pointsbet.exikaros.com Open in urlscan Pro
68.65.123.149 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ablink.mail.pointsbet.com/ls/click?upn=Z96GuALkbB1RGgdbP7AH1pD9NG66TXJZNO7vcKUsxwxgPRAT6T1T9v5Vz4YEesEpKEfOS2xlRg9FCNXZbXR...
Effective URL:
https://pointsbet.exikaros.com/giveaway/
Submission: On May 11 via manual (May 11th 2023, 11:12:17 pm UTC) from AU — Scanned from AU

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 25 HTTP transactions. The main IP is 68.65.123.149, located in Saint Petersburg, United States and belongs to NAMECHEAP-NET, US. The main domain is pointsbet.exikaros.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2023. Valid for: a year.

This is the only time pointsbet.exikaros.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.143.34 104.17.143.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	135.125.156.44 135.125.156.44	16276 (OVH) (OVH)
12	68.65.123.149 68.65.123.149	22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	74.125.68.95 74.125.68.95	15169 (GOOGLE) (GOOGLE)
1	142.251.12.97 142.251.12.97	15169 (GOOGLE) (GOOGLE)
1	104.18.8.178 104.18.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.150.127 54.192.150.127	16509 (AMAZON-02) (AMAZON-02)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
2	172.217.194.101 172.217.194.101	15169 (GOOGLE) (GOOGLE)
25	9

1 104.17.143.34 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ablink.mail.pointsbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.156.44 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip44.ip-135-125-156.eu

trasakaves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 68.65.123.149 (Saint Petersburg, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business43-3.web-hosting.com

pointsbet.exikaros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)

i.gyazo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-127.sin2.r.cloudfront.net

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

etherodkada.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.101 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	exikaros.com pointsbet.exikaros.com	153 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50 chart.googleapis.com — Cisco Umbrella Rank: 25106	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
2	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 20299 etherodkada.matomo.cloud	39 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
1	gyazo.com i.gyazo.com — Cisco Umbrella Rank: 104187	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
1	trasakaves.com 1 redirects trasakaves.com	249 B
1	pointsbet.com 1 redirects ablink.mail.pointsbet.com — Cisco Umbrella Rank: 711042	234 B
25	10

	Domain	Requested by
12	pointsbet.exikaros.com	pointsbet.exikaros.com
4	chart.googleapis.com	pointsbet.exikaros.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	etherodkada.matomo.cloud	cdn.matomo.cloud
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.matomo.cloud	pointsbet.exikaros.com
1	cdnjs.cloudflare.com	pointsbet.exikaros.com
1	i.gyazo.com	pointsbet.exikaros.com
1	www.googletagmanager.com	pointsbet.exikaros.com
1	fonts.googleapis.com	pointsbet.exikaros.com
1	trasakaves.com	1 redirects
1	ablink.mail.pointsbet.com	1 redirects
25	12

This site contains no links.

Subject Issuer	Validity	Valid
pointsbet.exikaros.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-11` - `2024-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://pointsbet.exikaros.com/giveaway/
Frame ID: 32CDF4D10CC16AC1BA81D6BDBD53A7A7
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

POINTESBET Biggest giveaway CRYPTO of $100 000 000

Page URL History Show full URLs

https://ablink.mail.pointsbet.com/ls/click?upn=Z96GuALkbB1RGgdbP7AH1pD9NG66TXJZNO7vcKUsxwxgPRAT6T1T9v5Vz4YEesE... HTTP 302
https://trasakaves.com/zadam.odonoghue@pointsbet.comz HTTP 302
https://pointsbet.exikaros.com/giveaway/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

4
Countries

321 kB
Transfer

614 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ablink.mail.pointsbet.com/ls/click?upn=Z96GuALkbB1RGgdbP7AH1pD9NG66TXJZNO7vcKUsxwxgPRAT6T1T9v5Vz4YEesEpKEfOS2xlRg9FCNXZbXRyHQ-3D-3DLsjy_1-2FbNEJZmxSTQpFoJIkSolr0u1-2FG-2BLbL74EFujQnh1b32nqmawwsfyuNEjmOPSu81tTRVdtHe-2FAG1EyOYloL8PVJCt-2BN4YexkF2jxPNDnnLIib9x5RP0zhO-2B2tYLKhgaKaZBsjy9J9yaSjNHFX9lFwe1HgX-2F9iD3hTNbyEPH9HvmH-2FfBtqUJcwHTe3he29E7Jj8YNFLveXhgK-2FUTCjyudSvGNtQdNcBLHG8OyCYrbhdrDv0fhkrbDbCTIK9ilBgX9faPKOPQ3kPGCEaxs0FsLPE1Mb4MF7Jsg9VEGib0drvztQ7bRRFwgh0pSKRAmsZ02-2FsP5EtZHtf0K-2FEeguS-2F67sZdVVOxWJFAKE22E1-2BpDG8T99g7SOGWH0mEGe9mcxUockNThUYseiwITwYerDFJQx28wT-2FfWKivJ1fweeM1fWBGYvKOrigVYZNtfeOovo3dndvgypJo3q0J7KKOHA2dnx2uBt7hAEZwLd4DsKCBGCXRBqek-2FFXCDJBYMGgiYXU-2BHVlhJRmxXjSagfywNZ2Fy-2F7HHW6Ae5kFK75h-2FlT6Cxd725u-2FiMAB3e8cuN7m94OeRW13-2BrxDj1YG9GsFKwsVXWdbr-2FbL86Rvt-2Bn2saF1xRnfWcnrDttb7Y68VLNg-2F7-2BGBNhCi-2FXBpwWzqjKQ0zzQ-2FTS9EquE-2FPC2Ayf7Bwl7Lo8-3D HTTP 302
https://trasakaves.com/zadam.odonoghue@pointsbet.comz HTTP 302
https://pointsbet.exikaros.com/giveaway/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pointsbet.exikaros.com/giveaway/
Redirect Chain

https://ablink.mail.pointsbet.com/ls/click?upn=Z96GuALkbB1RGgdbP7AH1pD9NG66TXJZNO7vcKUsxwxgPRAT6T1T9v5Vz4YEesEpKEfOS2xlRg9FCNXZbXRyHQ-3D-3DLsjy_1-2FbNEJZmxSTQpFoJIkSolr0u1-2FG-2BLbL74EFujQnh1b32nqm...
https://trasakaves.com/zadam.odonoghue@pointsbet.comz
https://pointsbet.exikaros.com/giveaway/

26 KB
5 KB

912ms
304ms

Document
text/html

68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

ff45764fd97e4abec56fb4262efbdf551fe92aa40ad6515b6bd85eacdf8d4e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 4771
content-type: text/html
date: Thu, 11 May 2023 23:12:10 GMT
last-modified: Thu, 11 May 2023 14:07:51 GMT
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 224
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 11 May 2023 23:12:10 GMT
Keep-Alive: timeout=5, max=100
Location: https://pointsbet.exikaros.com/giveaway/
Server: Apache

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 514ms
172ms Stylesheet
text/css 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

ESF /

Resource Hash

5f3daf39ceba8eb7f7f31b1d89628584cbfe7de7bc0a54601997aec73c272bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 23:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 23:12:11 GMT

GET
H2 200 style.css
pointsbet.exikaros.com/giveaway/css/ 15 KB
3 KB 300ms
300ms Stylesheet
text/css 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pointsbet.exikaros.com/giveaway/css/style.css

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

f885127262658f347ce1bb230935c3057dcb519474c9e556acce01c2b014343e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2608
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:03:50 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 522ms
176ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129523657-8

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b5eb5c2894c84d57f5430c8b784b2a201d98f4f7c8ff59399ff2c195428e0066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46266
x-xss-protection: 0
last-modified: Thu, 11 May 2023 22:17:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 23:12:12 GMT

GET
H2 200 6510aff9b91f213ad1dfd8b58f88fdc5.png
i.gyazo.com/ 2 KB
2 KB 291ms
108ms Image
image/png 104.18.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gyazo.com/6510aff9b91f213ad1dfd8b58f88fdc5.png
Requested by: Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff42aa41af7ff675cf9e81aeb48d759fbb4a0965e414643020bdeb87f32bbf3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
via: 1.1 google
cf-cache-status: HIT
age: 28894
content-length: 2131
server: cloudflare
etag: "6510"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://gyazo.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-dpr: 1.000000
x-cache-level: ZS
accept-ranges: bytes
cf-ray: 7c5e1afa2ec229a2-MEL
expires: Fri, 10 May 2024 23:12:11 GMT

GET
H2 200 bage.png
pointsbet.exikaros.com/giveaway/img/ 485 B
868 B 312ms
308ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/bage.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

1ff8e2a1a3dcdc6029d50e5999e8f0d8d612494c48bc2f51039404151016a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 12:57:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 485
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 creator.png
pointsbet.exikaros.com/giveaway/img/ 104 KB
104 KB 609ms
606ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/creator.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

2dd324b551da8798ea71f682c389d2df4f1621d2dde4bfdbc3932e0213a572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:04:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 106297
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 wallet.png
pointsbet.exikaros.com/giveaway/img/ 2 KB
3 KB 1470ms
1467ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/wallet.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

286ea86cdae8924d36288d8eaa781fd914d855375e363da4ae4ef9ce8384fcc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:24:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2400
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 transfer.png
pointsbet.exikaros.com/giveaway/img/ 2 KB
3 KB 1470ms
1468ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/transfer.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

e8ea40b4dff46e47acd33796d5c3423ade826077482690f866685883c7c5e41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:24:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2529
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 checkmark.png
pointsbet.exikaros.com/giveaway/img/ 3 KB
3 KB 1471ms
1468ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/checkmark.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

93ff6877ecd914cea46be2dc293e42ed35b437ab40fa5b3eb1fed4b7f4ccf96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:24:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2652
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 bonus.png
pointsbet.exikaros.com/giveaway/img/ 2 KB
3 KB 1471ms
1469ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/bonus.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

0225a62b70a6be12fd33091f28b054cc0b3d75965c9bde1b855d470ee47c0c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 15:24:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2305
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 popper.png
pointsbet.exikaros.com/giveaway/img/ 25 KB
25 KB 1472ms
1470ms Image
image/png 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/popper.png

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 12:57:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25477
x-xss-protection: 1; mode=block
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 chart
chart.googleapis.com/ 877 B
937 B 180ms
176ms Image
image/png 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=bc1qcecr065z9yu2f0v4ype6ptkrtrj9ycvpwjz86k&chld=L|1&choe=UTF-8

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

40cc47f24cc4e85b1ba39036e4c5e4d54388b81eb55b5c08dafd3360e4a7cf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:54:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 19089
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 17:54:02 GMT

GET
H2 200 chart
chart.googleapis.com/ 876 B
932 B 183ms
179ms Image
image/png 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=0x56f2B13dd49c58Cf6dE980A4D395FD7AD7456c3b&chld=L|1&choe=UTF-8

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

7ce79bd4e086887ee8323bbd082cb70b49464b37237adf1eddaf86008b8a9603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:54:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 19089
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 17:54:02 GMT

GET
H2 200 chart
chart.googleapis.com/ 857 B
917 B 177ms
172ms Image
image/png 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=TBMQtZMmmYJvLbgmCbNbfpemtFGTWdqKRL&chld=L|1&choe=UTF-8

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

f24cae393d71c7d09ea7fd03d6577e61a1cfec87780b48e4c943228874ee1e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:54:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 19089
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 857
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 17:54:02 GMT

GET
H2 200 chart
chart.googleapis.com/ 876 B
1 KB 173ms
169ms Image
image/png 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=bnb106xnnvfn3ed9gq9psqffz3v50e85gxsnyxpf3z&chld=L|1&choe=UTF-8

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

2c45805f7d09e929e10bd7c608491270b9c7a8a0e4aa352feba55c564fb1a908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:54:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 19089
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 17:54:02 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 278ms
93ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2514846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sttYCIJztDXCjq3JKjCeuC1rJ2qc3DAGH14tOCloxfNcZM8kuUhDJ8UnYkh2CV3%2BHzxKAza0w%2BU1qEcieXNLyOfD2oMihJW5MSOCwiETGvdZ4TA61Fp1wN0eQKEtTbbscZWpx53r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5e1af8bc0c29a1-MEL
expires: Tue, 30 Apr 2024 23:12:11 GMT

GET
H2 200 script.js Show response
pointsbet.exikaros.com/giveaway/js/ 5 KB
2 KB 299ms
298ms Script
application/javascript 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://pointsbet.exikaros.com/giveaway/js/script.js?v=3

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

0e55dc58d1c695c028330151d7229ec46992f0dff33ea93b4dfc1d568761e513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1644
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 14:04:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/etherodkada.matomo.cloud/ 132 KB
39 KB 542ms
193ms Script
application/javascript 54.192.150.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/etherodkada.matomo.cloud/matomo.js
Requested by: Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-127.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 18:01:39 GMT
x-amz-version-id: 44P.YgZ9M3JlDl78VMtMBalXbInpA.JM
content-encoding: gzip
via: 1.1 6a453f38d14868702eadac9560675990.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 18634
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 27 Apr 2023 22:04:11 GMT
server: AmazonS3
etag: W/"df630c016b0a1d6d650d8d6a411f9d56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: 6ZJH_wqaZed9ah8zUQTEqMTEfvuwDmarGFeewml0uIeOxEvmS8yZRA==

GET
H2 200 btc_icon.svg
pointsbet.exikaros.com/giveaway/img/ 1 KB
1 KB 1498ms
1498ms Image
image/svg+xml 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/btc_icon.svg

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

744f12189bb28f29c7e4cc40b1db5f6b4e1ab1a8330c03f7fb1b82bebadc7477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 669
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 12:57:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 18 May 2023 23:12:11 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 515ms
171ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pointsbet.exikaros.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:00:53 GMT
x-content-type-options: nosniff
age: 101479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 19:00:53 GMT

GET
H2 200 check.svg
pointsbet.exikaros.com/giveaway/img/ 549 B
721 B 1475ms
1475ms Image
image/svg+xml 68.65.123.149
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointsbet.exikaros.com/giveaway/img/check.svg

Requested by

Host: pointsbet.exikaros.com
URL: https://pointsbet.exikaros.com/giveaway/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.65.123.149 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business43-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

7fb4f39e011ff722578938b999f06d202bf256424154b7d00520b98deb947876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 313
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 12:57:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 18 May 2023 23:12:12 GMT

POST
H2 204 matomo.php
etherodkada.matomo.cloud/ 0
173 B 1021ms
359ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://etherodkada.matomo.cloud/matomo.php?action_name=POINTESBET%20Biggest%20giveaway%20CRYPTO%20of%20%24100%20000%20000&idsite=1&rec=1&r=756896&h=23&m=12&s=12&url=https%3A%2F%2Fpointsbet.exikaros.com%2Fgiveaway%2F&_id=1e5b9cf1925ebcb0&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=RLbAkm&pf_net=608&pf_srv=303&pf_tfr=1&pf_dm1=817&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/etherodkada.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pointsbet.exikaros.com/giveaway/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://pointsbet.exikaros.com
date: Thu, 11 May 2023 23:12:13 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 516ms
171ms Script
text/javascript 172.217.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129523657-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pointsbet.exikaros.com/giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 May 2023 22:27:29 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2683
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 00:27:29 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 172ms
171ms XHR
text/plain 172.217.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1460851853&t=pageview&_s=1&dl=https%3A%2F%2Fpointsbet.exikaros.com%2Fgiveaway%2F&ul=en-us&de=UTF-8&dt=POINTESBET%20Biggest%20giveaway%20CRYPTO%20of%20%24100%20000%20000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=580613146&gjid=1908505165&cid=1629434072.1683846733&tid=UA-129523657-8&_gid=1894650019.1683846733&_r=1&gtm=457e35a0&jsscut=1&z=1809559432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pointsbet.exikaros.com/giveaway/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 May 2023 23:12:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pointsbet.exikaros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.gyazo.com/	1970-01-20 21:20:06	Name: Gyazo_cfwoker Value: i
pointsbet.exikaros.com/	1970-01-20 21:10:01	Name: _pk_id.1.73b8 Value: 1e5b9cf1925ebcb0.1683846732.
pointsbet.exikaros.com/	1970-01-20 11:44:08	Name: _pk_ses.1.73b8 Value: 1
.exikaros.com/	1970-01-20 21:20:06	Name: _ga Value: GA1.2.1629434072.1683846733
.exikaros.com/	1970-01-20 11:45:33	Name: _gid Value: GA1.2.1894650019.1683846733
.exikaros.com/	1970-01-20 11:44:06	Name: _gat_gtag_UA_129523657_8 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablink.mail.pointsbet.com
cdn.matomo.cloud
cdnjs.cloudflare.com
chart.googleapis.com
etherodkada.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
i.gyazo.com
pointsbet.exikaros.com
trasakaves.com
www.google-analytics.com
www.googletagmanager.com
104.17.143.34
104.17.25.14
104.18.8.178
135.125.156.44
142.251.10.94
142.251.12.97
172.217.194.101
3.126.133.169
54.192.150.127
68.65.123.149
74.125.68.95
0225a62b70a6be12fd33091f28b054cc0b3d75965c9bde1b855d470ee47c0c14
0e55dc58d1c695c028330151d7229ec46992f0dff33ea93b4dfc1d568761e513
1ff8e2a1a3dcdc6029d50e5999e8f0d8d612494c48bc2f51039404151016a9aa
286ea86cdae8924d36288d8eaa781fd914d855375e363da4ae4ef9ce8384fcc0
2c45805f7d09e929e10bd7c608491270b9c7a8a0e4aa352feba55c564fb1a908
2dd324b551da8798ea71f682c389d2df4f1621d2dde4bfdbc3932e0213a572bd
40cc47f24cc4e85b1ba39036e4c5e4d54388b81eb55b5c08dafd3360e4a7cf24
5f3daf39ceba8eb7f7f31b1d89628584cbfe7de7bc0a54601997aec73c272bd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
744f12189bb28f29c7e4cc40b1db5f6b4e1ab1a8330c03f7fb1b82bebadc7477
7ce79bd4e086887ee8323bbd082cb70b49464b37237adf1eddaf86008b8a9603
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
7fb4f39e011ff722578938b999f06d202bf256424154b7d00520b98deb947876
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
93ff6877ecd914cea46be2dc293e42ed35b437ab40fa5b3eb1fed4b7f4ccf96f
b5eb5c2894c84d57f5430c8b784b2a201d98f4f7c8ff59399ff2c195428e0066
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8ea40b4dff46e47acd33796d5c3423ade826077482690f866685883c7c5e41c
f24cae393d71c7d09ea7fd03d6577e61a1cfec87780b48e4c943228874ee1e47
f885127262658f347ce1bb230935c3057dcb519474c9e556acce01c2b014343e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff45764fd97e4abec56fb4262efbdf551fe92aa40ad6515b6bd85eacdf8d4e15
fff42aa41af7ff675cf9e81aeb48d759fbb4a0965e414643020bdeb87f32bbf3

pointsbet.exikaros.com Open in urlscan Pro 68.65.123.149 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

9 IPs

4 Countries

321 kBTransfer

614 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

6 Cookies

Security Headers

pointsbet.exikaros.com Open in urlscan Pro
68.65.123.149 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

4
Countries

321 kB
Transfer

614 kB
Size

6
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!