0/100

low Risk

oneightynyc.com

https://oneightynyc.com/

67.222.39.89 · Unified Layer

Location

Provo, United States

Domain Age

5059 days

HTTP

200 · 24.3s

SSL

Valid· R13, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Süperbahis Güncel Giriş Adresi 2026 - Hızlı Erişim"

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

oneightynyc.com

Vendors

28/31

Status

partial

✓ emsisoft✓ apwg✓ cisa✓ isitphish✓ urlquery✓ phishreport✓ fortiguard✓ urlscan✓ openphish✓ netcraft✓ phishtank✓ drweb✓ urlabuse✓ mcafee✓ google✓ threatyeti✓ avast✓ eset✗ brightcloud✓ virustotal✓ microsoft✓ polyswarm✗ norton✓ chainpatrol✗ bitdefender✓ sophos✓ kaspersky✓ apple✓ spamhaus✓ yandex✓ avg

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

oneightynyc.com

Unknown

finance | technology | ecommerce | cryptocurrency | other · 6/3/2026

Summary

The page presents Süperbahis branding and content, but the domain oneightynyc.com is not the official Süperbahis domain. Visual cues and page title reference Süperbahis and a Turkish-language FAQ-like structure, while the canonical link points to oneightynyc.com and the Open Graph image/logo references point to tr.superbahis1gir.live. Network and DOM signals show a SPA-like structure with no static login form, suggesting credential harvesting could be occurring via dynamically rendered UI. The combination of brand impersonation indicators and cloaking notes in the analyst context elevates the potential for phishing, though the site’s first-party status cannot be confirmed as the official Süperbahis domain. Analyst flagged likely cloaking/evasion behavior for this target. Analyst context noted: Cloaking Google Bot for superbahis brand Analyst note: this target may cloak content or block scanners.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸Distinctive asset clues: all.min.css, css2, logo.png.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 0

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 19

Hosts: 5

Domains: 5

Attack Techniques (2)

Brand impersonation signals (Süperbahis branding on a non-official domain).Single-Page Application (SPA) dynamic credential capture risk due to absence of static login form.

Indicators of Compromise (0)

No specific IOCs identified in source

Risk AssessmentUsed in abuse reports

The evidence strongly suggests potential brand impersonation: Süperbahis branding is presented on a non-official domain (oneightynyc.com) with assets and Open Graph data pointing to a different service (tr.superbahis1gir.live). The static HTML contains zero login forms, but the SPA-style rendering with external script loads raises concern for dynamic credential collection. The analyst notes explicitly mention cloaking Google Bot, which is a common tactic to avoid automated detection. Given these signals, the site warrants action and close monitoring for credential harvesting activity, while clearly distinguishing that the domain is not the official Süperbahis site. Recommend treating as potential phishing with heightened scrutiny and consider takedown actions if corroborated by further evidence. Analyst-reported cloaking/evasion suspicion increases confidence that the operator is actively attempting to evade automated security analysis. Analyst context was provided and corroborated during this assessment (Cloaking Google Bot for superbahis brand Analyst note: this target may cloak content or block scanners.).

Recommended Action

Suspend Domain

Cross-Reference9

URL Intelligence