payment.bot Open in urlscan Pro
78.47.167.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://payment.bot/
Effective URL:
https://payment.bot/
Submission Tags: falconsandbox
Submission: On June 27 via api (June 27th 2024, 2:40:37 am UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 6 domains to perform 67 HTTP transactions. The main IP is 78.47.167.29, located in Germany and belongs to HETZNER-AS, DE. The main domain is payment.bot.
TLS certificate: Issued by R11 on June 27th 2024. Valid for: 3 months.

This is the only time payment.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31 32	78.47.167.29 78.47.167.29	24940 (HETZNER-AS) (HETZNER-AS)
47	172.67.169.16 172.67.169.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	52.222.214.105 52.222.214.105	16509 (AMAZON-02) (AMAZON-02)
1	52.2.52.75 52.2.52.75	14618 (AMAZON-AES) (AMAZON-AES)
1	34.205.132.152 34.205.132.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	() ()
67	12

32 78.47.167.29 (Germany) 31 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.29.167.47.78.clients.your-server.de

payment.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 172.67.169.16 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptoexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-105.fra56.r.cloudfront.net

snippets.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.52.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-52-75.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.132.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-132-152.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	cryptoexchange.com cryptoexchange.com	4 MB
32	payment.bot 31 redirects payment.bot	1 MB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355 www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
4	freshchat.com snippets.freshchat.com — Cisco Umbrella Rank: 86415 wchat.freshchat.com — Cisco Umbrella Rank: 13794	26 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	264 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1004 B
67	6

	Domain	Requested by
47	cryptoexchange.com	payment.bot cryptoexchange.com
32	payment.bot	31 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	payment.bot www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	wchat.freshchat.com	payment.bot wchat.freshchat.com
2	snippets.freshchat.com	payment.bot snippets.freshchat.com
1	fonts.googleapis.com	cryptoexchange.com
67	8

This site contains links to these domains. Also see Links.

Domain
cryptoexchange.com

Subject Issuer	Validity	Valid
payment.bot R11	`2024-06-27` - `2024-09-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cryptoexchange.com E1	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
freshchat.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://payment.bot/
Frame ID: 02F9C4E7FBF83B7032C0BEF783F52C73
Requests: 57 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=3406cf76-3cf5-4f5f-a840-44234e025ca6&origin=https://payment.bot
Frame ID: 89F9826A6AF430609613B9ADA1959B5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy payment.bot with Bitcoin in our Cryptocurrency Marketplace.

Page URL History Show full URLs

http://payment.bot/ HTTP 307
https://payment.bot/ Page URL

Detected technologies

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

67
Requests

45 %
HTTPS

36 %
IPv6

6
Domains

8
Subdomains

12
IPs

2
Countries

5610 kB
Transfer

14011 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://cryptoexchange.com/team
Title: Our Team

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/support
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/learning-center
Title: Learning Center

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/integrations
Title: Developer API

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/escrow/help/nft-escrow-services
Title: NFT Escrow

Search URL Search Domain Scan URL

URL: https://cryptoexchange.com/escrow/help/buy-sell-domains
Title: Domain and Website Escrow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://payment.bot/ HTTP 307
https://payment.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://payment.bot/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2 HTTP 302
https://cryptoexchange.com/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2

Request Chain 1

https://payment.bot/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f HTTP 302
https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f

Request Chain 2

https://payment.bot/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c HTTP 302
https://cryptoexchange.com/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c

Request Chain 3

https://payment.bot/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac HTTP 302
https://cryptoexchange.com/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac

Request Chain 4

https://payment.bot/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d HTTP 302
https://cryptoexchange.com/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d

Request Chain 5

https://payment.bot/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8 HTTP 302
https://cryptoexchange.com/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8

Request Chain 14

https://payment.bot/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b HTTP 302
https://cryptoexchange.com/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b

Request Chain 15

https://payment.bot/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1 HTTP 302
https://cryptoexchange.com/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1

Request Chain 16

https://payment.bot/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281 HTTP 302
https://cryptoexchange.com/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281

Request Chain 17

https://payment.bot/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a HTTP 302
https://cryptoexchange.com/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a

Request Chain 18

https://payment.bot/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19 HTTP 302
https://cryptoexchange.com/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19

Request Chain 19

https://payment.bot/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b HTTP 302
https://cryptoexchange.com/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b

Request Chain 29

https://payment.bot/js/NavBar.c76cd696f0a233b7.js HTTP 302
https://cryptoexchange.com/js/NavBar.c76cd696f0a233b7.js

Request Chain 30

https://payment.bot/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js HTTP 302
https://cryptoexchange.com/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js

Request Chain 31

https://payment.bot/api/v1/locations HTTP 302
https://cryptoexchange.com/api/v1/locations

Request Chain 32

https://payment.bot/api/v1/local-time-zone HTTP 302
https://cryptoexchange.com/api/v1/local-time-zone

Request Chain 33

https://payment.bot/api/countries?limit=2000 HTTP 302
https://cryptoexchange.com/api/countries?limit=2000

Request Chain 34

https://payment.bot/api/v1/payment/crypto_currencies HTTP 302
https://cryptoexchange.com/api/v1/payment/crypto_currencies

Request Chain 35

https://payment.bot/api/v1/cryptocurrency/get-quotes HTTP 302
https://cryptoexchange.com/api/v1/cryptocurrency/get-quotes

Request Chain 36

https://payment.bot/api/checkout/cart HTTP 302
https://cryptoexchange.com/api/checkout/cart

Request Chain 37

https://payment.bot/api/categories HTTP 302
https://cryptoexchange.com/api/categories

Request Chain 38

https://payment.bot/images/icons/logo.svg HTTP 302
https://cryptoexchange.com/images/icons/logo.svg

Request Chain 39

https://payment.bot/images/icons/logo-icon.svg HTTP 302
https://cryptoexchange.com/images/icons/logo-icon.svg

Request Chain 40

https://payment.bot/images/icons/hamburger.svg HTTP 302
https://cryptoexchange.com/images/icons/hamburger.svg

Request Chain 41

https://payment.bot/images/icons/close.svg HTTP 302
https://cryptoexchange.com/images/icons/close.svg

Request Chain 42

https://payment.bot/images/icons/exchange.svg HTTP 302
https://cryptoexchange.com/images/icons/exchange.svg

Request Chain 43

https://payment.bot/images/icons/marketplace.svg HTTP 302
https://cryptoexchange.com/images/icons/marketplace.svg

Request Chain 44

https://payment.bot/images/icons/escrow.svg HTTP 302
https://cryptoexchange.com/images/icons/escrow.svg

Request Chain 56

https://payment.bot/api/v1/products/domain/3111 HTTP 302
https://cryptoexchange.com/api/v1/products/domain/3111

Request Chain 57

https://payment.bot/api/v1/whois?domain=payment.bot HTTP 302
https://cryptoexchange.com/api/v1/whois?domain=payment.bot

Request Chain 62

https://payment.bot/api/v1/exchange-rates?from_currency=USD&to_currency=BTC HTTP 302
https://cryptoexchange.com/api/v1/exchange-rates?from_currency=USD&to_currency=BTC

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
payment.bot/
Redirect Chain

http://payment.bot/
https://payment.bot/

2 MB
1 MB

864ms
355ms

Document
text/html

78.47.167.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.bot/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.167.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.167.47.78.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13c7392194997d353d43c985149daf0639218bb527855209c063accdd46bf387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 89a2128f5bc51c05-FRA
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jun 2024 02:40:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTFU5lNd3g2iYsO%2BgMwUsrpeXzobmo9UaMQt0n1CAkYEgiE5tzaMQIM6vW2tRDFPtUrxW0yGBDo58faYgYjP1zM9GFYtAcXoOEgTl2xa7QO%2BNRs8Qzh4UjhnIRM4xfYTELmg9iM%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://payment.bot/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

shop.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2
https://cryptoexchange.com/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2

84 KB
12 KB

236ms
189ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd769048875c0e8e45cacfce524893ef95a9f1f845d0c5998723574f821dee8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d16-14ece"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsRhMRhqu3sbonMtyHy3sIivnVW%2Bc%2BW%2FWFbjlqdigKPlm64e4PUuvpJKo%2F5%2BMga2n1ATi12gCgekuZ4WiQnPUtXfIJiqvvWzJW802dKnw4hzZKRWONCzH%2B1s%2BHdrI%2Ftv7WORiUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89a21292a8809b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

ui.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f
https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f

26 KB
6 KB

104ms
59ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2174cf52b3a4c0af9ea1b65c32351980b14ecdd96fe1f79ce7db28d49efaa350

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5925
etag: W/"66794d16-6789"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOlAEEQtMbbu87vQH4fiE98hCKWkfxqU5L2kVH24fOmUUfshGGSuiEdvvgKkpYutRi8eoTeE4K4L7ZJ3YYwSUOCrPTLLCkyU0GczOZUpWJ7c6dkMGMBLe3%2BuMbHVhsVn0XFFisA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89a21292a8829b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

crypto.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c
https://cryptoexchange.com/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c

307 KB
61 KB

235ms
190ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b73d91afe287bcc00070b7d73572205996523b959cb580b057b2a2a68b91af67

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-4ccd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQqkllKzfo9Rzc7AyrRLfAUIklnEJ2iXvZoabG2uzyXMFfysYxkucLQK8hfKCUzV3xpqg2mSybhAm8zdHLO91jCWhCm48BHD%2FXxOJn3RibUHoH%2B9KfaWRY2kZ%2FEcbhdrxAeNacE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89a21292a8839b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/css/crypto.css?id=5a271a9a756db12cb18c1e6b6141c79c
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

main.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac
https://cryptoexchange.com/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac

368 KB
61 KB

118ms
74ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2534bf0428f69072cd88b0c397a77cbc568bdf59fca2fcb9f2688987599326b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-5bf10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dvx7q9Mz8vNsur7SbZnN92tNBQlcpJSa8miHiYmrzjIPDGEwjidXMYkBNEq%2BDKyWmwfx4Ng21ZTWR4GhlqxKKDDq98vokTc7k%2FlF%2FdahRR%2FXdxhsqo%2FCOp7Bp4gwug8j9KlpTyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89a21292a87f9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/css/main.css?id=95d8076f82aa9eb60599d6ee1b4cbfac
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

marketplace.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d
https://cryptoexchange.com/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d

24 KB
4 KB

104ms
60ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40502b8056640c94f56672edd499b752427cfc8683a0f1b5d97090abd88d6815

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6478
alt-svc: h3=":443"; ma=86400
content-length: 3736
last-modified: Mon, 24 Jun 2024 10:40:22 GMT
server: cloudflare
etag: W/"66794d16-60d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjO8%2Fw7tIzAccjOyHPlymNKMJL2npGn81lf54C9YCvMI3wH3k2g8S9d3%2FfiFNDWYFGVG0CrkbizNgzu36Ne7pOiv8DafZvzQlLwW9139eqGyw1bZpSRdcdm5SzZmtaT%2BtQyi1nM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89a21292a8849b52-FRA

Redirect headers

Location: https://cryptoexchange.com/css/marketplace.css?id=bc09f71a8cb468e3461c1d26c0a1d05d
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

mptablerate.css
cryptoexchange.com/css/
Redirect Chain

https://payment.bot/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8
https://cryptoexchange.com/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8

119 B
528 B

230ms
229ms

Stylesheet
text/css

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4a2a1fed02fea3b6693fba837f9f0ae89eaf34d4c984f48adeefcca2054034

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d16-77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bI4%2BDmUzIFWoiHEHcdaOl9ypkWJOXMtRY%2BFW9TCkJJQxKBCDiyqVU0yEZhUy5ngDN4%2BXos8Qlk6lNn1oAPgw4dgQkkx0Wy3IFR6hVxdbgJv0wENYAqKDvzhKw8fuHPGXZFSd%2FDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89a21292a8859b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/css/mptablerate.css?id=0bb448240e40b6d19fe3150399fb85c8
Date: Thu, 27 Jun 2024 02:40:28 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET dmsans-regular-webfont.woff2
cryptoexchange.com/fonts/dmsans/ 0
0

GET dmsans-bold-webfont.woff2
cryptoexchange.com/fonts/dmsans/ 0
0

GET dmsans-medium-webfont.woff2
cryptoexchange.com/fonts/dmsans/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1004 B 206ms
60ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500&display=swap

Requested by

Host: cryptoexchange.com
URL: https://cryptoexchange.com/css/shop.css?id=45a1e46876af32f3087147b752fcf7d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5458a9f21259f3a858100f2af976908632b9583ff4f3a2add050063f91ac861f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cryptoexchange.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 02:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 02:40:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 02:40:28 GMT

GET dmsans-regular-webfont.woff
cryptoexchange.com/fonts/dmsans/ 0
0

GET
DATA 200
OK truncated
/ 1 MB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d826d759b244e6bc858097b752c065b042561eedbdf3e13fc630cf359df79c44

