdcfbaa940c9da1c2e86","ssdeep":"6144:JeTHS79o2MYbsxplewkbxjQ5kZnHtjxuvy0ITxvw0jQ:JeT2KoJlQ5kBHtjxuvyX1q","tlshash":"8d144c05586e3cfd97a207ce74de9e66b0fa0283d150e416ed9dd63a238c767d22b90c","first_seen":"2026-04-21T12:24:49.077177Z","last_seen":"2026-04-21T12:34:16.114772Z","times_seen":2,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":450,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/tr-BJOLX3p9.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/tr-BJOLX3p9.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:49 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DsGf1ZwM5hKwhi1qOqP2tXgHDk5%2BHY3jyv91SUV289ZMgANWXyAvyKeOT0DKRts2XDTRRzt1fJ0v99rPOMNalWxhdxDaKCuoZnSdlMk8QEsJcd9%2FYDLbkkFHGu8SibfPblbiUw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3400\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=VKpdzvEX50fDg1ghy42WOdtYoRfFEOV2XTa7.Vvjqtg-1776774089.7753196-1.0.1.1-ZBkmrdj09JY2MxhP0Ex8qsOqUYAFMw4qm_z_G9tSizDlFfNDSKgOV8sgqeScCXn1MW_P.jyW0..wORTfNM7AUj2LYF42qtH3ZG0S9r5GN.dCwhxzmJi5QeyUZCjlEKgG; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:29 GMT\r\netag: W/\"69e73090-5b3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c837c1d7131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-21T12:34:16.302073Z","times_seen":2,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveChatAdviser-Bp3CTXDT.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=HP6Low8vjNN2srHybCyr7v4aKMWEz4mTWv5cQSQQsTo-1776774134.1296082-1.0.1.1-5cqoaBvGW.flPB9MF3Erii.nsrKatU9Lkl9OS3Sm0oRXMacLosuZDHqXFZrMq_qRBydPr91bSP8NYIdcOYNdbkQ9rFW8XKPmCi1wkmgPGd18LfAdHB3yEgXCwUdby5Rx; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fqwzTcKY5KJxYInaOEOf92aQcYZKArOdOXQTZo008cefU8ofHjzTE%2BLadaxfs%2Fm5FHKwpK7E22i3oqe338LSVg22dfcIdtBgolukDMjDWj7dr%2FA%2F0Xt7XtULw%2Fagpedwd3jZ2w%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 453\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-35e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8add577131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-21T12:34:16.229612Z","times_seen":2,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index.6hr6LgI6.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index.6hr6LgI6.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s1; __cf_bm=m585ZbP7fdVopNPyHt8t_NmuZTXis36EtPFguRU_E88-1776774223.0408502-1.0.1.1-i1RrKcnv8rjNcpzTHwO7IgKfZIxoVQ3JQt434kXSJfmu7EqRXnZGUSR.5wboKWD3BUWGXxBj6exJHZjBCgOXYy8_7x76luLLRmBAprlHuJCLZD0QP5C3PLAfO4eHyfAg; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\nexpires: Tue, 21 Apr 2026 13:14:19 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 368\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bDAWYH7ISo2e6FtsqT5.IJJ9dBreJBPSof4JvbF1Oao-1776774028.1612203-1.0.1.1-GLtWxzV3uHAevbjIKe054Nd.LyXTHttlsM72DpiIl03bykPul996G9VcmNlTEuTEzPYf00C2NPKmaeMAm4Ynreh6gv5BlvjiiZTfAflWdk1e6ac7c7e.bGN6_VdASlJa; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:28 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=86WriHpbQv3SZ%2FRhTUcTdxPrSowRLWgb%2FZSNyDPL1xH51cv8OVEQKxSyxy7EytyloddflJOHRv3XvmjElWLJ46r7P2ynlOVL7YnBUHQBt1im6d%2BNairHeywvUvvME6tcxzR2XQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: W/\"69e73090-4e4\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8f0a477131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1251)","md5":"d03ad7d634db584e4aed770123954f9b","sha1":"eacfeacdafdf8738f325cba4cd9352bad2829a4d","sha256":"7dc01c1d9e89862143b3c4cc81a2255e63cdb8412bf7421061819919fc2c6bf5","sha512":"e4641ddc5f100aec535f0f87f4b4cf617ff4fe450de4ed993b3681bec62023646689f9f12edc7b03c4dbf21e0b98081e4e8dd5b0b0a13970fd25946f953bde37","ssdeep":"","tlshash":"f0218ad7190b14feba73a6bf454346ebe5238c5bce63114ab6c21729c4827a2422245c","first_seen":"2025-10-29T09:08:38.623149Z","last_seen":"2026-04-21T21:26:35.807425Z","times_seen":974,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-Pd1BUwU6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-Pd1BUwU6.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=i7.AVmD4XvF0RmtIGBaHhYdZv_jwlUM3yFecgdX0s14-1776774223.2206354-1.0.1.1-a4xlmSCHFjDAUYMWoLBps8QiWTdIYPGTTzZqmMzIQ2dCTfmFqYGcVou4VLNTee5a6DkKO_h5kypKA2RSjJOf7SJn_Kqzt1Q3VBS6QgPpfNiSlg.2RWNSNR.tGCCow0nW; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=tjmouYhyJNrbcmLWo.KrNrh1EynfR1Xlmb4XYXPDs2o-1776774028.1718879-1.0.1.1-GI5NvfPPjDx1PYCwdxjFDVHi6Y4gddbBa9QzbQ7hvE960V2xc.F5Ohe5.Q35ASHqX4Leh4zw5x648H2hS8iqQ7TSE7P7FjbaPLOG7x_E7wMHVsmQZvhc.Dnku8fNoCIq; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:28 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=goUVx44fOcXW9mhlwUColFY2PeqNiMOpgSpWylCdt7xf5dhpd1%2Fr%2FWdrzxXXsaEyyiJpX9RdH4%2FjVHo9onOA%2BfTYQVxdZS8gGJ0%2FR9UouKK06iIZdaLumKsqGfU%2BpiCca7yL%2BA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 367\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-b6b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c904c027131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-21T12:34:16.29097Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/10/20284.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.365Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/10/20284.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DataspotTracking-BNSAxMZE.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=5BK_Y6GXJ0cnGOsGRbzOhvQ6U_pHp36mgtzE1ASRK2M-1776774135.6090622-1.0.1.1-ubG2FYWfh372FkPGp.k.8et.5oC.Dzx0k7tVb3HF1sUlDqDWjFej23tTVpsxVqKol6X_ACxcHg2ohxjk6lUV87O.uPO_xIXyhhTfEPLy4CeqwXY0lEnXXTvu5ZQI9lcv; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kFDu2uHvOJmcYG98F%2BKklqBWAcFMDpY3aYfL9R5ZROd7w3lu%2BFx9%2BtaviZVXXEJb11z%2B5Ll2sc2%2BWRm9p7fyHEj5fgWZPG3DaKT0EIr1w5R4g%2Bimdv6W4ugGiErDSiFhxwIwAA%3D%3D\"}]}\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2184\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b6dfd7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8579)","md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-21T12:34:16.287338Z","times_seen":2,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png","fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","domain":"anjcdn.org","tld":"org"},"ip":{"addr":"52.84.50.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:43.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anjcdn.org","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E8:BB:D8:6E:0B:96:2F:6B:79:F4:51:03:9E:0B:82:DF:B3:89:F2:61","sha256":"FF:12:4C:5C:69:6A:A0:75:A5:73:2B:7B:4D:C8:C5:4D:08:45:4A:89:9C:9B:40:21:53:78:BB:ED:95:B5:55:19"}}},"request":{"raw":"GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1\r\nHost: 02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 68\r\ndate: Tue, 24 Mar 2026 21:00:22 GMT\r\nlast-modified: Tue, 15 Dec 2020 08:04:53 GMT\r\netag: \"e679fbd466a2d656f194a5da4fa083cd\"\r\ncache-control: no-cache, no-store, must-revalidate\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f3eb7b5e20267dea293dbfae056ecd62.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: vNBk_81q5MtjB_3vqCLihFIFAijT5cBAPSsKsAe5Dac6iGi1bU5kZw==\r\nage: 2388202\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":68,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced","md5":"e679fbd466a2d656f194a5da4fa083cd","sha1":"2aa795c7607aa6ea41313be88f1b7a9c1ab516b3","sha256":"f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710","sha512":"50664f290367739604eb9e215554e7dc73e8e619f2e563fc597c831eb6b7cdd255425495a01bd73e8fb37ff2319d4e0943e11bca28651d19b2894e39bea9c9e5","ssdeep":"","tlshash":"9ba022c233c0bc3cc2ce0833c0000220f830000b0a088c08a000f0203e223e8008c3c2","first_seen":"2023-04-05T18:15:05Z","last_seen":"2026-04-22T04:06:05.238154Z","times_seen":8008,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":135,"dns":110,"connect":4,"send":0,"wait":3,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/999.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.740Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/999.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=9PXpqmryGZGpyDhKG1wLf8Tv_.cm0oP.dEouRAH0CUk-1776774167.3695188-1.0.1.1-_4NEhvfGKaEcrhvIF1nZXRuwlnfxLtxN7phKz9gJoppqYK2FeX_APqghdbJSqC6HCuoqLdpM2UOb3X9AWNgxXaOS_.TurYVF7xhQzsyLfhIWrNDpnrJ.zmkJSK.1hh08; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6446.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.138Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6446.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/495/991004.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.342Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/495/991004.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gOQJo1WdwHduulSoczMyE96tL7mEayzN7v_e7DxkCo0-1776774223.3729873-1.0.1.1-g9B51OCIAAkrbH3GBmUROk5j4v7peGuoj5rxclYRrtKTEZq.bhbJ5pcaJIqA5YFOSv.aqcj2zLjs8NwpKHWDPWWgrWudg4YZRBVjCG7sDu8TTeg4BK38_qRpGAbBXfDN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XPdWkqjwtwPD9m63G4Jj8JybNJ1u2917HRGPtDB7LdEzBNgOw5MEan3FCkWTPmONYmhdZKwQFPwRhu1Zk9gLrjBvBUYs7BLe7u0CcRk1HMDqyDuyCYtpF4XhJ%2BJLn5qGmb%2FfYanWE%2F3J\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8e797a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13465,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2f2d99e8281932bb4adf573efa329877","sha1":"987b4e91ae116854c3266ce56db06c53d4d8dec1","sha256":"718d392c61556a7fb95f4879c7f2f5db26740a2458e3c3d9364fe951f0cb0612","sha512":"e6178864fc9377da9a8e77f37fc2640fd667e2278148752d1d2ecc3879220b9c1b33d52dce101fab5f48b7f3e9aacc8179988c4d519876e9e10c6c2a52b52abd","ssdeep":"384:JZOIr+Su4kviQ8YqhQYw2C07OTHem1ZQnfIpxTNMDwO1eUtZtZDD5Y5zhsDZvoXc:nruRbvqyBBCk+uOfwVq8ev3tJ1g1Wl6c","tlshash":"6852ff23b02dd9aa5b447b40b4c3394ac9dd5847dc0e9a70dc458f8d92ea62ec6e33d7","first_seen":"2026-04-21T12:24:49.079804Z","last_seen":"2026-04-21T12:34:16.101325Z","times_seen":2,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":426,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DisabledMarketEvent-D3Rzd1b4.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-D3Rzd1b4.