https://m.wwwsuperbahis.cam/
104.21.57.160 · Cloudflare, Inc.
Toronto, Canada
0 days ⚠
200 · 22.2s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Vendors
29/31
Status
partial
Registered-domain escalation
Submit wwwsuperbahis.cam as the primary IOC, enriched with evidence from hostile subdomains like m.wwwsuperbahis.cam.
No KB/IOK detections were recorded for this scan.
gambling · 7/19/2026
The page presents Turkish-language content warning about illegal gambling, but the visual design shown in the screenshot mirrors a dark modal with bold typography that resembles a legitimate service’s warning. The domain m.Google is extremely new (0 days) and uses a CAM TLD with Cloudflare in front, which, combined with a suspicious SSL certificate and obfuscated resource naming, signals potential impersonation or abuse. However, the evidence also shows no explicit credential form in the static HTML, and the SPA is likely rendering forms via JavaScript, so credential harvesting cannot be confirmed solely from the static HTML; the POST target observed (cdn-cgi/rum) and SPA-style structure warrant caution and further dynamic analysis to determine if credentials or sensitive data are captured.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 9
Hosts: 4
Domains: 4
The domain Google is a very new domain with a CAM TLD, using Cloudflare in front and a recent SSL cert. The page content includes a large impersonation-styled warning modal that resembles a legitimate security alert, and the SPA loads an external beacon script from Cloudflare Insights. The presence of a POST to a CDN-like endpoint and the absence of static login fields in the HTML but with dynamic rendering potential raises concern for credential harvesting in runtime. Given the strong indicators of brand impersonation potential, the risk is elevated (48/100) and warrants further blocking and monitoring, with cautious action recommended if additional evidence confirms credential collection or misuse.
Suspend Domain