https://raydentalwebsite.invizag.com/
209.42.28.102 · WHG Hosting Services Ltd
Canary Wharf, United Kingdom
453 days
200 · 21.6s
Valid· R13, Let's Encrypt, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Elitbahis / Süperbahis
Vendors
30/31
Status
partial
Registered-domain escalation
Submit invizag.com as the primary IOC, enriched with evidence from hostile subdomains like raydentalwebsite.invizag.com.
No KB/IOK detections were recorded for this scan.
gambling | technology | finance · 7/19/2026
The page uses Süperbahis/Elitbahis branding and redirects to an external domain, with an impersonation-like landing layout shown in the screenshot. The final URL resolves to a click-tracking/maintenance domain (temporary-maintenance414.click) and includes multiple redirects, suspicious external resources, and a SPA-rendered credential capture risk indicated by dynamic forms in scripts. Although no static login form is found in HTML, the SPA likely renders credential collection via JavaScript. This suggests potential credential harvesting impersonation rather than a confirmed first-party abuse, but the branding and redirect chain strongly indicate an impersonation attempt targeting Elitbahis/Süperbahis branding.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 16
Hosts: 8
Domains: 8
The scan indicates a strong impersonation setup using familiar gambling brand visuals (Elitbahis/Süperbahis) on a domain that does not appear to be the official brand domain. The presence of multiple redirects to a click/maintenance domain and a SPA-based credential capture pattern suggests an attempt to harvest user data under the guise of a legitimate betting platform. The domain is hosting a visually authentic landing and uses a Cloudflare beacon, with a suspicious final URL and POST beacon to a third-party domain. This constitutes potential phishing and credential harvesting activity. Recommend aggressive action and further investigation with registrars/hosts for takedown if corroborated by abuse teams.
Monitor