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=TuAQHmcorBl3rcDZISpKLQ7Ae2z69tHw6rEKkY._TkQ-1776774223.977806-1.0.1.1-iF7DFjSiW129FNob85KQT0vDhvSCRfO5M9_2qoYcTyJJO401m2hynEFOSuAYNUkE0WcOq29_Dcyq6C7EPJzOJ1bB0z5fn3HoSlFAGWlltC4e93UAE8VbZV.9teb4_71Z; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rb2LYmrqHrcc1MewgX8gTxYF%2BYjnN7yQYSuhGKJhUgssWbAGAh1VHs69ZQ8m38uTdaVBIwTkFdoNDyUFLrfDBXrge6FSdi2f%2BnT7gjptnPaE6L5uayGIZiMbugPSKK%2BviXQT1w%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-a9d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f147131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2717,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2716)","md5":"a0853a252113b89e2f91430c92601259","sha1":"d1e90d51f3b0454077b0fdda9bd92f81338a3174","sha256":"f9942c9c1250a67cc2cc703ff9bf0c330e117e3fbdb15c2abc5d94cbd5bf6905","sha512":"1339cda711baf829a033f7bc84391f3b1b0a3c250bdf34f4ca1c13886db7d9ab1cc282c0a329fd60542271aab51ee98d9267c6110bb87a7d56b86796d19fec77","ssdeep":"","tlshash":"7d51846df280ea7d593500dcd37b1f5a601a17a2c65a0952d07e8c38095d09d366ffda","first_seen":"2026-04-21T12:24:48.909521Z","last_seen":"2026-04-21T12:34:16.285331Z","times_seen":2,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/670/1341728.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.233Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/670/1341728.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/685/1371891.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.296Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/685/1371891.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321043.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.316Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321043.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FacebookTracking-Di526DTV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FacebookTracking-Di526DTV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=XGvyYN57ITBJZkpl.bYeAEq1CNs.B4hkjuvauSPWJxQ-1776774134.1718626-1.0.1.1-qkAOz7zTddmGI3ASoQOSeh.hVVJBDSdQB4.6ggFj_Rxp8PemsrBJO7c7GdwTDIK5J8NPi_1nVyM5fNehNnVpcGB9VXSDX1jpTQfa9JF18Oo6Kb_lN4HugV9gaBGpgT3l; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1prlk2MEp%2FEGdsloHgs71m7UlBrUdjFzUiPEwyikTepO47%2FtrTa5rQ7LgyNNMq1Nrnd0sWKQN1xB2GdlwMCziet8zCf%2Btsq4qI8XueMnk%2Fz1mLuWGxNKtwrMPMNEMNyyEyz1Sg%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2a8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed777131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-21T12:34:16.124287Z","times_seen":2,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/MarketSlider.DEf_J3O6.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/MarketSlider.DEf_J3O6.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=msfnXYTIc6.iPWL6mqYnlIC2bvrFbnpmB.jVd6eR9Wg-1776774136.42081-1.0.1.1-o5aojM688mHQVc4FjvBUG71og_GWzGccloDLVwzk379g9Rves0u99BXAjttBT.8ZZJN4Y8I1HRWgly0RghccX1WmhOTcoQu2Rg12P_TqUMdh.QGL.x8jLlKP8g_j6zLr; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-729\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=37iQY1wITEFBD4stqYaYCdPiwSdlg7E1NcQFEoCl7rw-1776774223.2029781-1.0.1.1-nsQfpchsKHfCPh8syvYvMwK3GlH02EFbfkCnlOlU4xe_OrN9GYTyO0_YCsZFdRXvZAQraMWg4j7nmcKOs3sBX8mFhKhI9.O4UYIYrQgOIBCtJmSKOgenOjivHJpWnABW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dAUyH4YSVNP9RxHxF28wIPesRJRjvDFtqIIqHtYNoDWbdo8U8IBpaMHBVV4mlJr46nuMHZO1xGSGdveCMBMeac30prf9t9aidvttwE3f4xBrvHRNASyHp88dgyadQmDHSF8bFA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d48077131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1832)","md5":"ef343f8c175866bb7bb368a1bf123a73","sha1":"e1c0533eb620915a2c4c40e107f70d5baf9d6389","sha256":"6d099492d0c2c9b56be2306ce327a593012ee443628458abe71202072d71b172","sha512":"82cd49f1b4f6e25c1af4748350e06b08d99555d4eaf4860a5c6d28add968d1a39aa76b2cd82767771330c04613fcbe90e97d8825b536c10b4761487b5ede253a","ssdeep":"","tlshash":"303148926406203cf976e25df6baef9df08a1233bcf5d777d9151239c4852a42031da9","first_seen":"2026-02-22T15:27:55.529294Z","last_seen":"2026-04-21T12:34:16.329639Z","times_seen":48,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipPossibleWinInfo-BODkpSVE.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipPossibleWinInfo-BODkpSVE.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=CTEHfZpNFB.cLzUI2Embd1MdMSlZDRC10NJRsBKAeug-1776774138.179763-1.0.1.1-PBcw_HSAgWhJVYa7N16PiFw6yY85TkiMzD9NdZtnIDj0ow_T6y3myw5tn4tZt3_hUQCDU7gQoitRIEIIrNP7Ey6FD.m8TV9K22dbe0U4Y7pP7H2SdQbRiqJ9sMMP4Qc9; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lW2Km7WC7W3zc6mfQWXTae6Ef3yQtfwFoZ0Apr1uyWhIBbdNVjtBiWJbVUUMMbANSRgV8HP9ACubjoSy9RQuPTQ1XwPiUlIax7fLQa7BBa4eebXaUSBEv9%2FbC0tcrrsZZWAbjQ%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-865\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8db8a67131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2149,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2148)","md5":"aad3864d0ced213a2758771417e96758","sha1":"3ab8f87457930f5085e69132786768feebbfa6ce","sha256":"5d319ebbbd4232944ecad0beb30af546e5a9cd6367fecdb61c66420a19adc6cd","sha512":"c8e861d73d9baf2bb62c4cabfb0428880c35ca3e237b7f77012872039caef4369336ce736cc5fb5821dae4d981c3401587ea579086013da48f9135d94aa52a78","ssdeep":"","tlshash":"f0415a11b414cbfdc5720dca794d1134b00e2fa0eb69a191e0fb2e2896bc9d67641ecc","first_seen":"2026-04-21T12:24:49.045458Z","last_seen":"2026-04-21T12:34:16.106726Z","times_seen":2,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /loader/fasttrack-crm.js HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 14 Apr 2026 15:08:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 6O.0HUoXLOwOEnwCtcVk0GNsJ3GjijfF\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aKeAZyH8XwHnxl8DpcAdpa%2Bgz8R0m9LNd2DCvCjPoXRngjabryL9Qf%2FDjNPAKipjYBitFv9quUdj5iSvchumU6GUyPm6JgREJRom8qwlxzep9FfW7ZE8gSfPvA62SbDVGV3GjeGWo17iuQDJyuY6z1w%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8c3a87d110aff35fe17513b9a9ad30cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: E0oOj1-Y1VstTbOi0EsF18r4Dkaq8BUmy7PqNqXA_qRgCwZIJE8HEA==\r\nage: 6059\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"0a3e94e19b384b80fd4132b3735bfc8f\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c909ad856c1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6791,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"0a3e94e19b384b80fd4132b3735bfc8f","sha1":"ec1475a09eda97a5622d7c5bc2d650c86314eb2b","sha256":"5c5fdf18e27f2ac8aa2ffbef0573c2280601802831df99d50ad86c51b57ef402","sha512":"84eefe0c0c2ac4755fbda71d622b0ee74447b5c1ffd35e740c1710d27b110167b2692ded7c311d5b8bef5360d24ad5f03382580eede0d9b6a58ef239b71fff2f","ssdeep":"192:/XKuPlMK5EbbbCWuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8n1xDt4atx5Ye4ymr//A","tlshash":"9ee10e5c39f394610a93351f033be115f3b6e533221eec41b9dc8968af54667caa7d88","first_seen":"2026-04-17T00:47:10.117791Z","last_seen":"2026-04-21T21:26:35.586648Z","times_seen":12,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":36,"dns":21,"connect":2,"send":0,"wait":16,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/useJackpot-BgMStqQ-.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/useJackpot-BgMStqQ-.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=q34lRvbDGUmsKrxbjYiEB8R.pcSdxzU.ZGl8xS_AiMk-1776774224.2064254-1.0.1.1-Az4KW1ATYE6y5MhAfknD.V0Cvj8APsOT8CPlVd3q8XDR6eGhoeRpxssE_JEFG2esvxYTXWUp4H9wNg5BVXlZqSFWMb1LvIBjDV3c9r7aF0nKAOkHZmyGkYGhZ_FgH2w2; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MhzE3Wo%2FMJAsUCZq1qjYm%2BknRe%2Fq29EToDjRJTKxOz%2BafRqpyPcvhZRC6xJkR3Fo%2F%2FdeoUJfUaQUL1BwZHWRToc2b7nbhzrcttCc0fIUrAc1jPFyCEi2aUfuMoCPFWvoPf5yrg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: MISS\r\netag: W/\"69e73090-58b\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92af397131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1419,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1418)","md5":"ade688ccd4986b3e2cc18ba021e37d84","sha1":"5192350aeb75b62f96abc581fc97adb6430a2364","sha256":"d4633c61f7b8cd422e3dc99882d4a7c1f0edc9cfc4d4473fdc6f05bddd332266","sha512":"e07826b02aa78a47d2b184a6cf64329c7a1609c7078498adfb6aaaa0239dc4a57b5e1ce51d84f23898e4683daab0ce00486b7f907cfcf3706f256ababfedf589","ssdeep":"","tlshash":"7821f045c059e5f8f58d8cb10067d72a1b3c3f297440a090a0be5ebd57a8d41b6a0f93","first_seen":"2026-04-21T12:24:48.876051Z","last_seen":"2026-04-21T12:34:16.32508Z","times_seen":2,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/685/1371891.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.377Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/685/1371891.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-By9i3a2L.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-By9i3a2L.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=1S4zPYfYZJqx9rU6ENlPxz57FxipjRgQ3LAN9JOivrU-1776774067.84588-1.0.1.1-H_rd5SlY5JtgjFTNqwwx_HgrkipnTVyLfpbOFQd7isbzaqakt3.xMKb7mJnGGCtT0GL544j9gADsAMHskJTR3nVS_nZk3eGInpbaHHZrtHl4ExyMt3MzCoJoKBERDTxq; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:07 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:40 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oKDXfBrZI8NpXo9QCi6SIi9tPuFV2JjpAd8BTxyYh2gqJ00YsdWobTA5ewhhxdVWeCOIple1LlP5ViHvisf6m3iBdtEfIjNHARXPhP4LORBJwNSL5zHLYkdnmBBE0Cb2e1VXbA%3D%3D\"}]}\r\nage: 3387\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-115c3d\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c88fb257131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1137705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (24532)","md5":"525f18d133fc7af7dc17d955d550f2e1","sha1":"87932d0c9e71469049dda2aed0b69c205a843493","sha256":"4cfc091498bf2b15dfcf5191999bdb06e4330defe44913f83748a4ac8a6ef1cd","sha512":"ab722fa4fe31ec8d0e0e66cab67e8d3a8896d3b6c3c44dfba22c0f807d69548510effb0dd57cd9f36442ae66671e953aee70f988abe5f4d3a95be730328edd05","ssdeep":"24576:lHo+1lCm2qTwWJPwgi2DwWTgExZPq4WhYKd:lHo+1lCm2qcWJPwgi2DwWTgExZPq4WhV","tlshash":"9a257d85b155b87997b709e564af0102b1391e00f44cc460f67cedae29b9809a3bbffd","first_seen":"2026-04-21T12:24:49.025629Z","last_seen":"2026-04-21T12:34:16.172648Z","times_seen":2,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":266,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FastTrackTracking-C80GL_Ah.