playwallet.bot Open in urlscan Pro
78.47.146.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://playwallet.bot/
Submission: On February 23 via automatic, source certstream-suspicious (February 23rd 2024, 4:38:47 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 78.47.146.145, located in Essen, Germany and belongs to HETZNER-AS, DE. The main domain is playwallet.bot.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.

This is the only time playwallet.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	78.47.146.145 78.47.146.145	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
10	2

9 78.47.146.145 (Essen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.146.47.78.clients.your-server.de

playwallet.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.dev.pwbackend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pwbackend.com api.dev.pwbackend.com	1 KB
4	playwallet.bot playwallet.bot	592 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 10555	14 KB
10	3

	Domain	Requested by
5	api.dev.pwbackend.com	playwallet.bot
4	playwallet.bot	playwallet.bot
1	telegram.org	playwallet.bot
10	3

This site contains no links.

Subject Issuer	Validity	Valid
playwallet.bot R3	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh
api.dev.pwbackend.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://playwallet.bot/
Frame ID: C7547C2984F529564AD26337307CD338
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Wallet

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

607 kB
Transfer

2184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
playwallet.bot/ 802 B
979 B 47ms
11ms Document
text/html 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://playwallet.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

a13a90b1b17ff555f38bd27d9ce9ef3b7f6d1fdad59513bdf0a2c7b2f3d52229

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 802
content-type: text/html
date: Fri, 23 Feb 2024 16:38:41 GMT
etag: "65d8c548-322"
last-modified: Fri, 23 Feb 2024 16:18:16 GMT
server: nginx
strict-transport-security: max-age=15724800; includeSubdomains

GET
H2 200 telegram-web-app.js Show response
telegram.org/js/ 56 KB
14 KB 91ms
29ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web-app.js

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

51e3d351b0b31ef56545d49b04bf3ef0c7521cd567fd5c088f8affd0da0e323b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 16:38:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 16:09:40 GMT
server: nginx/1.18.0
etag: W/"65490fc4-de5f"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 27 Feb 2024 16:38:41 GMT

GET
H2 200 main.4f20d68f.js Show response
playwallet.bot/static/js/ 2 MB
584 KB 35ms
35ms Script
application/javascript 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://playwallet.bot/static/js/main.4f20d68f.js

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

97eef92c4efa96ef360247eb64e87de35ec85d6f17ac69de24e6d6b609479213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 16:38:41 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Fri, 23 Feb 2024 16:18:16 GMT
server: nginx
etag: W/"65d8c548-20b6f4"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main.d0d5c829.css
playwallet.bot/static/css/ 33 KB
6 KB 14ms
14ms Stylesheet
text/css 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://playwallet.bot/static/css/main.d0d5c829.css

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

aed5cac2b6bb19e6a3574bdfe3c89531d2c8761a6f5732125d2e6f73ccd72179

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 16:38:41 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Fri, 23 Feb 2024 16:18:16 GMT
server: nginx
etag: W/"65d8c548-82ea"
vary: Accept-Encoding
content-type: text/css

OPTIONS
H2 200 usernames
api.dev.pwbackend.com/ 0
0 89ms
17ms Preflight
text/plain 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dev.pwbackend.com/usernames

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://playwallet.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://playwallet.bot
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 23 Feb 2024 16:38:42 GMT
server: nginx
strict-transport-security: max-age=15724800; includeSubdomains
vary: Origin

GET
H2 401 usernames Show response
api.dev.pwbackend.com/ 25 B
191 B 13ms
12ms Fetch
application/json 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dev.pwbackend.com/usernames

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/static/js/main.4f20d68f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

8f399debe52f271e56918a3ef03cd90d60776f7c972e6807b1ef2a7437c1040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://playwallet.bot/
accept-language: de-DE,de;q=0.9
Authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 23 Feb 2024 16:38:42 GMT
strict-transport-security: max-age=15724800; includeSubdomains
access-control-allow-credentials: true
server: nginx
content-length: 25
content-type: application/json

GET
H2 200 fees Show response
api.dev.pwbackend.com/ 19 B
181 B 107ms
35ms Fetch
application/json 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dev.pwbackend.com/fees

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/static/js/main.4f20d68f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

f962a6278ac76aaa73fc6dd8cc5ee994753bcad100ba9d4a8a554b93bd68803c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Feb 2024 16:38:42 GMT
strict-transport-security: max-age=15724800; includeSubdomains
access-control-allow-credentials: true
server: nginx
content-length: 19
content-type: application/json

GET
H2 200 currency Show response
api.dev.pwbackend.com/ 693 B
856 B 90ms
18ms Fetch
application/json 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dev.pwbackend.com/currency

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/static/js/main.4f20d68f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

fcb1c85b0b3600b80d95cefe2930fd737a806eff761987672fa7857342c7741d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Feb 2024 16:38:42 GMT
strict-transport-security: max-age=15724800; includeSubdomains
access-control-allow-credentials: true
server: nginx
content-length: 693
content-type: application/json

GET
H2 200 rates Show response
api.dev.pwbackend.com/ 17 B
179 B 108ms
36ms Fetch
application/json 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dev.pwbackend.com/rates

Requested by

Host: playwallet.bot
URL: https://playwallet.bot/static/js/main.4f20d68f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

51f3253d9f5517325ccb5a356427a19cc93b6b220ec06cb3f8d42aabc73ed113

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Feb 2024 16:38:42 GMT
strict-transport-security: max-age=15724800; includeSubdomains
access-control-allow-credentials: true
server: nginx
content-length: 17
content-type: application/json

GET
H2 200 binance-icon.618bd01622a199c10865997cb1eb1f5c.svg
playwallet.bot/static/media/ 629 B
809 B 11ms
10ms Image
image/svg+xml 78.47.146.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playwallet.bot/static/media/binance-icon.618bd01622a199c10865997cb1eb1f5c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.47.146.145 Essen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.145.146.47.78.clients.your-server.de

Software

nginx /

Resource Hash

7cc2a2282b5cf5ec8e4c8746dd6d7454deb620f914be7f3e83cbecd19a1a0fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playwallet.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 16:38:42 GMT
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Fri, 23 Feb 2024 16:18:16 GMT
server: nginx
etag: "65d8c548-275"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 629

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy object| __localeData__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.dev.pwbackend.com/usernames Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.dev.pwbackend.com
playwallet.bot
telegram.org
2001:67c:4e8:f004::9
78.47.146.145
51e3d351b0b31ef56545d49b04bf3ef0c7521cd567fd5c088f8affd0da0e323b
51f3253d9f5517325ccb5a356427a19cc93b6b220ec06cb3f8d42aabc73ed113
7cc2a2282b5cf5ec8e4c8746dd6d7454deb620f914be7f3e83cbecd19a1a0fcc
8f399debe52f271e56918a3ef03cd90d60776f7c972e6807b1ef2a7437c1040c
97eef92c4efa96ef360247eb64e87de35ec85d6f17ac69de24e6d6b609479213
a13a90b1b17ff555f38bd27d9ce9ef3b7f6d1fdad59513bdf0a2c7b2f3d52229
aed5cac2b6bb19e6a3574bdfe3c89531d2c8761a6f5732125d2e6f73ccd72179
f962a6278ac76aaa73fc6dd8cc5ee994753bcad100ba9d4a8a554b93bd68803c
fcb1c85b0b3600b80d95cefe2930fd737a806eff761987672fa7857342c7741d

playwallet.bot Open in urlscan Pro 78.47.146.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

607 kBTransfer

2184 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

playwallet.bot Open in urlscan Pro
78.47.146.145 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

607 kB
Transfer

2184 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions