https://m.superbahisgunceli.icu/
104.21.72.135 · Cloudflare, Inc.
Toronto, Canada
1 day ⚠
200 · 22.0s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Unknown
Vendors
30/31
Status
partial
Registered-domain escalation
Submit superbahisgunceli.icu as the primary IOC, enriched with evidence from hostile subdomains like m.superbahisgunceli.icu.
No KB/IOK detections were recorded for this scan.
finance | technology | ecommerce | government | social_media | cryptocurrency | telecommunications | education | other · 7/19/2026
The page on m.superbahisgunceli.icu displays Turkish text stating illegal betting is a crime, with a dark modal UI that imitates a warning banner. The URL path and page title do not clearly map to a first-party brand, and the domain is a very new .icu with Cloudflare underpinnings. The SPA-like structure and the presence of a POST to a rum endpoint suggest potential credential collection or abuse, but there is no explicit brand impersonation or credential form visible in static HTML; the page appears to be an impersonation-like warning rather than a clearly branded phishing login for a known service at this time.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 9
Hosts: 4
Domains: 4
The site is operating on a newly created domain with a Turkish-language anti-betting warning UI that visually imitates a warning panel. The presence of a POST beacon endpoint and dynamic rendering hints at possible data capture flows, but there is no explicit credential form in the static HTML. The combination of a new domain, .icu TLD, and a suspiciously styled impersonation-like interface constitutes a moderate risk signal for abuse or credential collection. Monitor and investigate further for actual credential theft or data exfiltration behavior if dynamic UI renders a login or form on runtime.
Monitor