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=N391VH8h4Xqe6N4hTszWyPesiBeXIZ3kikAz14NMZq4-1776774222.7873437-1.0.1.1-T122zkE3KccEEuTFrkQNJsluPnoMOGlSDHEtvCMUEhkF2Nxraq6RrGzlQUW9shzFYGH.nw5LnHSaSeg8k3q_uKVLeWN4HV6p.3htClLeudL3SByYroGc6K8tM2yTAJu8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:42 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P0o0iyC8E4sh0BTQ3ixhxQQShODzDIkzrEqzdt2M7dBYL3P82Mpy2lXyU8ErqiO4KQAw3CelIJ3KzLzTfKFlrT%2FQLTakPmvGcAu1L22%2B4SdjvR9tCYtX%2B9I51otPT6JFbZTcdg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-569\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed747131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1384)","md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-21T12:34:16.26796Z","times_seen":2,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/emptyWinner-PXmwQszX.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/emptyWinner-PXmwQszX.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=zTjpp4IkHTTYBP0XmqPgLj98iBIrS88N160Dyig_7gw-1776774137.9366505-1.0.1.1-xba9FfAstryzJGnqlyJReHrODm.ZlYpacUZqsU8sH95XAzVjYkPkWSy06N74..k7aXjkyUrl6lwe4cftGrqck5lnHgxJy374QfYv3gfaadcsaQLmeRFrvLBrf3_hB8sP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6jMZQMLz2iRSVHyI2sxT3cZ5kxtMvOVO3%2FUKuwD5zebxJ9ObpiL16dYxARhp%2BPc9ZQOCAx7Ck7noZIhDEZo8CjbGc6q2RH1bswj14opWiDfr2v02m%2FDwft%2FRpwKbgaBCPPmKg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-6fa\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d784f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1786,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1785)","md5":"e7e53d51c28710db55691300fa2905f4","sha1":"dd413489d8bf278a48bc6521e87157a84e7e8dab","sha256":"44943d7e927e35967acc3b28435781510ed8e16677eba481751b4692aa89c4cc","sha512":"e05ff8bea0d2d4cf48ce9966eeb265197be37022741dd901b20d945410c8af7a7ad7a8e13b22a42b3a8662a735cc29d7568b56c44f5c7c876af36969be108d90","ssdeep":"","tlshash":"1231878f9141c934b7630c9695d9d6c4cf142787aa34fed083a80faac576109c65cb8e","first_seen":"2026-04-21T12:24:48.983719Z","last_seen":"2026-04-21T12:34:16.231557Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SportsGroup-B_tOjaA7.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SportsGroup-B_tOjaA7.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=USmVli6OioRw1D7KwbAo.bKkcpo.5bAb5lAYV2Y4_C0-1776773847.8216975-1.0.1.1-vzEXZa2PGLcjl1DJ97YDlcq3MDj3hRYo4eqAamK6vxQpWCJnG57EvbRqzEW2hcPCiUWaCuBAGIEEcT0T.3IFfx2r5jWTff2kiN8IySM3ZALm0v.1bUzjFagRxxGfEkQw; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2FeBMyTdgi6OXyeemHAppVW9h5rvx5Yhd%2FMM1QIF9H6eocgcuYTP7kNr4lX1GBNpINCTcxuDdSPtPq%2FkzUlqh0SzutZcO%2B7UKuF5aGkFlIKckJEukVBzwQTbj1JoxgvEeGMmyA%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-27f\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8b27131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (638)","md5":"b503b50fa0f771bc1dd1b8be6de93220","sha1":"af0d2d427f35c4fd11d6ccc32ad58fa113c84590","sha256":"753f8c285d79eeab5cf0a8feff56252e7dc57beb58b9bb0670c242b4e9b0fe91","sha512":"41d1a4f85c75421df1a00af94c477cf11967be5e8f48985ee33639765106afe7688246d7d358bd5a876eff97606ef43cc58284437662f7c33794bc2ecd9807a8","ssdeep":"","tlshash":"8ff07d04e034ebbcd53b09c1969e0418305e0a74eaae09e3d0fd193aba780d57a4efdd","first_seen":"2026-04-21T12:24:49.006572Z","last_seen":"2026-04-21T12:34:16.147229Z","times_seen":2,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/85/171816.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/85/171816.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/svg/Promotion2.json","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /svg/Promotion2.json HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:14:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xbdXVE8qnHZyy2MaRuQQjF8RsVbR2RuiW2It04aU2AU-1776774000.6217692-1.0.1.1-zFeidSMtDjy9HNcYmnTJcFjUQ7qUs8dePxDoU5Dp2u7PXCBs7hmV2ezMaIX43Er7_BMET8x.9OmmNgaYJeTxKFuyS7Em6xGVeJe2kUhSZjOqLE65Y9xE1L9Mis4mVUMc; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:50:00 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7KnIDK3VlCRKwQvUZHX0Pao212cI6RGcaFAgdI4hKUoVhS4sziD0VmC%2FPV6C5V5y%2BuWUInJ4Rc9%2BnlMfWYBerUZAPeczb36R6BClvrGd00wHr2lB1fxGGYqI4Cq7WMyG%2FhKzgfOiKY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627184-382\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8a8f8e56b9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":898,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"31cbecb2c7e793078b4a8e43100c2e33","sha1":"e073b0e09fcd4244f6c86b8f22206a46c4af9f3c","sha256":"a7ec0feda0f0f44aecb09628876438cf31a3d33de7393d25fc1b39d6251bf104","sha512":"6762313ddd6985ca71ea5e90b3a05664d0d1a3cebfafa6da07ebff76f62a3c9634d17ac226a4fabdc606ddc5c7c7adbb4628f3e0c8a30d5e5f96e574266d2242","ssdeep":"","tlshash":"7a11cce88739e7b438cd1f4f9a3d4dcf3614261a683de034e73eb9c4a61391c652119a","first_seen":"2025-07-08T23:44:04.701479Z","last_seen":"2026-04-21T21:26:35.70514Z","times_seen":136,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":89,"dns":77,"connect":1,"send":0,"wait":72,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/FacebookTracking-Di526DTV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/FacebookTracking-Di526DTV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=XGvyYN57ITBJZkpl.bYeAEq1CNs.B4hkjuvauSPWJxQ-1776774134.1718626-1.0.1.1-qkAOz7zTddmGI3ASoQOSeh.hVVJBDSdQB4.6ggFj_Rxp8PemsrBJO7c7GdwTDIK5J8NPi_1nVyM5fNehNnVpcGB9VXSDX1jpTQfa9JF18Oo6Kb_lN4HugV9gaBGpgT3l; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1prlk2MEp%2FEGdsloHgs71m7UlBrUdjFzUiPEwyikTepO47%2FtrTa5rQ7LgyNNMq1Nrnd0sWKQN1xB2GdlwMCziet8zCf%2Btsq4qI8XueMnk%2Fz1mLuWGxNKtwrMPMNEMNyyEyz1Sg%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-2a8\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b0dc07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-21T12:34:16.124287Z","times_seen":2,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/if-defined-CWaLTnLW.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-BJ21FeBp.js\r\nCookie: SERVERID=s2; __cf_bm=7sv4RDxlc.MzjWDZO_PG82BDD7NLz1Shq9ljiIRYJiA-1776774134.9040303-1.0.1.1-zWGp2R8D4hsGLy7XhUkIJoZgVTVlWwfRds4M3SrBUU1cjSmBtPoCgZGbTvn.GUhveJGEHSxUWkYikE_t7bz3F9yWB3uTMYp0Wt8z3qd7PxZRyTv.kvMTXnmQIlmp3Sgb; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=SJ_0w6qtJoB4L4FMFb6_i_B0bYvI9DIIaw6WE6qz8sk-1776774133.7366178-1.0.1.1-rzG2ii8wI4evm6toUMpP3sW43sgPGLqC9WVV1YxbKCxDWQfr60ZNa0BZKLyBdv.mV2LJ7xT2VeIo6UVJsNstaqti_9sw4PLqaDr3VHV6lXilXc2_tWkHKGxl8LQfctD2; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:13 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:51 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PF59ArzOLXPk9L5aT5xtVz88bAHhz%2FJ8sLBPQGKkHV4Zo3qpTWLYwrICJCUnZZ5OuPIYmP8UiCtAarH1ys9HkQve3UB3ZyUSNMxSVn54yUiX78kaUlCqz1m9I3ikhQkTbVqLYw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-cff9\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8bde867131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-21T21:26:35.697782Z","times_seen":581,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/CasinoJackpot.LKSeTzHB.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/CasinoJackpot.LKSeTzHB.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-36a6\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=2ZKOsrDIEYnwcu8XgqcsjpqZZ6xfEZ9h7HB.thA96EM-1776774223.058576-1.0.1.1-epE.xT0bd1zxOyRVrv36Z85jg9C3eoElB72oICv9QSmgWrvJQ.0AjEP5DLWN6n2mOwKzvz7DWxuTj8kDY93rD56WE2b0iJXHrJVe__koFHg4sEsRIpdK6BgnJ_LgGZvx; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gjJP%2F9icuQPBSOw23euncNCxenmI2TGgQTFU0mlCoepeSuGdUm0jD9bEWr9%2Bjavd1Ee0bwDEtWq6BeNQfKlEF2V0rLxjNu68XxfGmBiRnA1a9YlHDi%2FqtHbyrHDZ8Ee2hN2xyg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c8f317131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":13990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13989)","md5":"60eb6ddf76d9a756f395ba7e73eebaa9","sha1":"ceda179114e797219c1733ccd2cea653c04d3abe","sha256":"c725a658c393efb947422c925ce2f83c4f547dcade0b93b44fdeb871deb0d6e1","sha512":"c1be903e5060da80437133d36928bb0183d1e65cd511d2a0f34a748435c8df315dc13916241fbe769c14e46e8247e9bf599e1c9a3b5261d93315130562cbbb01","ssdeep":"192:5aKQrrxX/YyrspdNl3qLq/1R9z7g6mbftDxzNfDFDfhf3fOfNf5flt/1ttTpFVFF:9UVwVELPhoEDaLDRiQ/","tlshash":"0e52dd07656f33b829ef653726f0f7cc9a3c4879c7126564a8d2a2194bcf9b006617ec","first_seen":"2026-04-21T12:24:49.084502Z","last_seen":"2026-04-21T21:26:35.734204Z","times_seen":5,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c8f1c020731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":443896,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0c7cf51ae6549c10173059592b98adf6","sha1":"21b2e1ee5d6b6222e881701258b6cbd09c235b6a","sha256":"642880207c728644f64fbe4acbbe3a110e13b40f996ea7244a3a2a069d18a5b9","sha512":"69bb90152d3bc54058896667507fc3e27ff00577249770c49633ad035dea9dac9edf7a0eb9c0175ea4fd00da6d21fa8806928eac9d5f2b18dcb06d661395c8be","ssdeep":"3072:bnVMpaZB9ZbVITZyYA5vrAdZ7GlAMIDl3g4Wcmvu7IHkFQ7DWgkI:L+uBLVIgh4WHu7VQ2I","tlshash":"959444bb8f848e5b1b280bc9212d3d6c99de298bcbc55df6f1c0cf1844f4ab92315566","first_seen":"2026-04-21T12:24:49.085823Z","last_seen":"2026-04-21T21:26:35.755684Z","times_seen":5,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":19,"dns":20,"connect":3,"send":0,"wait":63,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/14ccf2a31350f1f060b4ce7d19123cd0_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/14ccf2a31350f1f060b4ce7d19123cd0_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 27216\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Apr 2025 14:17:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6810df6d-6a50\"\r\nexpires: Fri, 24 Apr 2026 18:03:14 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 325230\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=eP_yQ4nixspxp9H0xR2Kb_4N8kQLC0R4JophgNQEfK0-1776774224.6908314-1.0.1.1-D.YtjCZ4b3M0gNjH7rCTUhYdIKz.GA6LKqCxwlIM4YvALZmcod9jr_XVjtvCdR3A8g4BKuwFMJlQURvP1ZJL7MUrUqS07QEXVGHZ8b_6Dg18D8q815BzCz40f5bs2krY; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qq1wtLer8F9x%2FkZ%2FwzT%2B2DaZFZGZK6EDRXme7zLSvfdXj8tqEj9Puu9%2FzngCLC9mJVw9f2p2SaKd34Unhq%2Fa6RFOagMpAZPG%2FAvNW2xel1P1kkem20Q1O%2Bp1smWVvz%2FaYFXrDZSjr%2FQ%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c975c297131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":27216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f55ed6619a24d14a1b2cd7c1a785984c","sha1":"a6eab1d64e70d4c3fb55ccb92707a24b10d2cb72","sha256":"c5845064f3755044597e5221ab5e4b27c8a0272f35e779ecbf419eef024208c0","sha512":"afdfd483803165129db4473a13f88549b62f8fbe01796108fe7d40855fa092a79d9c71e49e3b7b66fee1348f6e1b3464c8db33206f7d179e035b123b908f46e8","ssdeep":"768:FklDeb5S9aaQPAXSTAShghMeDf00AIKbCRp3Jexi:eeb5SRQP0STADxT05IKbotIi","tlshash":"4dc2f1fd3a206798cd590bf549fbe352515c568e37ef8cabb2b4a19cc436ad0c429209","first_seen":"2026-04-21T12:24:49.086808Z","last_seen":"2026-04-21T12:24:49.086808Z","times_seen":1,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/68fc8d77f3404738510b30469eee57a5_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/68fc8d77f3404738510b30469eee57a5_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23966\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 13:35:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69e0e590-5d9e\"\r\nexpires: Sun, 26 Apr 2026 18:56:33 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 149231\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=.wRPPxnhjSPapoBeS4U4UmHwZMSI4Ezt7b5w.MAFGcU-1776774224.929825-1.0.1.1-fkR32JW1V2t7hL1.7h_n31U84Vd_swLrXxfbAULwViXkw3OOThmV57UCcgAQEUDrrYYM0ZAmlMEOs6GgYwn6BHRqZLLBP8G1QihzLfL2omW8YPYwCkvefd_vTTdhnKFb; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DTuPe6dvooE99Zr8M2i6quUKa6gdt2KmGD0KnOwiHth9GVHln1WvskSEu%2FQS%2FyR9KdHJewFNzu7JvBDavzAQ0I%2BmDfMl1IldON7XqUOr4bso3GgoF5wtlDGkzAiTWElf3tZP6TUR894%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c975c2a7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23966,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8cf72cbd0b426c17d51ed0eb4921a72c","sha1":"d8dd24c0bccc12bf125974fd21fd28edc091510d","sha256":"dccf320e0868e5fc4220eb97c8cf5cab59e3e3235c25854f7aea3f9fa3826be1","sha512":"1003372bb15e4b825fe0f9fff5a9ef36460e2d41e08c7816910ea4706d9ba50c3795dfb5d6d80678e136d4e7aa8fc194cb70ba445a45bc25d52d0d9566f24ad4","ssdeep":"384:ZmeI3/ChLSS4Fywg7AuZXAJXQeyscJsvwAafgkc8QK7ObPiGF74lcY0Om0b4WpJu:Zz0ChLz44ntfeA/ff5c8o+GF74GYe0De","tlshash":"a1b2d0f256621c9ccd5a6e9c99e1b6027762dc816403c8d72aa66fef4281067ddc32ec","first_seen":"2026-04-21T12:24:49.08859Z","last_seen":"2026-04-21T12:24:49.08859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":444,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/764.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.746Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/764.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/WagmiConf-D709ykut.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/WagmiConf-D709ykut.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=5y5M7dXfLRM_EXccPa.GGBQbf_2Tki6NdQZIQb7xmrI-1776774221-1.0.1.1-ell_aLDYnCxzdrqBVafgAjyy55MIupE3yI7RthsMM.04SKmSm0m.2BxwsMJKqxHcoRweu5KXbb9_M0tj_DlS.S.85WZH6JxmluDBnQmDYSg; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2FYcbJR3Gjth3hK3Tz95cObveR%2FtkC8%2F1rOunqAKLjU78kMmTtI449WW4CKD37D4NTwI7WFP3KaYtmiTqipt8pel1y94389wVvjvsb8ZF1eVKbU8kVsu2dy9XqbRr6q%2BuqJlRA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3409\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-18a73\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8da7131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":100979,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48215)","md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-21T12:34:16.214993Z","times_seen":2,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/events-1g1c6Kmi.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/events-1g1c6Kmi.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=OCDLeMgK48ttUyAXOdzzMw8VBpwWlrCOL..ceSRtFqQ-1776774132.9865928-1.0.1.1-rNjaNjF0KSo2Xfc1uodeJFTYw9Nrh2I9WOLqqTG0HUzZTqbt2cEy._diXyd0krAg3tCcIsHg6VFbk2w6HB8KRplxij5G2.hOv6gVctDF0UX3Co0eB6O.8AVQEf8h4m48; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:12 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QeNRlUwdE%2B6YmscE2D17EzFBzaiPLcNCElfhjTnJGW%2BejUX9ERZmKUz3ScC3Gc43IjZmGSle58j%2FZee1EokHfQNUNiXdShaAJJGvtUf1Xw4wGHIxC372bKU%2Bd0%2BKEiBr1acejA%3D%3D\"}]}\r\nage: 3442\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-17fd\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c88fb267131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-21T12:34:16.173407Z","times_seen":2,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-ByS_Jx8a.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=__0rPyH8aD3G0NSXfJCHUF4RAJu5Aau58vkKuiNUYk8-1776774134.2005174-1.0.1.1-8KOlAYo7vDBXbkJYISSeWIPI0vfOvFiRo3FR.2AQ5JHW_vxnEMkHYFceC5uuWP1pI0HRwF4Rp9ZHJAjA6SIZeOwfi6KEvCGPGtVJa7Mb53ZOEPwj6GlMErsB45Jw7me3; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u3TICbCqSb225%2BnxRraR7zvJaOoNU%2FG7v1EZQM15kzevIqBjEC2ve%2BGm23O71aJnQx7VmNi2NLdhX89lbvUBC9YI0j9sGCauBNMmeJmLokipboSvX2vLLeYr%2BC3%2FxLCyHQQYiA%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1301\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afd857131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":4865,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4864)","md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-21T12:34:16.118062Z","times_seen":2,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/RunningLine.DYr_M994.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/RunningLine.DYr_M994.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-b98\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=m585ZbP7fdVopNPyHt8t_NmuZTXis36EtPFguRU_E88-1776774223.0408502-1.0.1.1-i1RrKcnv8rjNcpzTHwO7IgKfZIxoVQ3JQt434kXSJfmu7EqRXnZGUSR.5wboKWD3BUWGXxBj6exJHZjBCgOXYy8_7x76luLLRmBAprlHuJCLZD0QP5C3PLAfO4eHyfAg; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uS%2BpPDa3q3WDgRfW5BuXP1DLPvP%2BJ%2F%2FdZ0%2F%2BFDkjqu9BneQbhBWdcQ4ph5l9BJIwnGqy5Wy6Bdw%2BreuRx3xaVwhYDNhYJPlZRVut6mkuqedeZwkvi%2BHCJXGIVqjEp3c5kgp%2Fzg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8c9f3d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2968,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2965)","md5":"6821e39dcc86863c6a566780d4517c28","sha1":"d2b04c9643ecea6a6f888c197c8614865d3d1ad8","sha256":"5e60af9525776da8e3f7dac0aa0bfa478a5a4043273f00413a06df4c15469cdd","sha512":"44cda4942b5ca915669fe30d2a0430f090cc05ba2611c77764b072efda5942fcc20533069848d525a8da0495513d60c1e1b5fdc89df7d60a28eb44a9ed581fe8","ssdeep":"","tlshash":"4251eb02843624a457f3af2b7fe0935c9c2051bbce111e5ee89f166f03626d42a777b8","first_seen":"2025-10-03T22:46:16.696159Z","last_seen":"2026-04-21T21:26:35.756461Z","times_seen":53,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/ExpressOfTheDay.BAhUD-ZS.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/ExpressOfTheDay.BAhUD-ZS.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-256c\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=9_TxfJ1UbM_LVKPbLXTtrtAKe4GNr7IWj2XgLvjyDJE-1776774223.0844345-1.0.1.1-6lxfeGtNhrGcSzMtaUIpAzM5rfiouO.3jeNv.5PeNpdpWrf3weT4SiQsAwc0pCYa8NNwGNIgGFmkWQFE3K1Oi3Wbc7_PPnpnKqm8rDmrKaB2JowpY99xhi0LbRmNebfN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=98BBvgRmlZWBd7O2FjRM8kOsTnvUbvx7xHRpcTAX4BSHb%2FndaZ7Fu6GdGn5q%2FVrVg9sSTXgc182oT6tH0Sw6rP94ijsYdnktNjYhlh0gfn5vhmO5Ja85lB%2Fw4KNhpQlZURbKKA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8cdf7e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9580,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9579)","md5":"087628fffe1a351e096b05c35725bc68","sha1":"607c5359239805a3af6e4b4fb84a0e7a114b89d8","sha256":"25ec060d1f4cb4068260cb4755ee3470f9944fa93190d2270835098cfd78635f","sha512":"5e5c66f27d94845ecc92df8b63d055a21ce29722f338ffba51896c97c2ca837f714941f802ad293dcf4c6d000d8960f9b7a1911ce01f1765016612f04f89137e","ssdeep":"96:IcAXFD6FgOx6Djjr+f5mdASqRd5Rr2+3xcFl3jRasjeS8O09YUGx5m:IcGFD6FgOYj+zRdHrb+GFBlYUGG","tlshash":"3c121d37760e203fb63f8a2fb290478f6018501aca52164aef5c22fac7c79d19d657d8","first_seen":"2026-04-21T12:24:49.091774Z","last_seen":"2026-04-21T12:34:16.311131Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabet.winwingames.io/","date":"2026-04-21T12:23:43.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /public/proxy2.js HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 21 Apr 2026 12:23:43 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vyjZvuA%2F%2FFELr5zmSlioowQ7UraSxSCdVHGpwbAGtGeBQGSWxaJgaL1T4ws8M3OQ3EYJ%2FizYcS4DMkEfSYaWWZlPYuZN2Duzp1mv1BJxwbVdWbOnEZMRMV%2BrJH3bDtfloXp3aJ%2Fbj4sH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9efc5c8f1a0b783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19498,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-04-21T21:26:35.732746Z","times_seen":32,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1688\r\ncf-ray: 9efc5c91393e0731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEA-Bw7H9k1gZltgcL-Suew9FfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=690+4 c=0+4 v=2024.10.6 l=1688 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bffc4df749e3b8f1d0890df22f4bc77","sha1":"ec3033a449dcff239808409c5d96d388a661ea37","sha256":"c7cc404018e711a83cdb04a08a5c5a12f54d1612b3d3cef12a0b7721fccd4465","sha512":"0ef53d6b15c58647ec9f81e562dbda560cd9f6287abf9d07b5e791db37b97879aa57c86637f7213ff127d4d10e4b8528ffc5368e085d8179d18524a4d506a649","ssdeep":"","tlshash":"cb311a52b99510c943825527eff4cd41971398270f3c61734161247349694b22df02d4","first_seen":"2025-01-28T05:59:32.01912Z","last_seen":"2026-04-21T21:26:35.729801Z","times_seen":1580,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493548","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /wc/rewards-main.umd.cjs?v=493548 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Thu, 16 Apr 2026 07:47:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Fo4GmfehIIZ0fEiIJEkqVqta8CtI9yzD\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PXJ0dBzKhxz73wJ8sxBBGqyIxlNSdjFtMlqoOxjrDocCjDoUobjupt9wm5a4BkyHMCVOHyJBoTCvmbfZWMQrpZBNaPAK5VZJM9W9ngl3H2uaI2hpVFWsdXe8g3Hu%2FpjKxjv88qJPj7kLDA9fF5p8C%2Fg%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 abe7c423e3f506d9a86c5f57fbc5a762.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 9-RZfAdTWe6hmVZzwIDKKUmPeO1ADa8aOwhtaKTiY7R0BULx3v-4HQ==\r\nage: 661\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"253dad639858db343834a091588cc263\"\r\ncontent-encoding: br\r\ncf-ray: 9efc5c92eeea1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":967648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35653)","md5":"253dad639858db343834a091588cc263","sha1":"d5e51957bdedee553d3d4fd6861608c93e9b6d6e","sha256":"f5e47f9cdf7c00c6af8a3d0804d95850b0fa3b7e2b11ea1f36f4f0ed23ef38f4","sha512":"4c270c751e953cb4156f2ffbcc696a558ac254b7934a75229f6bcb3e8192db88643ce558090866d11d28968d91572e83f8bf7ea1f11fb474d5e7623ec90704b3","ssdeep":"24576:5lSghoqNvlS7kp+yjuQmodOclWKjK0ue+o/CeooTmVlSRPfxwLoP:5lPhoqNvl0kp+yjuQmodLlWKjKe+o/CG","tlshash":"d4257c9472467434c37795a260be050c737c5f036406c6a8f2bc99a92fd7c9aa27bb7c","first_seen":"2026-04-17T00:47:10.172775Z","last_seen":"2026-04-21T21:26:35.726843Z","times_seen":8,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":15,"dns":2,"connect":1,"send":0,"wait":70,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/Notifications.4YD1Ldex.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/Notifications.4YD1Ldex.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=a6I44XolBFi8gNgt11kV1RkSpi8HvFTsgNqHri9nfAA-1776774137.4092207-1.0.1.1-IbWgzmA9FKdE_LGiH7Dk065ENl257Fvf8x2DV60EkiCsG0xOXE2QYcMVsO2.uqpxxSw._18qjKQR.ZCvX8OOqAO8BB8K78ZsJYT06TjQp7pOxh0Syb0jj1Zbdc7Hg4ga; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\ncontent-length: 42\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-2a\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=cD9ClgCa3aelm9t1mTCsVbwG05IS2eK4H7v7GdQpdcs-1776774223.0496294-1.0.1.1-.UibHOBiRUjObJqyZ9UBWCPc8MVUnrLP65LKf8KlkO9fvn8h55oAzktYSVag_O1vRLjt2zKcpl1u1Td4A8dabXB0.mx..mR3pp6wkN3gWK3h4lUCw_MHBfBtowcAXu.l; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4qxdGaSPENQxfks%2BCxnTbR9wKQy2DSlNtkrdS%2BxA33ZgJ27pvWmkcK%2BUTpNECsoj7UCV%2FRvUmk0q241quaNxRdQUTW%2FZXJD38N2MTcWmod2lg9eLsqqnHHjKI4BNe9FT0gZAyA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c8cbf597131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":42,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a84d03aa0e4c29b941ffd9b99044227c","sha1":"fb904cdd18d8bd1528967e5294579144896c0e2c","sha256":"80b5ae12e0eedb3d97d894297c05b2e62671e47d6889a2f4596e817d0246cb6c","sha512":"16edb86c710d17c07400df8df18cda1591e64e3c9d5aead59d1182669ba48fedff014be44b35b9cca88fa15c3f94ae855bd064280106c20951b626f3aaf2186b","ssdeep":"","tlshash":"c49004570517d0d4f551405300d11c50d4d744cd0dd51151c7c1dc1d50c010cdd31dcd","first_seen":"2026-01-10T12:08:16.414391Z","last_seen":"2026-04-21T12:34:16.133923Z","times_seen":198,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-DiFR-VGp.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=uTV3emlVcIMHjKVDT2V_R4tEx0cLlWDpvO7fGYkIaaw-1776774137.51365-1.0.1.1-QFtzkwoYS7d9S0HcU9fDqDtEV3ehaZEyk2idmWvFTMt1e8NQVEBs0frhjXvCRJzgV.OZB1vTikGO1Fi7I3Vcn7DD.i3ctr_s9CqMWm.Gp_axCQ57QYUg6SA1LgqKaZPl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pch1GqEFotSktUIZwjGh0gmc9duMW2cJ6K6WH1aiKqBlBuI9k6ROCnKFJBmcoOrljuJleg9IJ2w%2B02A7JFZ7Ip4%2FvpsJI0JFRnJ9%2BtU8Qoe504E8pM4%2Fp9%2BX6Uvq77jA%2B763Qw%3D%3D\"}]}\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1679\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d783e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5753,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5752)","md5":"662484a9e667070db18823ff53b74cfc","sha1":"571d6d3704bba2b40e58651c46b5fb38bea0e5fd","sha256":"6cb2ea96a78963ca6aba1a9e89ea6b0be508e1faeedccacef2b9dbaa3574b63c","sha512":"b82e64eafd094f3830102431c8e6fb9d3c87c2374e52c2e0ec429979474e34ba0f9d800dce8bc58cebcaffe0290a66129fe19a904517a84ac49d0be8be979402","ssdeep":"96:jNfsm5Ty1jTATH913jmbw34aBlX2Z0FmWoeCtpi+3vieNMaxttM7zJ2d:jNUnjembw3Dj26FmheCt33aN1q","tlshash":"acc1650bf017f7fce8ac48b2416ed10e3b2d1ba9972141e4d0ad09281b6c855f769f9a","first_seen":"2026-04-21T12:24:48.937201Z","last_seen":"2026-04-21T12:34:16.138425Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2444\r\ncf-ray: 9efc5c9129270731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEskOIKWizVhJrvVnrMlrV9p-fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=19+0 c=6+17 v=2023.9.8 l=2444\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4b44902a539b26f42ca501a8fc2eca9a","sha1":"c9156f826c8af47c13c4e95a4953987d2c34a74f","sha256":"e1473cf463a4e737486548692bef2ff33e1435ccb7b1d4d9e4428371b57a2666","sha512":"2dd9d9716c420f8d993a738149c8ed8a18bb8ee2034cadb05c3743cbab9ecb9eaabfa064be34e53fad571e80eeebdf7292cb9811a369dd67d51da327fd80fef2","ssdeep":"","tlshash":"db513db78f5778c0ec5c0e4b60017a48e401be0053f0e18caab51dd2069c629d371a8b","first_seen":"2024-06-21T17:22:35Z","last_seen":"2026-04-21T21:26:35.800426Z","times_seen":1575,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2472\r\ncf-ray: 9efc5c91292b0731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfSFghIByqO-qpSeiAGASfCVErfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=17+5 c=0+4 v=2025.5.1 l=2472 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c9bbc32ce28fd80253987f2e1f0be287","sha1":"ac50a6c9aaaa9a3fd32f610e9858fecee25be6dc","sha256":"9b9632ed8ef4f6d25483053b956d22184ee488efd3f8c22e0ef2626b974475cd","sha512":"5863d7231d17d3edf58896ef5332bb631d9a5c27d06fb934be7653a6847b8918e92ccb66090e97c8b96f5bd51b3c9ae112d2c4eb9407cfe8f617da98ea3d3dd0","ssdeep":"","tlshash":"f8513b2e28bac5e8bedcb4ce2f90883a3283b7511ad4c45552d80854e35fb41a1db0d8","first_seen":"2025-03-01T08:57:15.902828Z","last_seen":"2026-04-21T23:36:13.381469Z","times_seen":2476,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/HorizontalNavigationListItem-CWrC71fV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-CWrC71fV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s1; __cf_bm=BA2XKX6K8QmJGViRUN.hH940Wb.ZDQE4TD6E2tyEcyI-1776774223.2552433-1.0.1.1-TfAfwrnj0_5md8QE_N7vpWrvpyvep7AIVUFapODN4Lx25_xpABkEjpAaoTUjru8XYExzkbBI4641maFFVRPWUurA.sKEe7t9ZTaOjMWWdT8KaQTK3WDKFspk.mmQ.TP6; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=Wc0EIkouoaBwfwp1NmVcN_mK3rEh4hCKSV_IvYFU8ZU-1776774223.2691822-1.0.1.1-R0u6ZLjMVHRa7lp2.RbZwrKMds_04GW59pmsxhD7IpPbrNrmp6TKFhU11xWRI3HUvrxOE6TL5Gb9IH__p539AFixgd9vRQJkJK8WHahttq5McKtro7MQB2ANwBSkf46P; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BAixg8x2Yr49CkDvJVZWxro21Jvr7tdEDgBboOQlDzp%2BekLKD%2BxlpUG3gB7K2kiqeP7oL2ZxNVRA28fGpOj7xXATHAF8Qf7OQ6zQduk%2F98xTkZxN3ZSr4Sj2WvmNPVdALLLzlw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\netag: W/\"69e73090-343\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c929f1c7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (834)","md5":"af8a8f32218fa186710b4c346897f119","sha1":"28bdcb466974248e4fdad615090d10e8178db51a","sha256":"94c5a4406442328428ce239ae79e35a17048122e28695857983f126a1c4f142d","sha512":"cfca7922b2bf931f048f826ddfa2513986322801af3eaf667dfb09f7f1629865b81e5cf5f5af9e7aa672f10d478ddef3c080777fbb71f236f224c8bd4da23073","ssdeep":"","tlshash":"0301ce16f004dbbc9a2b48dc9b4e1045b2964affdf382cf1a4f4a0011a384467947fcd","first_seen":"2026-04-21T12:24:48.981785Z","last_seen":"2026-04-21T12:34:16.144211Z","times_seen":2,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/15/30769.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.715Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/15/30769.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=dWuRFdd_MtT0IIGgRIyVXoI9Er5VBZkC2hV6T3HvewM-1776774167.2416282-1.0.1.1-o5cMuOdGM4TyUHEJ8L4imfgTss68UtQ2smCnyNWpuj_iI_LJ1jqU1nt1wJTtDpZF1E4e5Yx2rq8Q9OFJkdkz7k5DiHhTHwE.p_Rt.QR8LpiBmDoQ0_zZKhvzimgL.5cQ; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/0/774.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.743Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/0/774.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/68fc8d77f3404738510b30469eee57a5_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/68fc8d77f3404738510b30469eee57a5_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=6BCU.NkqR.U9yP99DnY0mITpPPq901LrJBno8RAKDNQ-1776774224.2670226-1.0.1.1-aEzlPnR3HyCD3Yr0sSF0peiQ4.Au.nx36v__IQX7cffWFN6gn4pQtAPmMyVda7dizloGXqLFKJOUhRRlZp.0X.01CZOfo2GARvpuM0d35HM0VDY8sE7AC1vOwoRu8s3u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1069.co/content/images/casino/icon3/5e98bbc54163e0ef8c8ab3f363be8653_casinoGameIcon3.webp","fqdn":"icons.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /content/images/casino/icon3/5e98bbc54163e0ef8c8ab3f363be8653_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=hEzArepDooVsvqQVgfrAPcupfwwK..omE63Rie5yhM0-1776774224.2856104-1.0.1.1-OyUEvPqPoK1YbKj3.gYOiMvoS8jdK4FsbpMTb.Qd4ok34BW2_HYguBAmZkfqRBS3kdB4BgdoWefT4QtXAzoRQHIaKQckXBKAiz_UFXVmz2t1NwTG16QzaEtPsVJeAzb5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/s/113/226749.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.748Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/s/113/226749.