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo-footer.svg
cryptoexchange.com/images/icons/ 5 KB
3 KB 74ms
74ms Image
image/svg+xml 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo-footer.svg
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d350522175d86b58a0cf2cbb5870a8cc398d800274269bfd93050b0c3ad6de0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-14e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgWbqu7NTmELiK4k5LDYc30%2B0p1ENoZg8M%2BwLae7aeQSJfdTj5VerydrUlgNph31ni06ujJK5DL2Ujv%2FleS5%2BnhkPN%2BfjfDbcR0%2FokeCZXDv2D%2BSzjXelmey4JMYDhs2%2FutJZvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212979abe9b52-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo-icon.svg
cryptoexchange.com/images/icons/ 2 KB
1 KB 50ms
50ms Image
image/svg+xml 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo-icon.svg
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c950e59321fef9d11e76c127009355247ddc53fd4af9281ede42bda3d2a9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6523
etag: W/"66794d03-78b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4sxZTNLmXPwfwAWSrDvYsLKdyw8hWiMbo0UFvDa%2F%2ByM6Ik1qaKddrSVALYUU5Y1MoqeLYZKbqtRMB0EiJJnI4AmHq34Uu%2Bw1C4EGE1IAYZZkQjE1VX2xp891%2BL2RsjmT2sVOyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212979abf9b52-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

app.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b
https://cryptoexchange.com/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b

8 MB
3 MB

51ms
51ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c80ea51a1026831f9edea96201af0c058527f93f062bd84cd446f56efeecbe9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6493
etag: W/"66794d03-808b39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uN1dxjVrFDha9Ss2SPh%2FpeIDv3H9a5VTIAmmMxbP%2B%2BYDrGgaIObQjsKmwsI%2BZxxIFShjuq8o7nKbaj4kt5cqc%2BfHfT7llZwznczT9tvce2IewqVaTMyIDWGhyldPI30MkrDQvng%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b1b9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

ui.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1
https://cryptoexchange.com/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1

331 KB
100 KB

94ms
94ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b904ee4bdfe245a54bc2e99b3b1e37d54aa22a4772cbe7b86d9ab6e25da31153

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-52d2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDrcz%2Bj1Bfvz5xld7Sj1KZxYMeDXCbF%2BvnL46lbQeV9UatdoiFFSSq6ulIsmrJ80SzGrjv6NdJhXhmjDUhE0Wde0cTMZbifEwV8rZ5MA14hU%2F%2BrC95UpMvZ2lyqC51msZZbeEKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b1f9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/ui.js?id=008c97f9a11ffee213c12144c03a91e1
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

crypto.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281
https://cryptoexchange.com/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281

141 KB
46 KB

95ms
95ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3283714d63ecf2eb688948a496ffb27dd888967feda893990d112987c0c0d086

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-232c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMw%2F6NTsE%2FyUQiOnbyuYE9hQ8Pv87%2FOX93uF4RZ8KJHbTIRAaYP9t%2B%2Bs7Z8zwjHHgB6dD1U16vEk9rN6XtqtN%2FI8coyqkmNAh4Zeyq2dmuO7icIp3O%2B4pC7ZkSKG%2BmMZ5nB2ZFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b209b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/crypto.js?id=484551afb3e48cfb08b0ca9c626b0281
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

main.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a
https://cryptoexchange.com/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a

209 KB
65 KB

1002ms
1001ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f1c81e53634a26654f8dfef46b17dd69989b9af13eba1c1a8324827b48e894

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-3449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JnX%2Bq1bD5zdf7ZNWv3YHGD6WZgy%2BOYyO3r9Xfve7Aiv97EQDT4IplbDP9CTcmowXotYhsp99Ap6uW4hsAewQH2%2FkoUJWE2BVOS6TfrzMqR%2BOuDoyfP8ZUKe7Cso1cD41RrxNAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b229b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/main.js?id=93b755e8f755ae86afb76269a53fcf9a
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

marketplace.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19
https://cryptoexchange.com/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19

51 KB
16 KB

1008ms
1007ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85dfdc1d4390ec68195cd3f9aa69cb588ac46d275bd0c8443055c09deb7445ba

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-cc13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ECjo6xaoBIxHmnRtNzh4XQtjU6c75DsLmEea7YFwxy6PMdRhphUQh%2FX330TwE2gNjro2Rv98GCFf4wZdk%2FrXrqExr0sTxtPfI9%2FiKU7N0RutI4MkPQcoZCP32UjjFOqXKrJVF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b239b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/marketplace.js?id=b96fc098d141ff404eb6c10aa7dd8d19
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

mptablerate.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b
https://cryptoexchange.com/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b

51 KB
16 KB

1008ms
1008ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f9f7e9d87f22d640b7845d080fb46eb3dc29e4391518a6db279a472347970a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6491
etag: W/"66794d03-cbd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fy9Hwk6DF%2FVww69oTQ%2BXIl%2F%2B%2BvvWu5W7exy3PL1niyI%2FMA1CnoprMd5wX2tpRev8pDMhLx6yd1uE2%2F9s7GvDVShQ9%2B%2BagGhKU83z848J6P%2FhCxaCHKBU9aPIQRb0ZYspWDpwTk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212988b249b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/mptablerate.js?id=954fe77006d0de4dfbb2ee8d26a45a1b
Date: Thu, 27 Jun 2024 02:40:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 284ms
79ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V2EY9CR327

Requested by

Host: payment.bot
URL: https://payment.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa55dee38d87591f0eeab85317c00891950206f4b97b624b5137961ba130b411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 02:40:29 GMT

GET
H2 200 fc-pre-chat-form-v2.js Show response
snippets.freshchat.com/js/ 21 KB
4 KB 267ms
43ms Script
application/javascript 52.222.214.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippets.freshchat.com/js/fc-pre-chat-form-v2.js
Requested by: Host: payment.bot
URL: https://payment.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a1f526f68e69a3904c16cc5aaf04a585e759772e31e096ad1d65c724c0df4b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FjkT5GlTXDnDBJQsy29JZvir1gS5bi.t
content-encoding: br
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 02:35:57 GMT
last-modified: Mon, 22 Apr 2024 09:06:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 273
x-amz-server-side-encryption: AES256
etag: W/"39d47f44f3bf3a5aa40967b33edf01d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HEwip1MM7yZcq4VmhPW67wSS18h1xz6eTiZIcHiEMR75cbirzvFC_w==

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 67 KB
22 KB 448ms
124ms Script
application/javascript 52.2.52.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: payment.bot
URL: https://payment.bot/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.52.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-52-75.compute-1.amazonaws.com

Software

fwe /

Resource Hash

a2d1278b0d76000e797e065a55682632449375fa31d71ab27d051dff25366a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 00-28a25c914e40b21be59dfa960a8bdc80-f911d6620405763b-00
date: Thu, 27 Jun 2024 02:40:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: dpr96
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: a4831984-803d-427f-a4a2-f1b4c91a92b2

GET dmsans-bold-webfont.woff
cryptoexchange.com/fonts/dmsans/ 0
0

GET dmsans-medium-webfont.woff
cryptoexchange.com/fonts/dmsans/ 0
0

GET
H2 200 fc-pre-chat-form-v2.css
snippets.freshchat.com/css/ 3 KB
1 KB 41ms
41ms Stylesheet
text/css 52.222.214.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippets.freshchat.com/css/fc-pre-chat-form-v2.css
Requested by: Host: snippets.freshchat.com
URL: https://snippets.freshchat.com/js/fc-pre-chat-form-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f99257e7df95ded39df1cd1217d02ef83208946841409cafc037dda7b53fef7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: RIW8r5ubiAum2N6Vk6cTDh.0GNV0qjFe
content-encoding: br
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 02:36:24 GMT
last-modified: Tue, 14 Feb 2023 11:41:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 252
x-amz-server-side-encryption: AES256
etag: W/"15f395b129952fcdc60bd3fdbcc026ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: KoeABpxudJETSr6XOB-D1iPFlnzYXWQ-oI4s2jYuJ_YK_SyjQty-Vg==

GET
H2 200 config_iframe.html
wchat.freshchat.com/widget/ Frame 89F9 0
0 373ms
124ms Document
text/html 34.205.132.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=3406cf76-3cf5-4f5f-a840-44234e025ca6&origin=https://payment.bot

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.132.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-132-152.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 27 Jun 2024 02:40:31 GMT
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 66698ac3-28a0-482b-aff2-db838a962052
x-server: xj45f
x-trace-id: 00-e3f6c2d98d38718236629e4ed521f386-4b0ada1fdc52e113-00
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 66ms
64ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-227583592-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V2EY9CR327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6a4ae8743910b7887cedf5346c4c51bbe54d58a1c4926a055b8efa07995d3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76607
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 02:40:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 150ms
51ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V2EY9CR327&gtm=45je46q0v882593428za200&_p=1719456031306&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=531329316.1719456031&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719456031&sct=1&seg=0&dl=https%3A%2F%2Fpayment.bot%2F&dt=Buy%20payment.bot%20with%20Bitcoin%20in%20our%20Cryptocurrency%20Marketplace.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3990&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V2EY9CR327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 02:40:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

NavBar.c76cd696f0a233b7.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/NavBar.c76cd696f0a233b7.js
https://cryptoexchange.com/js/NavBar.c76cd696f0a233b7.js

3 KB
1 KB

53ms
52ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/NavBar.c76cd696f0a233b7.js
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c74dd57ff6600a48ebb8f3299e6838dd692067f833507cc92a28405e0df61ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6493
alt-svc: h3=":443"; ma=86400
content-length: 880
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
server: cloudflare
etag: W/"66794d03-a5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk2VTE0lqdNYZa3Uyoqwx52hjVbPzROSbNfdUDvbUhaQLtXx87W9vZfy1OWHJqh0BeUdzrBFrtQxA8i16cMsZEZqQ5QXvW5BVclOLMnVUoIuQi7ofcpMeNa4WNMWT38QTm8ONaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89a212a6898e9b52-FRA

Redirect headers

Location: https://cryptoexchange.com/js/NavBar.c76cd696f0a233b7.js
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js Show response
cryptoexchange.com/js/
Redirect Chain

https://payment.bot/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js
https://cryptoexchange.com/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js

48 KB
8 KB

69ms
68ms

Script
application/javascript

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b125efbed0ac400d0013c2793b33bdd6b38548450e946fb159a79e2631d01f46

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-c1fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlPEsvP9NWYrmZaxViqgDLmplxXgnCNMUARfMWW%2BLgYpk4rSdu4tukEVNb1sFEV0mUSGt4ADyVD8vXZUKaM9du9EFBZ6J5%2BP%2FdXeP0vChR8jbQSbuM%2BMRB%2FdaGg6veohLfCQRQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 89a212a6898f9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/js/MarketplaceProductsDomainsShowDomain.a808454def4da4a5.js
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

locations Show response
cryptoexchange.com/api/v1/
Redirect Chain

https://payment.bot/api/v1/locations
https://cryptoexchange.com/api/v1/locations

149 B
871 B

509ms
508ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/locations
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83b07ca6e86bd84950e4c80531d8dfb4faf883fc10ff083baff037495b97759

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTvHrW5FF0l9itjVKB3UVVrbs9%2FW9rCI4IPjuOIjbHsbdp8736NqJ6W11xs6uxSitZf%2B5oRT95DT1WrW7Sc7Le%2BFzoLkL4IpWIUwGChoX2j7SQEdwBzuLZ3V%2BPzMsUqdQyezdoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a749499b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/v1/locations
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

local-time-zone Show response
cryptoexchange.com/api/v1/
Redirect Chain

https://payment.bot/api/v1/local-time-zone
https://cryptoexchange.com/api/v1/local-time-zone

19 B
768 B

147ms
146ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/local-time-zone
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0e66752630c8b3461ef19761895616dfc5461e7949e8d730af61ab35ab928a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GL074sfYI%2F3tM9x7Q%2Fx%2F9qkyIK3on0ots0xhkLb5hhtrWxRt7bxTjK3fTfRpNFrnw%2F3EYzi%2BRt4bQ6lZRC17KhfxbEl%2BF1dK1n3aOyBLsPKFiRkIKkRJD4cEvYBNC47qZM5K58Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a93a479b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19

Redirect headers

Location: https://cryptoexchange.com/api/v1/local-time-zone
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

countries Show response
cryptoexchange.com/api/
Redirect Chain

https://payment.bot/api/countries?limit=2000
https://cryptoexchange.com/api/countries?limit=2000

11 KB
4 KB

151ms
150ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/countries?limit=2000
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ac1a5472d433bd417529cbad591f41341583aeb9c03685767a8e7ed13047e6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2cXD2diRmO%2FeByBX1BPs61L3exMz26wBv4xCHhxq4D10gwohzHIhNhfQuGg3tWb1%2F6TrljWtgmFtxVOubbEgUWcddCibMyYcTh84XLelUT76oy4L7ktNVibq9iv1dICAM7oiJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a93a509b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/countries?limit=2000
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

crypto_currencies Show response
cryptoexchange.com/api/v1/payment/
Redirect Chain

https://payment.bot/api/v1/payment/crypto_currencies
https://cryptoexchange.com/api/v1/payment/crypto_currencies

2 KB
1 KB

147ms
141ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/payment/crypto_currencies
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad385f331ae99e3632fb27b46bd22c945a92745661a7b26d9a9060d39916eea

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rj5x0Eoj2ALDq8HTk7uZzDj%2FIApcXQtUswKt84aOurmZxXZosuLvieSEHdKIFGv%2BIGzQTNFYBan6%2FgYGCaluqhzjY7kjr7TXgacbnpIGoZy%2F5jShb4ojSbO19%2Fj8RGZDorSgSc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a95a609b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/v1/payment/crypto_currencies
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

get-quotes Show response
cryptoexchange.com/api/v1/cryptocurrency/
Redirect Chain

https://payment.bot/api/v1/cryptocurrency/get-quotes
https://cryptoexchange.com/api/v1/cryptocurrency/get-quotes

