urlscan.io logo urlscan.io
SecurityTrails logo

melodic-executioners.paynow.store Open in urlscan Pro
172.67.71.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://melodic-executioners.paynow.store/
Effective URL: https://melodic-executioners.paynow.store/
Submission: On October 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 172.67.71.178, located in United States and belongs to CLOUDFLARENET, US. The main domain is melodic-executioners.paynow.store.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.
This is the only time melodic-executioners.paynow.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 172.67.71.178 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.105 16509 (AMAZON-02)
1 104.18.2.36 13335 (CLOUDFLAR...)
5 172.67.139.119 13335 (CLOUDFLAR...)
1 2a01:4f8:c17:... 24940 (HETZNER-AS)
16 9
5    172.67.71.178 (United States)

ASN13335 (CLOUDFLARENET, US)
melodic-executioners.paynow.store
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2606:4700:10::6816:1590 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
js.stripe.com
1    104.18.2.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
5    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a01:4f8:c17:5b::2 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.fabito.net
Apex Domain
Subdomains		 Transfer
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1955
ka-f.fontawesome.com — Cisco Umbrella Rank: 5838
189 KB
5 paynow.store
melodic-executioners.paynow.store
11 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 30555
110 KB
1 fabito.net
cdn.fabito.net
672 KB
1 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 14543
23 KB
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
161 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
0 paynow.gg Failed
templates-cdn.paynow.gg Failed
16 8
Domain Requested by
5 ka-f.fontawesome.com kit.fontawesome.com
melodic-executioners.paynow.store
5 melodic-executioners.paynow.store 1 redirects melodic-executioners.paynow.store
2 cdn.tailwindcss.com 1 redirects melodic-executioners.paynow.store
1 cdn.fabito.net melodic-executioners.paynow.store
1 imagedelivery.net melodic-executioners.paynow.store
1 js.stripe.com melodic-executioners.paynow.store
1 fonts.googleapis.com melodic-executioners.paynow.store
1 kit.fontawesome.com melodic-executioners.paynow.store
0 templates-cdn.paynow.gg Failed melodic-executioners.paynow.store
16 9

This site contains no links.

Subject Issuer Validity Valid
paynow.store
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
imagedelivery.net
E5		 2024-09-16 -
2024-12-15		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-08-29 -
2024-11-27		 3 months crt.sh
cdn.fabito.net
Encryption Everywhere DV TLS CA - G2		 2023-12-22 -
2024-12-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://melodic-executioners.paynow.store/
Frame ID: AFDC63F3C860F8D12348CB6C7940F1E0
Requests: 14 HTTP requests in this frame

Frame: https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: C0C5118042B944ED930E552B14EB319F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Melodic Executioners

Page URL History Show full URLs

  1. http://melodic-executioners.paynow.store/ HTTP 307
    https://melodic-executioners.paynow.store/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

16
Requests

81 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1167 kB
Transfer

2038 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://melodic-executioners.paynow.store/ HTTP 307
    https://melodic-executioners.paynow.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.5
Request Chain 12
  • https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
melodic-executioners.paynow.store/
Redirect Chain
  • http://melodic-executioners.paynow.store/
  • https://melodic-executioners.paynow.store/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://melodic-executioners.paynow.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5dfdb5bee4f0c5f85dae4e718c3915342c747c9006da9e0f763426d189b7161

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-placement
local-
cf-ray
8d126a1a3b92dbdf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 11 Oct 2024 22:51:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wtm%2B5yDtxQKfmBmorjahkKLqtwNEFKTAmJaN678ekg2pV3QqANSTuLGCHk9pdGlCb2y7AUhmbjOoA7ycEEs1s4PmYObSrVNR5gNE0ISpp6FgCdBqMHkQsp%2F%2FAs2MRzYpW7m8mb6k7qQRqzYNg1pSYyByUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trace-id
71eb8c7932528f374a042bda8761a695
vary
Accept-Encoding

Redirect headers

Location
https://melodic-executioners.paynow.store/
Non-Authoritative-Reason
HttpsUpgrades
9f19093a36.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9f19093a36.js
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62be4dc75d72141fb16dee8ca41408649df5f16d459ecf0edf5b076cf921f6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://melodic-executioners.paynow.store
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
x-request-id
F_2Hvk6hxiJOntZolD8h
cache-control
max-age=60, public, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
cf-ray
8d126a1ef8eddc6c-FRA
access-control-allow-origin
*
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/javascript
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
3.4.5
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.5
358 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.5
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H2
Server
2606:4700:10::6816:1590 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

server
cloudflare
strict-transport-security
max-age=63072000
cache-control
max-age=31536000
content-encoding
br
x-vercel-cache
MISS
cf-cache-status
HIT
age
7629411
cf-ray
8d126a1f385971dc-FRA
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/javascript
last-modified
Mon, 15 Jul 2024 15:34:05 GMT
vary
Accept-Encoding
x-vercel-id
cle1::iad1::rxrqj-1721057644624-6d3492af5914

Redirect headers

strict-transport-security
max-age=63072000
cache-control
max-age=14400
location
/3.4.5
x-vercel-cache
MISS
cf-cache-status
HIT
age
44
cf-ray
8d126a1ee82571dc-FRA
content-length
0
date
Fri, 11 Oct 2024 22:51:23 GMT
vary
Accept-Encoding
server
cloudflare
x-vercel-id
cle1::iad1::889b8-1728686851226-5ea36de35e50
gifting.js
templates-cdn.paynow.gg/templates/214207081106907136/ 		0
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 22:51:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 21:31:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
js.stripe.com/v3/ 		665 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
850821670b45edbf26c1386459c2ba7d1cd49c7e9f6998c7af02f4306e2b6053
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

content-encoding
br
etag
W/"397453099d40da54fcd3319b7aa9f1ee"
age
20
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ebmQMeTUO3dxoVjYN91EC7SdP6sl-t8dHNSUw2cVBNTalytCpON7WQ==
date
Fri, 11 Oct 2024 22:51:04 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 21:34:49 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
server
Cloudfront
public
imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/216f72bb-7323-4c94-1c32-434f67be8600/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/216f72bb-7323-4c94-1c32-434f67be8600/public
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02859a204bfc304be6c55e6025427db023cebf4563789386871336fae86dfa12
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

cf-cache-status
MISS
etag
"cfMzNB_EqqSnWmcZdNqZBBkgf0fb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:51:24 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=650+477 c=2+390 v=2024.10.0 l=23330 f=false
cf-ray
8d126a1ebae762b6-HAM
accept-ranges
bytes
access-control-allow-origin
*
content-length
23330
server
cloudflare
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"4ca760f49cd8a14911c81e6c14328874"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hB5Dit2n531WTHdLFMz44kn0QNlVPeDaAodHkzXF5kB%2B4I8itx9OFdmAXwDA8xDfQ8bauxlWm22W%2B4Ql99SBv6Oi4MAkqRIozmXSRgTeXY0TF3wLGXrjtONjb%2BBOQeAyzlZH%2FVXDWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
2OdXPGAFNc1etazfnQy3HRnZZucO1vU5kHe248WFGLQiyaO8eIpB8g==
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
cf-ray
8d126a2038bcd9db-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oy3d6vZLnQ%2Fv77hL7v%2FVYXZJaE8CkTAd0Zyqvbb9LFaDHVcpsY9t2g8LiSOsM7Jqz4uqUIyC%2BIZf6RVOfp%2FjtLsV%2BPYrvuS7KH98sfUbRnhWLKKcgqRO7mLRSgObvEkWOS50%2FxudRg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RXheoIqXUB9gsoXrRXr4JWerb7dkarfHgy5brJLHJn41pY-owK-kkA==
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
cf-ray
8d126a2038c0d9db-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
1011 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
content-encoding
zstd
cf-cache-status
MISS
etag
W/"8972ae5004bc634ffa6641be3960e78a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOTqbcqpHsXweg%2F89BSrr0LEngNB2G1t5aS4AJunfiJdXMuT%2B9WwHa%2FGsyCIJ4uMZb9fY1%2FJw9ZkzemDlh8arLEOntyLu3jwh00y4dDAL0NjfE7HwjU8j4RaKfIjSdNi%2FdECHu65VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ErDNOJWxsC-l2P_zMv8sV0vJhUDfplAN19uEEMg9Ygbg02pyknMXVw==
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
cf-ray
8d126a2048c7d9db-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxyzpF8OSnkArFU54Thlhj2VlYoy3ANa1mzQmwRKvWgevDocPx%2F8Oe6dgOyX5jJ91x2R0uLFAmT3WDQ2Ov7nMl0WIWnMK58wDCOlduniC9udQmD2kCOgCM1cM%2FQGqW342Yf4x1QMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
qGCBxwyYDD0UkUla9MJUmrZOAuwLB_PyydmSWXJxPiLZkYkI5AS3jQ==
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cf-ray
8d126a2038bed9db-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
background.webp
cdn.fabito.net/outpost-webstore/ 		672 KB
672 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fabito.net/outpost-webstore/background.webp
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:c17:5b::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