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=oDHs9VpseU0QacV6_by0xvtdtTTsWKmr5b5I7mY8t3g-1776774002.028975-1.0.1.1-auo1jAFdTInYJE0ZjG6tJ14eKwEj.Jl7bFdavaO3grPmREr2IrwxxPN8j5dBhW.6R26bGc.xKkj06iLtIiIA.wctx_DKvl8BFEz09AuO4TE6fQVtkeiVv05bZIaLine4; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/3/6439.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.146Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/3/6439.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/660/1321027.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.248Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/660/1321027.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/175/350465.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.279Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/175/350465.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/493/987301.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.373Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/493/987301.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/DepositCountTracking-C4f65rk6.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=hCaqHdr9uOAX8qtQfhrVO1yjMbtDP7C_sEtrRrSp1eI-1776774134.2112994-1.0.1.1-3EffNgHqPJiDCWLb.Bl5.ynUIvVYb6yN3.NoAGMlGo0KRGdQDEvs1SYAMSBE8of8tXeUI6lI7t_jR7CBsWYn4oq.19JjsguwQnYMFo2fbWmG.UtZBR7MZ76.D.Pupgwo; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:14 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2F0aHsIeYqv3skU%2Fxk%2FWCiHaOocPfXramzYrtYcdmM7Gun7lrUEjKGl0nljD2kyb69lA5Vdo%2BZwCl8ahU7KO%2BHNhi5mZ5O484u7bOqTwGHONIrXh0DbS2bLC3KPXSasggkoZBA%3D%3D\"}]}\r\nage: 713\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-285\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8b1dc67131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-21T12:34:16.158041Z","times_seen":2,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameDetails__platform.D2S0gxBF.css","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameDetails__platform.D2S0gxBF.css HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=msfnXYTIc6.iPWL6mqYnlIC2bvrFbnpmB.jVd6eR9Wg-1776774136.42081-1.0.1.1-o5aojM688mHQVc4FjvBUG71og_GWzGccloDLVwzk379g9Rves0u99BXAjttBT.8ZZJN4Y8I1HRWgly0RghccX1WmhOTcoQu2Rg12P_TqUMdh.QGL.x8jLlKP8g_j6zLr; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: text/css\r\nx-powered-by: Express\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e73090-b7af\"\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=vUZMHeHkz6jiWetsZybIMjhzs7le2JFd56VXc.SflTc-1776774223.2093248-1.0.1.1-AD61ntQ2H1pgXskY3iJqHA7LWlIFdlNKsRG.SSAmtBAB8Z.CwYtnkaNDouyokp0qTA0zSbgitYost_.raeq6OvAEU8LguMyIbzIJiFsNZUq_XMkhtnl7L.vyFS.2fzp7; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ecK0G75Y0%2FgVa11PeFlkBRPdwNQy1YEuRI1DvE4LNI0oUkvgk0Glhud900x%2BZTvDq4HV8GMR5QSZqORZRO7kFuVG4hkPSwqH%2BGlj88cZUHaBstErYHkFSLAYOwOsycjiiH4eQw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d3ff07131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (47022)","md5":"89f043e42887006b424788d51ec090b7","sha1":"d4d50584c7b2079e5960f5d48728da3098cb233d","sha256":"88dc821b38c13a603f1feaaa9177fff429f10f4322a0b40e6b3ce2acd213bd89","sha512":"73c4e9190e0a20fca7ef717db1be40da03ad4906faa296534b789ea6f9162fbe3c0a09f4ca7c51b87a7ac117b7b4180890c79230e78b936a593f5dbaa612af8d","ssdeep":"384:e41xmWxMkf/UPcM0S4Huj6Yo7lCRoAgFWhwBbHg6zpNS64cqCatJqJU2oAHP2KG:5NxFsPcMQuj6BCR76zpmJqJU2tOKG","tlshash":"3823432be69d4a9eb03b9427236c7a8e5344e28bee206d3c7ad2af7d74447041431e75","first_seen":"2026-04-21T12:24:49.097401Z","last_seen":"2026-04-21T12:34:16.280814Z","times_seen":2,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":430,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-Cld990TR.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s1; __cf_bm=qElGAp2_Teyy47XRf__PtHCiRxNaqwFLv85C7DgBUb8-1776774135.7070532-1.0.1.1-449Zgu2w7KLmomf_oyBG4alQ01Vq.rG.6n3E8OV6ZcHFjywKF8UzDpehV5euzLdE8DgbUz3e8u8boUgcOy.oBjrS7OyycPx.1cVJohEx6WYbjBttm2pNKdGNeZTxdDra; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: SERVERID=s1; path=/\n__cf_bm=i7.AVmD4XvF0RmtIGBaHhYdZv_jwlUM3yFecgdX0s14-1776774223.2206354-1.0.1.1-a4xlmSCHFjDAUYMWoLBps8QiWTdIYPGTTzZqmMzIQ2dCTfmFqYGcVou4VLNTee5a6DkKO_h5kypKA2RSjJOf7SJn_Kqzt1Q3VBS6QgPpfNiSlg.2RWNSNR.tGCCow0nW; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C4%2BwbH7hCWMWA5rzFZrWJ0AapXVludHZE9Re11wYF6o0%2FVjpp%2FIvb9%2FHQN%2FcQwOJasQaOx4PwHFmoWRgQrO%2BujCxD2O6jWWvnzNhon8q3FDwWnq%2B6rqB451lrBjdKyIYafjO3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\netag: W/\"69e73090-84e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dd8cb7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2125)","md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-21T12:34:16.195822Z","times_seen":2,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItem-DPOBSFUA.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItem-DPOBSFUA.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=eYlWNmMItBGzAkYd1RRNeJ_aqLhPRol2Bq0CdlHWEEg-1776774224.2566278-1.0.1.1-PQnk1zChKdxGpCIPGp00rx39wYVhK9DX47cf__WYz7tTpUeNYH0.qPqpkchWtMEduVlorICIapd9K.8ZQuswpZQCNuc8CObLWlTWY_wv8SH7jV6GzmhlU2bUGZvUx73m; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=92mzL2ptmnH2VlzBddyxY3RuI4%2Bf5TdzG%2FqAhqkGwQG%2B0N86j12%2FduZ6f5YJ7Xs1TplXyVj8jzuxTcUK6r2pV95tM2ueEdAMqy87ejnKaUWQUXQYRf4mhT2sn3%2BAvp3%2BMgxcbg%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1234\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94594f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4659)","md5":"c4b5a33034c11189d13a58c3b2a71535","sha1":"925b05f37c74a4ea1f10ca78f28a492d8a508316","sha256":"f24fe06384d2908838e215020b324be57569e56d317e0cb799f4ca6fea3bb8b3","sha512":"56d3b2b94a6f87191af553b91d5f4d9ebc79d4f4cf03719d2f00d3ba0bb45160f180669a9e3d0b758b191efa1ae09f8560b6b9e8b96cd07b9fe3c3d1546f7379","ssdeep":"96:6yzRl44W0nOtWyDHDjl2rfLE5jYhpzHXzoodwd:BzDfI9d2T7X5q","tlshash":"efa1a546d024b738f83bddff75a69a18b4310add87964be2e25d17290242290737afc7","first_seen":"2026-04-21T12:24:49.05959Z","last_seen":"2026-04-21T12:34:16.097295Z","times_seen":2,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/conf.json?v=1776774300000","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /conf.json?v=1776774300000 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: SERVERID=s2; __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 10:42:06 GMT\r\nset-cookie: __cf_bm=g91jb0iqHzXsGbnyPJ6gMqiggQvzE5Zdti0nAhNgvrc-1776774220.767519-1.0.1.1-ovH6YsXDvBfqGbXYAAL1TPE.cmE.q38FNldpeOxNgt73.4lm_KyMmWz5PUV2Lck2hTeSnH4GWm11WkCLWRX2C9knGhwQdEhE1M1qG2wlL_8rjXmUODEEZM4aKezRVMAc; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YP4IIka0dB39riwVsLZ9FgTAn2VYF4xSzR4qL68V%2FgXjAhb0FpSdS5EqmjuZTFFwwvR2PiixL5ivTiFo8oXUXUfbzsd%2F%2BO7Y24Exxys08xrhFLhmMbPADQ0nw6S%2FDcR3COGwJQ%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7547e-5c4e\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c7e4e8f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":23611,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8d55089dd32ff0a6e1c306101bcaa175","sha1":"7ca2a4834f8dd4e36584438db2272acd6443ff4a","sha256":"52b9dae90d63a5d0ead3d2b1b96cce9b29e8cecf45af5c83fdc433b5da381d2a","sha512":"e463fdde3f63aa0dfbb8ecec873383cdb8f0a76b3272b57bfcfc334b122743b820a9757d4025b94194fad3308a40cbbf9d9f0b269b33fa16d07580605b79f248","ssdeep":"384:tEodO1z2PvxRNLoU4rWmnzl8mAitrfSs32VkrN/SB3m:tsz2PvxRNLoU4rWmnzl8mbtrfSs5/wm","tlshash":"19b21028d5744db302c671b4a8be6247b534948b4e987c293f4c826c0f5da2f29bb7dd","first_seen":"2026-04-21T12:24:49.098699Z","last_seen":"2026-04-21T12:34:16.190211Z","times_seen":2,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":365,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/pageBuilder/homepage.json?v=04/21/2026-12:07","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /pageBuilder/homepage.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/tr/\r\nCookie: SERVERID=s2; __cf_bm=7JQynrR5YKARSr4FMZMmFhIzPO19Py4xOjBTr3dhyxk-1776774134.2256207-1.0.1.1-bcoG0INr0C91jPwg_mTir9cRVtm9onNjR8eHdELOmzHiNe7avU7qgpv6b9O.weYOr2E6KJ4qacUj1mgrDWz0DVG238zGEN08FtONmNo2fDPdT.rfE_yDtjWMm.Y3chbN; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\nset-cookie: __cf_bm=kEGwVnaikwuM6Lra8TAnPdwW8mkqYhlqlBDJfLHh0sk-1776774222.6527886-1.0.1.1-ePA7tYlVr9JYuDKaJqcv6ew_y9p1MjA.4EKTAPTPEvqmyQvXmHbzaCnuz3B579d4qk1MLvSfRVrzKX88blRAQz9FSzLy.vAjgS6PettqYvZp97smvEs6Vpg8lWzloKSN; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:42 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:42 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s2c5Cs%2BP1ULrmDkW5x%2Fx6AyXoumo%2BBAWthiOAfUxoSaA%2FoZSYVqa6SvZAInccvov1F3Lmz6CeL5%2Bb8nCUq2Fd%2FicsFW0%2F42gDo98UMiHQzS4VknhN%2B4rm7iGHGbhjMgUxv2z9A%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e7308d-d1c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8a3c7e7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3356,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4cd2a54635ad9be3d812895fc7014677","sha1":"03468bdeb0c2ca9899f03ede3a039d0c9a541d13","sha256":"f73d43e247fd37d6b3aab89e1a2f0f33d4fbf58eed33fffbcc40622243117d4c","sha512":"0b1c9cbd0f9aff25596856b51c3a3f80de1736ac76bd65f475f39ac96d348f93f93546b4f9501ebe1c402806fcc5b6df091af75861ed21c414a3ee913d561113","ssdeep":"","tlshash":"ea61ce3d5800eef8b3a08a33d28227815655c879d788485c5cedda68d3fe2de1594fbb","first_seen":"2026-04-21T12:24:49.100076Z","last_seen":"2026-04-21T12:34:16.295383Z","times_seen":2,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-KNUPbQw3.