1 KB
1 KB

4269ms
4268ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/cryptocurrency/get-quotes
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f5e0f0992db58dd5d7b9d9ae7c6cf74f3e671da995426e55c9cff89cc4567e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T18qRsiUoSw34AbY9QU98bNKBmnpvLLN5hjlNDIfTKO99vqPXQpcyLfVnlNFlX1h5w0Y3oH5aOWkgy034xXilAvyfcF8hHiG8HoLgZbAFqU9uyULW5GpBOpjoTdyzDY26z4xVmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a95a619b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/v1/cryptocurrency/get-quotes
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

cart Show response
cryptoexchange.com/api/checkout/
Redirect Chain

https://payment.bot/api/checkout/cart
https://cryptoexchange.com/api/checkout/cart

13 B
763 B

157ms
155ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/checkout/cart
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxtXPXzgm7rWMfKb%2BJhJi%2B5WHvfl99gr4aRSSIXrtXLSIivRs1HFEEm8ogFmU%2BXmNp60ZOU39kTZvJr1EHUazWRbPSr1N4CMr8G%2BXYCee84GkSF2PeGS4TF5jxqZNJbSQRt4f2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a94a559b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13

Redirect headers

Location: https://cryptoexchange.com/api/checkout/cart
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

categories Show response
cryptoexchange.com/api/
Redirect Chain

https://payment.bot/api/categories
https://cryptoexchange.com/api/categories

4 KB
2 KB

150ms
150ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/categories
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83e5d690a6a5128c2f7d3f7fa753a553b70c4f4c26742d579fc512255d30f162

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6j3gYU1cPVd9vo3Oky4dyr3MHUM0JpTeeczYnjOi1r09QG1UX93FmrZhfwRI%2B6r94gAO1VpJOIIx%2BNC%2BywhQoD3sgh9fIK5sVHNwX00Eg%2Fyowt2SD3hYSkT%2FL%2FzD5V1p4O9oyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212a93a4b9b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/categories
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

logo.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/logo.svg
https://cryptoexchange.com/images/icons/logo.svg

5 KB
3 KB

52ms
51ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01f71580c621a45b3b7637ca3e9b55bd6f8c579319b52d24783b41961f4ab4b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6493
etag: W/"66794d03-147d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAze09%2BXL1ou7MHsaMV9KMOVeQIH9EFyUSyoFLXRUZhxheiblEA1vUZID4LA%2Bzd%2FVrAA1aXe1rSjUGs1jVMNqfYqvkw7macjfkVss3m3v9OH%2BmlvY9BDIbMEObz97IhcGQhDO%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a659609b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/logo.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

logo-icon.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/logo-icon.svg
https://cryptoexchange.com/images/icons/logo-icon.svg

2 KB
0

0ms
0ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo-icon.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c950e59321fef9d11e76c127009355247ddc53fd4af9281ede42bda3d2a9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6523
etag: W/"66794d03-78b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4sxZTNLmXPwfwAWSrDvYsLKdyw8hWiMbo0UFvDa%2F%2ByM6Ik1qaKddrSVALYUU5Y1MoqeLYZKbqtRMB0EiJJnI4AmHq34Uu%2Bw1C4EGE1IAYZZkQjE1VX2xp891%2BL2RsjmT2sVOyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212979abf9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/logo-icon.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

hamburger.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/hamburger.svg
https://cryptoexchange.com/images/icons/hamburger.svg

760 B
816 B

53ms
53ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/hamburger.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9753ab4bd13ae2b2edec68a8ded2b40c44291e08599d1c7115554dc36b0894d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6199
etag: W/"66794d03-2f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anUe%2FvQbFjhwdjoIQToLZXw%2FHm%2FKS%2FSV4EX%2BrbQt0hMPjudls%2B%2FozuGuyDsQ6pPaaXNp%2FUc%2FfGFyaYf046EMfbjRT3K6VIpPtwTKY7zv4rsfr5B%2BEgd%2FAV4Nr40As2VS1jBelI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a6696c9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/hamburger.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

close.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/close.svg
https://cryptoexchange.com/images/icons/close.svg

660 B
788 B

57ms
57ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/close.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2f042e853fe9d5941d05107226f993d43a6101a9f3a087910c78629b097180

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FsYUxg4nVjVOfUNms4e%2FHFVyStw1b8IGrmnQfTy6OrZpk%2B5IZ3NPk6ZJMzBLdK0E0EZp%2BSonsQyTspO394hR9QipicJnBDWk2V95TVlhkT7mfs4IOu8bBhlI2N%2Fq2zZf8xm%2B1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a669729b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/close.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

exchange.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/exchange.svg
https://cryptoexchange.com/images/icons/exchange.svg

2 KB
1 KB

72ms
72ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/exchange.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7b99919dc791b349981b9f857cf78c472f37fb75f693179e39c47a96e69224

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99u4r49vfFAJdPsaveNsePyUaDSTWKnCIBnHH4rkZJgikYJO42ETw7vjh8lFy7URldPl4%2BdHcQoAg%2BJ8jXw%2FRzmFHBf6ONCD8%2FJTYWRcC0vuW4pY2DXaSHU4WcZEEqAiSjbwN0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a669749b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/exchange.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

marketplace.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/marketplace.svg
https://cryptoexchange.com/images/icons/marketplace.svg

2 KB
1 KB

51ms
51ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/marketplace.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe1dba7ef643a1a89a8a741cf9da9d0e64b3bcfce3cc7336f2d3afc3c8435d67

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6215
etag: W/"66794d03-827"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FiXsBilsqRyP6rVAj%2FCW2nQ0aQQZnjAd5voOtf9jpTlJC0l12gkJfVKXYgxnV606r000k0C%2FxUWu2T8xmlfZmr%2BItFS0hyXBAJ1nMdEFSor6bD%2BbrM9gEGrs5sfvUfVc7Q9vyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a6c9c99b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/marketplace.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

escrow.svg
cryptoexchange.com/images/icons/
Redirect Chain

https://payment.bot/images/icons/escrow.svg
https://cryptoexchange.com/images/icons/escrow.svg

5 KB
3 KB

69ms
69ms

Image
image/svg+xml

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/escrow.svg
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06d550d757db3a0676c4a6a432e300642b0209069fcca649d3e3691db1d0f29

