urlscan.io logo urlscan.io
SecurityTrails logo

exaltedbot.xyz Open in urlscan Pro
198.54.115.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://exaltedbot.xyz/
Effective URL: https://exaltedbot.xyz/
Submission Tags: phisherman
Submission: On September 27 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 198.54.115.168, located in United States and belongs to NAMECHEAP-NET, US. The main domain is exaltedbot.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 16th 2021. Valid for: a year.
This is the only time exaltedbot.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 198.54.115.168 22612 (NAMECHEAP...)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 142.250.185.234 15169 (GOOGLE)
1 151.101.112.193 54113 (FASTLY)
1 104.22.75.75 13335 (CLOUDFLAR...)
3 142.250.186.35 15169 (GOOGLE)
8 7
2    198.54.115.168 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server222-3.web-hosting.com
exaltedbot.xyz
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    104.22.75.75 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.nkstatic.com
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
2 exaltedbot.xyz 1 redirects
1 cdn.nkstatic.com exaltedbot.xyz
1 i.imgur.com exaltedbot.xyz
1 fonts.googleapis.com exaltedbot.xyz
1 stackpath.bootstrapcdn.com exaltedbot.xyz
8 6

This site contains links to these domains. Also see Links.

Domain
discordsapp.uk
Subject Issuer Validity Valid
exaltedbot.xyz
Sectigo RSA Domain Validation Secure Server CA		 2021-09-16 -
2022-09-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://exaltedbot.xyz/
Frame ID: 7815621F63D74272A1DFD7AE79FF8216
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Exalted Bot

Page URL History Show full URLs

  1. http://exaltedbot.xyz/ HTTP 301
    https://exaltedbot.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

714 kB
Transfer

904 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://exaltedbot.xyz/ HTTP 301
    https://exaltedbot.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
exaltedbot.xyz/
Redirect Chain
  • http://exaltedbot.xyz/
  • https://exaltedbot.xyz/
62 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exaltedbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server222-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5e222df1f57df76a18666704cad702a5ae142aca98e18150ade622c438906969

Request headers

:method
GET
:authority
exaltedbot.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Sun, 26 Sep 2021 23:12:48 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
10030
date
Mon, 27 Sep 2021 09:57:41 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

keep-alive
timeout=5, max=100
content-type
text/html
content-length
707
date
Mon, 27 Sep 2021 09:57:41 GMT
server
LiteSpeed
location
https://exaltedbot.xyz/
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: exaltedbot.xyz
URL: https://exaltedbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exaltedbot.xyz/
Origin
https://exaltedbot.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
233094
cdn-cachedat
08/03/2021 15:44:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
92af7a49c8cb1d4340bf6aa166d10b39
cf-ray
6953de89581b4de8-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: exaltedbot.xyz
URL: https://exaltedbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
284640950d838451759afd9e4bb7e9569e8a5fee43105c87c8cd34aa57fa4b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://exaltedbot.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 08:36:59 GMT
server
ESF
date
Mon, 27 Sep 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 09:57:41 GMT
Qt3PdKa.png
i.imgur.com/ 		573 KB
573 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Qt3PdKa.png
Requested by
Host: exaltedbot.xyz
URL: https://exaltedbot.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2a0821878dcb7533be3a5a1e70ca1b5006f251156d1ca2c627e274dca814eb73
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://exaltedbot.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:57:41 GMT
x-content-type-options
nosniff
age
903257
x-cache
HIT, HIT
content-length
586446
x-served-by
cache-bwi5154-BWI, cache-hhn4070-HHN
last-modified
Thu, 16 Sep 2021 23:03:17 GMT
server
cat factory 1.0
x-timer
S1632736662.993278,VS0,VE3
etag
"fec4b4fe9477f589f685c8b741910e43"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
btd6_hero_grey.png
cdn.nkstatic.com/images/games/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nkstatic.com/images/games/btd6_hero_grey.png
Requested by
Host: exaltedbot.xyz
URL: https://exaltedbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.75.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01291dec26e127bb2ca5118d2f4c121e6b265f07e7d7d0de9b87a833e3bc4b91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://exaltedbot.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:57:42 GMT
cf-cache-status
HIT
age
1453267
cf-polished
origFmt=png, origSize=89511
access-control-max-age
1728000
content-disposition
inline; filename="btd6_hero_grey.webp"
content-length
82492
last-modified
Thu, 15 Apr 2021 23:21:34 GMT
server
cloudflare
etag
"bda8d8dbb36fea6c36c5f4b8123220a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, no-cache="set-cookie"
accept-ranges
bytes
cf-ray
6953de89d9166907-FRA
cf-bgj
imgq:100,h2pri
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exaltedbot.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:34:59 GMT
x-content-type-options
nosniff
age
156163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Sep 2022 14:34:59 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exaltedbot.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 14:59:01 GMT
x-content-type-options
nosniff
age
586721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 14:59:01 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exaltedbot.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:24:01 GMT
x-content-type-options
nosniff
age
160421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Sep 2022 13:24:01 GMT
truncated
/ 		131 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5612f88dc831c2c73c2c4a15fd78a9ed24703b0a1f40333678a1f698f95367c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		129 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9746043eec145f1d1579c7945e2a52303b9d107c772993dcfee62fe960d40e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies