https://temporary-maintenance504.online/superbahis.html
172.67.222.45 · Cloudflare, Inc.
Toronto, Canada
49 days
200 · 86.2s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
temporary-maintenance504.online
Vendors
27/31
Status
partial
No KB/IOK detections were recorded for this scan.
gambling | technology | finance | ecommerce | other · 7/19/2026
The page presents a Süperbahis-themed layout but is hosted on temporary-maintenance504.online, which is not the official Süperbahis domain. Visuals mimic a gambling site (Elitbahis/Süperbahis branding) and the static HTML includes a meta refresh directing visitors to another domain, indicating potential redirection to an external site. SPA-like behavior is suggested by lack of static login forms, dynamic credential capture hints, and a suspicious POST to a CDN- CGI endpoint, all pointing toward potential credential harvesting in an impersonation context, but no confirmed direct login form on the scanned page itself.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 13
Hosts: 5
Domains: 5
The page is hosted on a new, non-official domain and uses a complex SPA-like structure to render content, with a meta refresh redirect to another domain. Visual branding imitates a known gambling brand (Süperbahis/Elitbahis), which is a strong impersonation signal. The presence of a POST to a CDN CGI endpoint and loading of external beacons suggests potential data exfiltration or tracking for credential harvesting. The combination indicates a high likelihood of impersonation-based abuse and possible credential capture, warranting caution and action. The site appears to be attempting to redirect visitors and clone a known brand on a short-lived domain, which is typical of phishing infrastructure.
Block URL