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-1299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8zGhFeIIfzGo7LOF5FDUUtn1PZ5NbLP73hqHX9fbP5jkkMl1eARv4ERLC%2FlMInd2lg8fzMz17%2BvF3Wq8kzAhxad1V4m714uXr7JWsPvOmYo0BJdXJeLx1ybbsW%2BE77XVimK1o4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212a6c9ce9b52-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/images/icons/escrow.svg
Date: Thu, 27 Jun 2024 02:40:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3 200 logo-footer.svg
cryptoexchange.com/images/icons/ 5 KB
0 1ms
1ms Image
image/svg+xml 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo-footer.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d350522175d86b58a0cf2cbb5870a8cc398d800274269bfd93050b0c3ad6de0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-14e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgWbqu7NTmELiK4k5LDYc30%2B0p1ENoZg8M%2BwLae7aeQSJfdTj5VerydrUlgNph31ni06ujJK5DL2Ujv%2FleS5%2BnhkPN%2BfjfDbcR0%2FokeCZXDv2D%2BSzjXelmey4JMYDhs2%2FutJZvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212979abe9b52-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo-icon.svg
cryptoexchange.com/images/icons/ 2 KB
0 1ms
1ms Image
image/svg+xml 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/icons/logo-icon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c950e59321fef9d11e76c127009355247ddc53fd4af9281ede42bda3d2a9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6523
etag: W/"66794d03-78b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4sxZTNLmXPwfwAWSrDvYsLKdyw8hWiMbo0UFvDa%2F%2ByM6Ik1qaKddrSVALYUU5Y1MoqeLYZKbqtRMB0EiJJnI4AmHq34Uu%2Bw1C4EGE1IAYZZkQjE1VX2xp891%2BL2RsjmT2sVOyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212979abf9b52-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 locations
cryptoexchange.com/api/v1/ Frame 0
0 123ms
122ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/locations
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a688eb9b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5C279iDMgcgACNgRO%2FcUDfeX4MV3r6N1XBs4lnk2JCHA78ySEAkCgArJMToU4FwwjSu%2BV2LfaEYmTKbCFLajo7FWIiWSrHmHbMqDX6HScZfLh5%2FTLmh8yLiy7LG8tlmqFlVcJ9M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 60ms
59ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WHHQQXVJEJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227583592-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7e04531082e002a93949d2fd2059f039416fa4ed95b6b9c8541ad5c71d4ae7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 02:40:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 198ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227583592-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 01:41:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3569
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jun 2024 03:41:02 GMT

OPTIONS
H3 204 local-time-zone
cryptoexchange.com/api/v1/ Frame 0
0 139ms
138ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/local-time-zone
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a859c69b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1p21usgUi0rCTnx4cJ871xNxqMWKw7FHrRyqvZrmADgYerWgBcwNbECpgcqbR9b%2BiRPhgA%2BksB0%2F1j33NAnH5Km3NoBXe9XIeirglZjAuXyeZw8kKMbnbCWVX1Mu%2FoWS4n8qS78%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 countries
cryptoexchange.com/api/ Frame 0
0 129ms
126ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/countries?limit=2000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a869d79b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlRNyy29dylP2vyt5QE1Q3hruIotmXsHFPh8CuuOTAPFApX%2Fgi16HAo8YvYrSv0KQxJhtR93ytzezNrqus1dHylDNYV5jYEaqjV3uG%2BMVbYHrpv%2Bc25S%2Bg4ufABVjOLOUQK%2BEN8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 crypto_currencies
cryptoexchange.com/api/v1/payment/ Frame 0
0 137ms
135ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/payment/crypto_currencies
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a869d99b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HvR48nfOQAehAF1uCF04DAB%2FDVqbeWCH%2BKmgkzhk8zGgkvaBSCEBeyNOnfGuZcFjlRR9yStac7E9Ign6oxUQPjQ6vO1MmHCBx0XLxj6%2FSPcC440OYR5tMaVj71I6bktdxuOazEA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 get-quotes
cryptoexchange.com/api/v1/cryptocurrency/ Frame 0
0 145ms
143ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/cryptocurrency/get-quotes
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a869da9b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=budRrhO3IG05KNjGIs1lpC6bVJfWA3oOhy7xl3BsXbNSxMxp6bAhSef4H957Q0AwiFoPM%2BMA7WO3L2AL6x2qHuj0c8kBMT8f%2FA0snE8MhAcVWmn4PfbnZgrdBFPJ12JJMGm7HZo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 cart
cryptoexchange.com/api/checkout/ Frame 0
0 131ms
129ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/checkout/cart
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a869dc9b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FwrE5da1fH7g%2BHwfuOYAYHRa1qR05O823GusF4hEkWJ8MmXB3WDzyB6%2BtoVPZY%2BJvf7LrT1UA60TPdtQPEzh5THHn8ImnlJ5RmWXuo2qckE1VFaWLAUSAuVNhVeWK5Gs6AJc0U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 categories
cryptoexchange.com/api/ Frame 0
0 125ms
123ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/categories
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212a869dd9b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ckedNdI0SQr4u7%2Fi8OdfD8PArCRGmblWP4oGvSLQTv1hh6Olr8GVfrsiK5IVF3XpwSan9N5GD1Lcf498IqteotKbG84shbK2kEk2XSJ%2BSU0jZ5ZYsnNAVdR15B2Hjd0uVCqT%2F0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3

200

3111 Show response
cryptoexchange.com/api/v1/products/domain/
Redirect Chain

https://payment.bot/api/v1/products/domain/3111
https://cryptoexchange.com/api/v1/products/domain/3111

875 B
1 KB

172ms
171ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/products/domain/3111
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6daf699a3164bbd611537fe8d22bf4b5a1577df6ba67e4a3cd75b8e77711794d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFwmDuxd63YWe4erQnh8wqNRsBev1yu%2BpXMp8M%2F5WR1g0fSpkzbrIlkioitBcrfAJOgt24SJTEoLlv7UWglAxiXM7ieOHycbodTVnv3sL461Ww6Vc2pXqBG1o080OLVRzbK48fU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212ab1b439b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/v1/products/domain/3111
Date: Thu, 27 Jun 2024 02:40:32 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3

200

whois Show response
cryptoexchange.com/api/v1/
Redirect Chain

https://payment.bot/api/v1/whois?domain=payment.bot
https://cryptoexchange.com/api/v1/whois?domain=payment.bot

3 KB
2 KB

166ms
165ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/whois?domain=payment.bot
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44587d94cecf3844fb89f0fc8095e4f20238c7843bd4435b202d69a098e071e9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98R1viOGK4KpmRJkGIzgBUVlyNPc7gCtJLL%2BmdjSj8NsJ16mmZzIxrQ%2BIRZ72ChddEutUc8Q%2Fzh7SGLzNFgWl8vxFEno%2B7GiOe1ZyEgVySBjudZJluZHgKyBx3qrCvgkKgdPouw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212ab1b459b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cryptoexchange.com/api/v1/whois?domain=payment.bot
Date: Thu, 27 Jun 2024 02:40:32 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 50ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=806780278&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.bot%2F&ul=de-de&de=UTF-8&dt=Buy%20payment.bot%20with%20Bitcoin%20in%20our%20Cryptocurrency%20Marketplace.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1062878662&gjid=50325787&cid=531329316.1719456031&tid=UA-227583592-1&_gid=1712209857.1719456032&_r=1&gtm=457e46q0z8882593428za200zb882593428&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1970022928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 02:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 3111
cryptoexchange.com/api/v1/products/domain/ Frame 0
0 117ms
116ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/products/domain/3111
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212aa5ae59b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRRZAJjmKoYH5ajes7rj0khfAOHcielJDp874tFTXeFcUeL6y4bqnXWYBLhJE5nn4%2FNbPyjH1uzHa5eUMSTkkdWE0xco%2BXNym4q3D1jCCJ%2FVbLUczE%2Fkap0Y86nOLFfGHj1nNPc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 204 whois
cryptoexchange.com/api/v1/ Frame 0
0 122ms
121ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/whois?domain=payment.bot
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212aa5ae69b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAfMJrUru5q6I2ZKROtdld%2B1Celb8HeYS5fmBLJA%2FgfzV9oo%2FM2GSHaoiMmx5t1UwBPt4tzN9Wipl9Jexn%2F2OCC%2BoirQegKY7SGh%2BTGJy6j8CDo%2F4OoBKfGhKV6pBNfk5Ldu%2Bl0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 58ms
57ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WHHQQXVJEJ&gtm=45je46q0v9133896276za200&_p=1719456031306&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=531329316.1719456031&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719456032&sct=1&seg=0&dl=https%3A%2F%2Fpayment.bot%2F&dt=Buy%20payment.bot%20with%20Bitcoin%20in%20our%20Cryptocurrency%20Marketplace.&en=page_view&_fv=1&_ss=1&tfd=4860&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHHQQXVJEJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 02:40:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