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Ot0j2n274vbsF6Yi.AxluHVlo16PkhHjMiLW.GFeLNU-1776774136.3783982-1.0.1.1-qQMySVNSNnkOOGKmV8OrWRxNvX9rGAlhreSpAOsDB981hcqOMBSiTtJyg_eISUJepmBWXwR5Ln0IgM.Qrh3foRO8Wzko8YIKei6trHAIA4VNJLYD_RgzrqKZmrF.OLlv; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vggGVK52SEkudMrqtYzwu7BdwTsrYV8ZRoTl7VAVWuomMruV9LynVRU27br4Om6tsOEMsH7hCu%2B6VXM3VzU2W19goPKoZtg8pNr8rzs%2B7ytav6dl4Nxoi2HtrZeiJICmKP38QA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-3588\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed787131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"af857a0084c0da51ea4be7c5c6518d54","sha1":"cfc4a776cb333e2cbfeb0fc3c57e1da239008650","sha256":"11b253ff6d5ef3b9d82b063eac04b49942d059ad2b06f1141d5221ea286bc361","sha512":"e3d71022ad5de469625e076c5a549b9314de1cae841d6a695fb7ff74ddf1d9cead8c2fb79922bf1214a4371ff37447bfe8194042b48996d5d32262e61c4295c1","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYxGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzCIEP3BkS2PdBE","tlshash":"d752b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae026bf36","first_seen":"2026-04-21T12:24:48.89473Z","last_seen":"2026-04-21T12:34:16.098688Z","times_seen":2,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/BetslipMessage-BNH9Z4__.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/BetslipMessage-BNH9Z4__.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=8F9ZagLRBKiybgk73dFsTFFI8ohe4dxyI_o2KEQGCRI-1776774138.169491-1.0.1.1-ByNlfL34N4DAFysEuCGA_YAalOUua0D5YOUoe5HKeycdbJnGu3XY8a60z3Fnqlte.814m6VomOFWiTS3Oby2cA8_8J7_Z1Rm1Z8uA3fb9ZZrrsRW8uPNpB9W2.ncqnUl; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:18 GMT\r\nexpires: Tue, 21 Apr 2026 13:14:41 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DE64pKGzi0akN3W6wQEfMbt3lNUTANZDQk9kza%2FGW0vSHn9jiG3Mc4JdkEYxjluBvrzeyav8KwD2tan1lAudmc9yHovBjIE%2FF6CQ%2FJfo%2FAR1o9WAk5Xtvt3Kf6IVSD%2FK6ukNlg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 456\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-4f4\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8db89d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1268,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1267)","md5":"9a788dd065734b8baaadbcb7d1bdb747","sha1":"1b4695f19daf85ac64a2efbe2235f7e44d2b7e9f","sha256":"b88acc559e4c6f949219c87afb55a6efd8ccbd70d0c1e713d6b4808ec1039486","sha512":"28dc616aa6a8625492ae8d7397895884faa8bb4a9c72969c67ea4aab10eb60ebb980b0cd7d11bea3f9ab5163d9f064288e1c556752bf0dabf5ef668287d808e0","ssdeep":"","tlshash":"7421b747f2a0db2c87a3096df2583042625401e5bddc7920c5fc394f2f9068e462bfba","first_seen":"2026-04-21T12:24:49.063573Z","last_seen":"2026-04-21T12:34:16.157068Z","times_seen":2,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveGamesWidget-iPe0Z4pg.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=xeoqP.yLMIsZOkrJ_FdIfV_l543efJxvrMxkET370vk-1776773847.3325353-1.0.1.1-8.wCk9tLmycQLbX7nysa9uAHRY_wXMw4R2BD2tQafcmljwyXFtBbAP5NK2.FcNfy9X9aTbrepCFP3zvopy96u1aqXoxvWneOVR5SR7uXfZMMA8aELxZXo9EfuXDvBlS8; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vpmr1lgDPpqjU3EgPYlMJlOoUnkkAe0Nri%2Bi4TtWg3DkKiTXF4z%2BUYPHBRo0BGpQ5rilxXE3wx9dBlGEbRSp3iMFwT6lvAivPq9%2B%2FmeNYQEEF4c4g%2BYdkyASnPpNLg0Z0D4m%2FA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-fdd\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8ad7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"80c5d38349d2a6ed139d7c30262a07ee","sha1":"833fc61ce17f6130d18c3c7abc82897d611d4d5a","sha256":"bc6d5f152dd941af45d0155fdf80ded6632abd487f9251935f811f88ac156ce4","sha512":"fce1ac12abdc334ab0816baed265ed3d09a0f8c73f950269a883f2f6627a734b48da6f036cdd85cd46b438788a50143b8cfb13c733162cb171d2e77d9391dbea","ssdeep":"","tlshash":"fe81e887d0b891fd642e8ce8f1a4d2500a322a95d7b14710f1de0739136c299f61ef6e","first_seen":"2026-04-21T12:24:48.877327Z","last_seen":"2026-04-21T12:34:16.234539Z","times_seen":2,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/1/3219.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.136Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/1/3219.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/513/1026633.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/513/1026633.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/297/594129.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.301Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/297/594129.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/WagmiConf-D709ykut.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:41.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/WagmiConf-D709ykut.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:41 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:50 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2FYcbJR3Gjth3hK3Tz95cObveR%2FtkC8%2F1rOunqAKLjU78kMmTtI449WW4CKD37D4NTwI7WFP3KaYtmiTqipt8pel1y94389wVvjvsb8ZF1eVKbU8kVsu2dy9XqbRr6q%2BuqJlRA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3409\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=USIEnJv8C6aGQVL0m2EdzoHOm6UpADfyVgneRQ0srWc-1776774099.648424-1.0.1.1-93lqApcOUizu_yTIAAfH.Yo2ha97VitCp7Cp4eTd.xPv7HI9NccZxWaNXTTB0LTiEAS0VB4xe6MHrsURnhZkb6gxtMkH4ra9O67Jkkl26mLo6htGSuBo0CLWpvJDbCun; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:51:39 GMT\r\netag: W/\"69e73090-18a73\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c86e8ce7131-OSL\r\nserver-timing: cfCacheStatus;desc=\"HIT\", cfEdge;dur=6,cfOrigin;dur=0, cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":100979,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48215)","md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-21T12:34:16.214993Z","times_seen":2,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/LiveChatInc-xfcbsjSt.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=J6wirgnCgOKt2vFuWmX9vdkB5SFUUFiIjRdlOjDWbLM-1776774136.3844106-1.0.1.1-DdiyRuTvnujsE7qqZr_X7q85awVsP0RkNAig0M22vnO7SawehnXykxPzsyOgnJ2FdWVbf7Xf_gbhQrqnRHg880oltpQunwQOAwfLq9zkQalXUktNlu6Y9w7N7JuUTR3a; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:16 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:20 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FLRH2NDKZ5JFVaXuLnAB0Dpt8HGH6g%2FVg5QYjMWbvCoI2c3xbLvcI5h0hWVXcTgT%2F4b%2BWwnjoAUiAC2wbDdcoJzOZw7tJ4F0Bth49L5EE8H5F7vwC1sXQOZ15sQmWblspo5jKA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 715\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-c53\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8afd8d7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3154)","md5":"e29915082e974265cfb510f4a62a80b3","sha1":"de425fb2ec9ddb8427870cc518d5f25d33fc6183","sha256":"9297956898b0539325b0703e97a0a9ddf9f99e52d7581fbe7a79b33445d423bd","sha512":"efd2291722af41ba67eaf1aba6207ebc3619ce424ba0aff7e58b200279bc4f8e48873c0d3a7450a6c29bf3c1aad59a8a596c82e483af8dfb5fa9e8c56c03ac0e","ssdeep":"","tlshash":"3c51a69de03874b4a27927e6323b771f32165a14a4484cb0357c4f166a0a48b8076eca","first_seen":"2026-04-21T12:24:48.918645Z","last_seen":"2026-04-21T12:34:16.324374Z","times_seen":2,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/jackpot-jNbP6Duk.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=b8V28WarNvZ2fVI2RNyvGMezHbVCBSuAXAXCbl38Lyk-1776774137.5265-1.0.1.1-HcaTM7rIiUq9K4AtFoFsS6BnGzBIjWc4o9wUNIU58MfR5XIP62R38bHcMz2TquM4Zo4i6466aP.1yWHQy7_IRsorn.1fW.XCoNRZAEPfRsJ041JU0k5GZaKDOTyoO.Gm; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:17 GMT\r\nexpires: Tue, 21 Apr 2026 13:10:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ioaqek6QCoVKZYDWAFc1HyrvQxXqUA0z1cbTho3Q4fajTcVk6OgzpvQ8heUbPK7Ul0GDYj9wgmGqhZr45C%2BQe6GJHS6WwCrvxt%2FfSSK%2B1CyU4qtSkjO2BR1fyJVrrrqcdj59Tw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 716\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-178\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8d783f7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-04-21T21:26:35.58754Z","times_seen":43,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/SwipeableContainer-X9GPeX0n.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/SwipeableContainer-X9GPeX0n.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=_B0xo7Y6vXnemAh2lrNtMDizH80ILAMuNsPeirI4_vc-1776774224.2690456-1.0.1.1-9_uQTDlRaaVuwKFufQDzKQclrnyhmZ016r78Nt3N2O5MGllhTjxSogRBzYcpMHK136T7EGPQyAGONEvV4i4OHvR7SMbJ8PADw.PdaUIzey9Vd9dc1aT_mkflLx6WCj9L; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FKXSyMImj%2FWc%2Fp%2FSQnd6LDgsC4K8ZmuthR4MGR0PbDt9PZSsoouD7EFRVhhmOxwpmhHBwQAyUN55lAskglyiuNnSuzp19rOH1nmvyeW9WrPkzFuQfIpDZWEIyGpPW3RU1HLFcg%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-74a\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c9459567131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1865)","md5":"256cf910e286cf87d48005f99e79550f","sha1":"10ca9c0a456f565d7bed48eec780a225518d4554","sha256":"90a8f7a1c77844b10286a533a15e2917a6604d76bce574d27e972b178fc7a35c","sha512":"cc85a7c142d992f8b4943d85cb539c22165fad970cfd28dc0c0e6d10cebbd964c371c7102a76ac09bec8b209cc533a85158c9785e4ae8639be6efbaebb24a65b","ssdeep":"","tlshash":"b9318746d03aea74f623045a92998468b77b73a0f60909e4b07c4d28d73529df30efc7","first_seen":"2026-04-21T12:24:48.98619Z","last_seen":"2026-04-21T12:34:16.129957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/304/608838.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.148Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/304/608838.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=H4Ro1bajSTn1FzGU0uJo2mRz_SVYJ5JxxKkx9r3Euyo-1776774165.4425972-1.0.1.1-iDisb62RI39lA4JzV6pUwSq7W__Kx9uaIlMr0sWcjZCOdiXZLcv.qSyPkg8O9ZFI9BujFhbg4_uagBBU0q2qTtQoWQh.NyFXRLfhD5eis_3h_ijrUqLgp8Bt7xTdYDVs; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/686/1373694.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.267Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/686/1373694.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/fonts/rubik/Rubik-Regular.woff2?v=170","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:40.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /fonts/rubik/Rubik-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; __cf_bm=2VTlBkm7PNdSnhYNtQji8rb3yWbNr.fJ.nD0WwXuRPQ-1776774052.2182107-1.0.1.1-.DlkYm8z2CbEmWkHQD7tegpGHOJGAcG67W4HJx7AGvjqJGQuFn_M4OdYFWYuOs13b7Ay3rClF0IyyaFDSqZPaXnYf688OqvaTTljDOP4FT6w49lphtHt.e_4fZj.Da5G\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:40 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 65016\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-fdf8\"\r\nexpires: Tue, 21 Apr 2026 12:57:14 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1585\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_xtixk8LnKQvuzpnZBRi1bXPOyUzTSS.0CYSbWzAeS0-1776774220.237092-1.0.1.1-DttGv5Uxj5idDvFKZ0sJ6fFPMMMnfmeiZcqP1arxVvXpTRj_rq1.3L9h_4.5UhrdZCekyY_QfIeTjWC7mjGNJ4yBSt6TZ6mgRDdW1CLr_FXIXiPXwUqaFGsvkEJR1BgV; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:40 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AZKlSJHlfk9Yvacvpw67dL8G%2FB%2BlMgbqqJOY3h1T3EkEAZSUO8Z%2FlxNH1YFABjbaraskvxFD%2FpTlTgXc7dDiLiZpNdR1PcnINDJy7do%2B%2Fbokf8z6cQGKrVbl166PQmKfriL%2Bmw%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9efc5c7b2b817131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 65016, version 1.0","md5":"8337ad8d3b81dfebdda8672beb48193a","sha1":"e4c2689401e0b7a102a7e7d2de80ef4d00113ebf","sha256":"5a1334fe02cae3435260fb5a1cec196d3d6727943cf3e8d41404f996bb3654d7","sha512":"e2a2cc53ba800532793a338f0b1ab6fb335a4f7797fad5c70ea41ddfbb87289f631998e4c539c097f9d45b08228dc5692386d4ed1fee5d7fc27c96c2acfa051c","ssdeep":"1536:fcgmTURFnEYA8sMb4NUfaJOpe2G62dP2ZTCKWCz:fcgmTUzEQfCkpZ2sZ2Kbz","tlshash":"13530212124e446cb0a8d1f2fa73b5b3a46fd92f4677986c7a4e75046ee08531c82edb","first_seen":"2025-11-27T17:13:28.640443Z","last_seen":"2026-04-21T21:26:35.633885Z","times_seen":22,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/index-DNoJruNH.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:42.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/index-DNoJruNH.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=qElGAp2_Teyy47XRf__PtHCiRxNaqwFLv85C7DgBUb8-1776774135.7070532-1.0.1.1-449Zgu2w7KLmomf_oyBG4alQ01Vq.rG.6n3E8OV6ZcHFjywKF8UzDpehV5euzLdE8DgbUz3e8u8boUgcOy.oBjrS7OyycPx.1cVJohEx6WYbjBttm2pNKdGNeZTxdDra; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:52:15 GMT\r\nexpires: Tue, 21 Apr 2026 12:24:52 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=esnGOy1I6TDlQJCoj%2F2X3qpxph5YXK2s5%2BUznkUnDVj0SfTw7OzEMcMKt1i%2B1Evv5V5fwL1HLLZH8AwwNPNtfrfBPdnW4SIuGQV4xE1QlNghWm%2BT76uCYpOst%2FN%2FIyd6AChoTA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 3443\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-173c\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8aed717131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-21T12:34:16.286696Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameListItemTeams-CEtT3dwF.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameListItemTeams-CEtT3dwF.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.galabet1069.co/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=Zz4odYxFtlx2L3SLsvWfvfpO0Jd.W2LCKHzM1UDdRmM-1776773847.9815285-1.0.1.1-l3JTSDjBVJsNJWZLzN1_xINjTWNZBB6z4vPIBwlBx2cwD1vvERToWA_WbcXboEOQvceL6BCK5d_vLGyi2sE9hYLm3OODn9UMiSJCDZvV66RWaUjJiDhVnkUq5lr4TXx5; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:47:27 GMT\r\nexpires: Tue, 21 Apr 2026 12:25:15 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XDbxQhhFRWsbYJW8r44N%2BN7LNfEUAYWc%2FXtF%2B3ScJYnwIxgEcfhq6Dde4CN0inMpPVFoK3R6MQp2t2wQpN8cjAxQQOZEs%2Bz5SdL4QUZ762Sp20dqEYPXQkUZApCvmvqEBOc7Ew%3D%3D\"}]}\r\nage: 3132\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-640\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8dc8bc7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1599)","md5":"7cb2f48f38bfb0279904944386f1e2a7","sha1":"cf32f17c46b46eb301ca9c2532b6031f4bb374af","sha256":"331931960cb4393acd95f6f05ca57031fba28c8c78128b7cb87fcfe24c398b64","sha512":"e3b54febb38accafd50c414d77c3af83f5ff80bfac64243a41227cabb853ecb339ec8fc5bca335340b409b3b3b1789d651b44502501507af2756f604d766c444","ssdeep":"","tlshash":"f431e089f020eef5f9514cecd97d4622b11a0e96cf7846d1e12d9b341a34116b31aeae","first_seen":"2026-04-21T12:24:49.053198Z","last_seen":"2026-04-21T12:34:16.242781Z","times_seen":2,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.galabet1069.co/api/public/v1/tur/casino/partners/751/platforms/1/games?limit=12","fqdn":"go-cms.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:43.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?limit=12 HTTP/1.1\r\nHost: go-cms.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.galabet1069.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:43 GMT\r\ncontent-type: application/json\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=wJSMEzVLiadut9_sOQ9d5yyUr1XHvRM7t3TljTXaJY4-1776774223.3909206-1.0.1.1-BK7QlCE8F8R0FTBxc2cmrHd6EEdwiOMwm9kcfKas1MTFwHH2DfCyoe.010leTrnyRjzA9kKg7_iae0UvxaMJ6mWOf1SZMeACh2eZ5eQp0p4LSLj5A1yUAdfT.szdFZpP; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vccxqo1ttS7QIWPNbzlPK2g52ksCR9fJOKtN82XHZ37z9VOjYdQStj1qiPuJ28vDg4jlL7PtPZshvMw14JYo00igfFT0Ez51M7MmyrzkurDLXsMbhLFaq82A5g5W4uwtK848FzadquJK\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c8e79817131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6094,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8fc4e03d671b084ea8f194188d6b5392","sha1":"47a7926b75c93817afd6dc7a38fe48079e3ec2a2","sha256":"9789d3335a25690f0d8c68e7cf193990cbf8fe005f019eaae808487ddc07dbf6","sha512":"eccf3379a9fcf61d4487a6518638715a87d2479f5a7e4eaa5a1782c4e618ece5e2a46c3e1c190f378aea8fa10dfd65492e1b3763aee877a456faad6d5fef7b0e","ssdeep":"96:EG1X0YYvtI1n07IQ3Qs8x01/xe11u0xOaxOHthI+E1CVB+EYYvtvN1CJ:EG1X0FvtI1nMIQ3QG1/U11u0t4thI+Ex","tlshash":"bac1dd598928f6efbb49094034433d0c99be17c2e68dbd60dc5a9b4e60f50e526336ef","first_seen":"2026-04-21T12:24:49.102371Z","last_seen":"2026-04-21T12:34:16.250085Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css?family=Lato:400,700,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 21 Apr 2026 12:23:44 GMT\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2338,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ae317c913d9f17e384174fcac1e95f49","sha1":"97048ceeff296795e17fc282e38d26d44fce8bad","sha256":"0250efe84de4fea78b47bed1e3367687b72cbad25fa556879acfd9adf33f6b24","sha512":"3be7c2d8b49c8ecfd8fbe46e0e57aec92fe696894da6243f6b9f0052461f28eaff9b6974068276cde565287efe54a8a16379b21a522dfaaad925fa38215bfcc5","ssdeep":"","tlshash":"ee41ce92096fb908db830cc212c97d32ef0f625064499935afff14d8bca7d699362b0d","first_seen":"2025-09-17T17:57:20.126253Z","last_seen":"2026-04-22T03:33:18.881963Z","times_seen":5669,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":72,"dns":0,"connect":20,"send":0,"wait":31,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.galabet1069.co/images/e/b/670/1341727.png","fqdn":"statistics.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:45.234Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/e/b/670/1341727.png HTTP/1.1\r\nHost: statistics.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/\r\nCookie: __cf_bm=V3ylLHOecQNm0j14zU6lnsCSNK6gaTGdtZ22Vz5zWso-1776774225.1375012-1.0.1.1-TMWNA4ENBTJzHeU70Bw6QzcFzO09lKbIbo_FtrWtds3FlS.8a5JA6Zdsg_9_AWoFTpFFxqgTQ632AX9te.TOGvC.gIvOAd9N5wjDrA8S84vRpNVZ9OqxN19ZCbDeGbGG; io_affinity=1776774225.475.33.212859|a4492465e2c0cb857f789e83929ab8bd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T11:09:28.682726Z","times_seen":14056649,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet1069.co/assets/GameDetails__platform-DeLpPgwV.js","fqdn":"m.galabet1069.co","domain":"galabet1069.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.galabet1069.co/","date":"2026-04-21T12:23:44.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1069.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 14:07:05 GMT","end":"Sat, 18 Jul 2026 14:07:04 GMT"},"fingerprint":{"sha1":"9C:40:8E:C8:EC:69:AB:6B:C0:A8:28:4E:6D:A3:62:F3:FB:D4:77:C7","sha256":"B3:50:7B:7A:7B:7C:5B:C2:BA:72:07:7C:62:95:BF:30:92:31:D3:C2:35:DD:BD:09:E1:70:71:20:D7:6D:86:72"}}},"request":{"raw":"GET /assets/GameDetails__platform-DeLpPgwV.js HTTP/1.1\r\nHost: m.galabet1069.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet1069.co/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s1; __cf_bm=qwWDalAyCyxZajf0IF._y3_ME1NditpszZW1T_C7N14-1776774223.8383808-1.0.1.1-EqidkfHYjlAD.KnLaP5kLJMoNFJ2h7gg466d_M62151efobXiGJpPkBraReXeE0Ayx8DFJb8XRFJIGDk9zAWBH.gYR3PXTVXfk3Vsp_Oa7DlAG9DnDyF9p5dFZ6ckPk.; _immortal|user-hash=S-a5OcMou44cTYhvOnd-vq53BVAl0SQm2CF5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 12:23:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\nset-cookie: __cf_bm=6BCU.NkqR.U9yP99DnY0mITpPPq901LrJBno8RAKDNQ-1776774224.2670226-1.0.1.1-aEzlPnR3HyCD3Yr0sSF0peiQ4.Au.nx36v__IQX7cffWFN6gn4pQtAPmMyVda7dizloGXqLFKJOUhRRlZp.0X.01CZOfo2GARvpuM0d35HM0VDY8sE7AC1vOwoRu8s3u; HttpOnly; Secure; Path=/; Domain=galabet1069.co; Expires=Tue, 21 Apr 2026 12:53:44 GMT\r\nexpires: Tue, 21 Apr 2026 13:23:44 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1069.co\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rvjxu0tIAhGRpkBYJBVgsRNm6dDmK0Dgk5HuO%2BCgjHu3G3OMOimIK36jfL0XbBM0VdvYekp57jCJrps%2F98O%2BiwaJnRnRvWyNLIaFKAWU5ZwGqLukBwjNbR5KsC3wfImoabW%2F5Q%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69e73090-1cf4\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 9efc5c94594b7131-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (7411)","md5":"b1d3729a864ba6f0f038acc8f30e65e0","sha1":"09afbfa1c6972ed430da5ae094230a69170dc4da","sha256":"2c16641def7b54bf96b79561afcd16676fc0c9e8e0869c89a0705a1c5a5cfab6","sha512":"e5941d5433ddc66b45c0a300c64209be0b85dc976b5ed662440aedc50c676edeaaf09f5f59e0147a31018a25fa3a611c6087012bfa203c7ce0d977e0d6eb84d7","ssdeep":"192:2rZFwk2T2D2E0iP1XjkHjjkHE2t2p2A2V2+2DPAPpPuPQPkPAjkRjkKjkJjkPkj/:2rZFwk2T2D24PRjCjt2t2p2A2V2+2DPO","tlshash":"69e1e19e912e6c46dd7f063cb5c12b26bb333fc136440695fdde539aa608687312a72c","first_seen":"2026-04-21T12:24:49.067917Z","last_seen":"2026-04-21T12:34:16.270509Z","times_seen":2,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":394,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"m.galabet1069.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}