0/100

low Risk

betboo.v24s.net

https://betboo.v24s.net/

104.21.20.183 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

1865 days

HTTP

200 · 22.6s

SSL

Valid· WE1, Google Trust Services, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Betboo Türkiye'de Online Casino Ve Spor Bahisleri Değerlendirmesi"

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

betboo.v24s.net ( Betboo Turkish-language page )

Vendors

30/31

Status

partial

✓ bitdefender✓ avg✓ brightcloud✗ norton✓ polyswarm✓ sophos✓ yandex✓ chainpatrol✓ microsoft✓ eset✓ apple✓ openphish✓ spamhaus✓ apwg✓ urlscan✓ isitphish✓ phishreport✓ cisa✓ urlquery✓ emsisoft✓ netcraft✓ drweb✓ avast✓ threatyeti✓ mcafee✓ phishtank✓ virustotal✓ urlabuse✓ kaspersky✓ google✓ fortiguard

Registered-domain escalation

Submit v24s.net as the primary IOC, enriched with evidence from hostile subdomains like betboo.v24s.net.

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

betboo.v24s.net ( Betboo Turkish-language page )

Unknown

gambling · 6/3/2026

Summary

The page appears to be a Turkish-language review/news style site hosted on betboo.v24s.net. URL path and page title do not clearly indicate a credential-phishing flow. Static HTML contains zero login forms, and the page is served via Cloudflare-proxied infrastructure. Visual cues in the screenshot suggest generic content, with no explicit impersonation of a known brand detected from the provided data. Based on the evidence, there is no conclusive phishing or credential harvesting visible in the scan data itself.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸Distinctive asset clues: amp-lightbox-0.1.js, v0.js, css2, 9278.jpeg, 4171.jpeg.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 0

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 17

Hosts: 6

Domains: 6

Attack Techniques (0)

Indicators of Compromise (1)

▸Scanner shows 0 credential signals in static HTML, but SPA may render credentials via JS.

Risk AssessmentUsed in abuse reports

The scan indicates a hosted page with potential branding confusion: Betboo appears on a domain that is not the official Betboo site, and assets are pulled from unrelated domains (podbex.com, AMP CDN). While there is no direct credential harvesting form detected in the static HTML, the SPA pattern means credentials could be captured via dynamic JS if impersonation of a brand occurs. The presence of generic content and images from third-party casinos, plus the off-brand subdomain, suggests potential brand impersonation risk rather than confirmed first-party abuse. Recommend monitoring and further manual review of dynamic payloads and form rendering to rule out credential collection.

Recommended Action

Monitor

Cross-Reference9

URL Intelligence