exchange-rates Show response
cryptoexchange.com/api/v1/
Redirect Chain

https://payment.bot/api/v1/exchange-rates?from_currency=USD&to_currency=BTC
https://cryptoexchange.com/api/v1/exchange-rates?from_currency=USD&to_currency=BTC

24 B
777 B

149ms
149ms

XHR
application/json

172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/exchange-rates?from_currency=USD&to_currency=BTC
Protocol: H3
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f44d8a067c9ee14e6e0ed751d5ba0b68efee4e138bc80fa8ac5a9031d09f1f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://payment.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAz6Z45ph8JDI%2FMvYbMzriT4IjPK2LEDDy45k%2Fbn9%2BX7P%2F02r5nXyd2XlML4PZFVlWvz1fuDkDqzmrL07QHOLM4a8EqI6Tshv8sR64BtAcFB%2B0qfMyMcTrQOR9DI3vAX727Ee8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 89a212ac9c289b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24

Redirect headers

Location: https://cryptoexchange.com/api/v1/exchange-rates?from_currency=USD&to_currency=BTC
Date: Thu, 27 Jun 2024 02:40:32 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3 200 favicon.ico
cryptoexchange.com/images/favicons/ 15 KB
4 KB 82ms
71ms Other
image/x-icon 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/images/favicons/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45c5ef5b59bf7c8626285ac63aa44ec2fd43eb56975248055d26580f4254db0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-3aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPbijajjTrszklkV7grghzkt9%2B8NUVb4Zz2MJVW4AdlSUamH4Z1oWJGZoIaR4CD%2BjS2BFh3tWm9Ygk%2FmnAzSfiCDG4aqc6y%2FIgRqdhlVAR7qJT6YKiUA8ehg7JUAFpqU%2FJUern0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 89a212ab0ee59b52-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 exchange-rates
cryptoexchange.com/api/v1/ Frame 0
0 158ms
158ms Preflight
text/html 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoexchange.com/api/v1/exchange-rates?from_currency=USD&to_currency=BTC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://payment.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a212ab9b7d9b98-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 02:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVvMTViTpydD%2F%2BD%2FZLSyakWK%2FE5XXm0UDuDOudulufgyaSfnOZV5E1IZau7dxTi%2F84LLrkyxpNqM%2B2u%2FB0XHWcAC%2BbRnq00KMjmFdr%2FBrvynKg9KQO4k4HQRd62a5UihKI5tXyk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 Angle-Right.svg
cryptoexchange.com/images/ui/ 620 B
826 B 72ms
72ms Image
image/svg+xml 172.67.169.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoexchange.com/images/ui/Angle-Right.svg
Requested by: Host: cryptoexchange.com
URL: https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04121d2fcf632b50335cb0b41fc0c5ea758d13b4ce798e846fc81fde3363142b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cryptoexchange.com/css/ui.css?id=9b73c9a3c973e4951160b74d94a8eb2f
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:40:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 10:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66794d03-26c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6eZhHSDZ55BtJiBCk%2BnpbHgxbeXsC4%2BuIAoQObUrXo3xFuxu6qHCJ3PJ9E5uOfM7JADOQulQuY79%2Fi6BE6BLtW4XrcgesHT8iD8NTI02%2BDvnM2iWIW99zwFYjO2hDGIgbTotGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89a212c41b669b52-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 216.239.34.36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V2EY9CR327&gtm=45je46q0v882593428za200&_p=1719456031306&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=531329316.1719456031&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719456031&sct=1&seg=0&dl=https%3A%2F%2Fpayment.bot%2F&dt=Buy%20payment.bot%20with%20Bitcoin%20in%20our%20Cryptocurrency%20Marketplace.&en=scroll&epn.percent_scrolled=90&_et=255&tfd=9246&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V2EY9CR327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 02:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff2

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff2

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff2

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff

Domain: cryptoexchange.com
URL: https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.bot/	1970-01-20 21:37:43	Name: XSRF-TOKEN Value: eyJpdiI6ImJLOEltd2pNZjJESXQ0VExpZDQvRlE9PSIsInZhbHVlIjoidWFnVGw3MUtNQk5INkFzNnNGU1l3aHlqWFNLQ1doMjhRQ1h1STdqU25qOENnaTdlUTY0NVVIN1lEQzRnRExoeHNVa09BcGE4ZXUxai9tbzhoTUxnNXpaSWhjRjJmTW04SjA1RmFuaElma1ByVmZrRWhzZHkxdEcvZWFGdU5aRVYiLCJtYWMiOiI5OGVlNDlmNjhkYTdiN2YwNGU3ZWQyYzY1M2ZjNTBlYmM1YzQ3MTBkZjM4ZjQ0ODA2YTljMTcwYTQyMDViOTc0IiwidGFnIjoiIn0%3D
payment.bot/	1970-01-20 21:37:43	Name: crypto_exchange_session Value: eyJpdiI6ImdEVjJNUDU0UkE0YjBvcjdaUVhDYUE9PSIsInZhbHVlIjoiR1pEK25LemlIWWYxWWtKK1FhRWM0akcva2JKazAzRFo3UGZVWkxXUkhkNHE5RzRGanRsSHcyTkg0VlV4aFROT1BSZjg0YktjNXlGcVdlUnUzeGFXSVRmd3ZJR0c1K2dmbnFPSWFwMWFucjNFSmxlOVVnQlNvSjl4dnlmMzhMUDAiLCJtYWMiOiI0MTRjYmE4ZmIyMWE1ZTVhMjc0YTNiNTJlMTBjYjBiNzhjYmFlZDQ1OWI0NGQ2MjBiODYyN2E0Nzg1ZWM5ZmQ0IiwidGFnIjoiIn0%3D
.payment.bot/	1970-01-21 07:13:36	Name: _ga_V2EY9CR327 Value: GS1.1.1719456031.1.0.1719456031.0.0.0
.payment.bot/	1970-01-20 21:39:02	Name: _gid Value: GA1.2.1712209857.1719456032
.payment.bot/	1970-01-20 21:37:36	Name: _gat_gtag_UA_227583592_1 Value: 1
.payment.bot/	1970-01-21 07:13:36	Name: _ga_WHHQQXVJEJ Value: GS1.1.1719456032.1.0.1719456032.0.0.0
.payment.bot/	1970-01-21 07:13:36	Name: _ga Value: GA1.1.531329316.1719456031

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://payment.bot/ Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff2' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://payment.bot/ Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff2' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://payment.bot/ Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff2' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://payment.bot/(Line 82) Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://payment.bot/ Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://payment.bot/ Message: Access to font at 'https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff' from origin 'https://payment.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cryptoexchange.com/fonts/dmsans/dmsans-medium-webfont.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://payment.bot/js/app.js?id=d5c9a34950e8b8112e3ef2c186fce95b(Line 1) Message: WebSocket connection to 'wss://payment.bot/app/marketplace?protocol=7&client=js&version=7.6.0&flash=false' failed: Error during WebSocket handshake: Unexpected response code: 302
network	error	URL: https://payment.bot/(Line 326) Message: WebSocket connection to 'wss://payment.bot/ws' failed: Error during WebSocket handshake: Unexpected response code: 302

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cryptoexchange.com
fonts.googleapis.com
payment.bot
region1.google-analytics.com
snippets.freshchat.com
wchat.freshchat.com
www.google-analytics.com
www.googletagmanager.com
cryptoexchange.com
142.250.181.232
172.67.169.16
2001:4860:4802:34::36
216.239.34.36
2a00:1450:4001:80f::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
34.205.132.152
52.2.52.75
52.222.214.105
78.47.167.29
04121d2fcf632b50335cb0b41fc0c5ea758d13b4ce798e846fc81fde3363142b
0c4a2a1fed02fea3b6693fba837f9f0ae89eaf34d4c984f48adeefcca2054034
0c80ea51a1026831f9edea96201af0c058527f93f062bd84cd446f56efeecbe9
0d350522175d86b58a0cf2cbb5870a8cc398d800274269bfd93050b0c3ad6de0
13c7392194997d353d43c985149daf0639218bb527855209c063accdd46bf387
1f9f7e9d87f22d640b7845d080fb46eb3dc29e4391518a6db279a472347970a2
2174cf52b3a4c0af9ea1b65c32351980b14ecdd96fe1f79ce7db28d49efaa350
24f5e0f0992db58dd5d7b9d9ae7c6cf74f3e671da995426e55c9cff89cc4567e
2534bf0428f69072cd88b0c397a77cbc568bdf59fca2fcb9f2688987599326b6
3283714d63ecf2eb688948a496ffb27dd888967feda893990d112987c0c0d086
3c74dd57ff6600a48ebb8f3299e6838dd692067f833507cc92a28405e0df61ce
40502b8056640c94f56672edd499b752427cfc8683a0f1b5d97090abd88d6815
44587d94cecf3844fb89f0fc8095e4f20238c7843bd4435b202d69a098e071e9
5458a9f21259f3a858100f2af976908632b9583ff4f3a2add050063f91ac861f
59f1c81e53634a26654f8dfef46b17dd69989b9af13eba1c1a8324827b48e894
5f44d8a067c9ee14e6e0ed751d5ba0b68efee4e138bc80fa8ac5a9031d09f1f9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6daf699a3164bbd611537fe8d22bf4b5a1577df6ba67e4a3cd75b8e77711794d
79ac1a5472d433bd417529cbad591f41341583aeb9c03685767a8e7ed13047e6
7e04531082e002a93949d2fd2059f039416fa4ed95b6b9c8541ad5c71d4ae7eb
83e5d690a6a5128c2f7d3f7fa753a553b70c4f4c26742d579fc512255d30f162
85dfdc1d4390ec68195cd3f9aa69cb588ac46d275bd0c8443055c09deb7445ba
8a1f526f68e69a3904c16cc5aaf04a585e759772e31e096ad1d65c724c0df4b3
8d0e66752630c8b3461ef19761895616dfc5461e7949e8d730af61ab35ab928a
9cd769048875c0e8e45cacfce524893ef95a9f1f845d0c5998723574f821dee8
a2d1278b0d76000e797e065a55682632449375fa31d71ab27d051dff25366a55
a45c5ef5b59bf7c8626285ac63aa44ec2fd43eb56975248055d26580f4254db0
b06d550d757db3a0676c4a6a432e300642b0209069fcca649d3e3691db1d0f29
b125efbed0ac400d0013c2793b33bdd6b38548450e946fb159a79e2631d01f46
b6a4ae8743910b7887cedf5346c4c51bbe54d58a1c4926a055b8efa07995d3a9
b73d91afe287bcc00070b7d73572205996523b959cb580b057b2a2a68b91af67
b904ee4bdfe245a54bc2e99b3b1e37d54aa22a4772cbe7b86d9ab6e25da31153
b9753ab4bd13ae2b2edec68a8ded2b40c44291e08599d1c7115554dc36b0894d
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
ca9c950e59321fef9d11e76c127009355247ddc53fd4af9281ede42bda3d2a9b
d826d759b244e6bc858097b752c065b042561eedbdf3e13fc630cf359df79c44
dad385f331ae99e3632fb27b46bd22c945a92745661a7b26d9a9060d39916eea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01f71580c621a45b3b7637ca3e9b55bd6f8c579319b52d24783b41961f4ab4b
f83b07ca6e86bd84950e4c80531d8dfb4faf883fc10ff083baff037495b97759
f99257e7df95ded39df1cd1217d02ef83208946841409cafc037dda7b53fef7a
fa55dee38d87591f0eeab85317c00891950206f4b97b624b5137961ba130b411
fc2f042e853fe9d5941d05107226f993d43a6101a9f3a087910c78629b097180
fc7b99919dc791b349981b9f857cf78c472f37fb75f693179e39c47a96e69224
fe1dba7ef643a1a89a8a741cf9da9d0e64b3bcfce3cc7336f2d3afc3c8435d67

payment.bot Open in urlscan Pro 78.47.167.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

45 %HTTPS

36 %IPv6

6 Domains

8 Subdomains

12 IPs

2 Countries

5610 kBTransfer

14011 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payment.bot Open in urlscan Pro
78.47.167.29 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

45 %
HTTPS

36 %
IPv6

6
Domains

8
Subdomains

12
IPs

2
Countries

5610 kB
Transfer

14011 kB
Size

7
Cookies

67 HTTP transactions
1 data transactions