accept-ranges
bytes
content-length
687724
date
Fri, 11 Oct 2024 22:51:23 GMT
last-modified
Fri, 22 Dec 2023 04:20:59 GMT
content-type
image/webp
server
Apache
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 		154 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://melodic-executioners.paynow.store
Referer
https://melodic-executioners.paynow.store/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"76cf3ff0dbd23dd4504e2089f0df4acb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfmrOdU69RfxeIDNsYV0CXm1c5PClQNwNihbdjmIMarfNwnTSboVmM6qMLQy%2F%2B8B7p2Rqq%2FLxYGAzfolKEjJYCKDGDXmSASQzSjHQ735hgm3lG595l4rljT80%2F%2Fj0vVKrsmNqXAj%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zj--5-13nXwrVisWwsY4TNuvaC5VFTmSklhuGDhmL1V-8kVQQc9zIQ==
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:08 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
cf-ray
8d126a219aabd9db-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
157192
x-amz-cf-pop
AMS1-P2
server
cloudflare
x-amz-server-side-encryption
AES256
main.js
melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame C0C5
Redirect Chain
  • https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol
H3
Server
172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab57c17401db5788c76e2803999747ee040bc438cd2cd226ba355f7537f5e23a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8JweD31v3nk1PzYc1dMSp1%2FXG%2F5PvMN2OW7oCu1RMUw0dvoocCwIGDFKFlU62HiwwZ1UNkXJtYvKHCDoJ85Lpyoj4wDxqM12VikrdVHsw6p5i9%2B%2Fk3OonpHaoDcrg%2BxFk7zbxs6gQ%2FrXZzniUpgmqOenw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d126a22bb0ddbdf-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:51:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVCZpZHqTiP3EC7YuRhy%2Bll6T%2BY8HW2vNtDur8X0eBCeZjtuYu6I8UtK3XHJWEjbey8Fbtm25Ia2FblHDFVqalxR7iPGkmZRldUPEFJCXO9MdxwSQpmoTkpvU2av9fY0gmyNKbohBSwYI7AUbTFPdINf3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d126a227a69dbdf-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 11 Oct 2024 22:51:23 GMT
vary
Accept-Encoding
server
cloudflare
8d126a1a3b92dbdf
melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C0C5 		0
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/jsd/r/8d126a1a3b92dbdf
Requested by
Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2ZNXbqI%2Fog1R6KTCLF5XgfUOH95%2FjAWukI76sZaujFLHzDqOQAKiJqBId3Qt6donw3yog3OFH0gRYELbJtV8Plf3fO%2FLLEVMLxDNUK2Fjvr1exRYij2c5MNkMzMNDoXZEB%2FrpDyZZhvh82Lr2Mxoo74Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d126a238c94dbdf-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 11 Oct 2024 22:51:24 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
melodic-executioners.paynow.store/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://melodic-executioners.paynow.store/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16dfe48800d004341005486eb41ce60c47e1639718574a10eb7ba634d0bab7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://melodic-executioners.paynow.store/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
trace-id
d35045dace2d4650cf5e5a024627a3d7
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdfcB26tKwPSkw%2BtKUZcwOyB7o8lwkeNX3oBiE3GuPTvbBP3wjwKOa3Ufw3ITqd245dupMGnpc2gF5TYOV1ziG8uaiKamWiN%2B1Zg34FJ7pi57gc7N7dHlwC7G8y0ZP8a7dx6aRl7BVGxbZ580qglQU8rSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d126a269a08dbdf-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:51:24 GMT
content-type
text/html; charset=UTF-8
cf-placement
local-
server
cloudflare
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
templates-cdn.paynow.gg
URL
https://templates-cdn.paynow.gg/templates/214207081106907136/gifting.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig object| tailwind string| /template.html function| toggleGiftActions function| isValidSteamID function| handlePurchase object| webpackChunkStripeJSouter function| noop function| Stripe

1 Cookies

Domain/Path Name / Value
.paynow.store/ Name: cf_clearance
Value: uDCD8fBBdQQstbhxbeJoq_IkEX021Yr1N2dP6L.7MUk-1728687084-1.2.1.1-U5ZdIA_ky4ysYM4xcrtpQT4p1V85rT6UFAl74QWql2tBhYAtXWwJYb2.C34oAEqqLy.irxKl6HgpuXPburP.pdw_VI2MM1RGWVTFUb.NgG9BmTtuxsfixKbJ.eVFRF9ryX5W5dDI_u9dhuRx0S.dyzBftXiAe_5xZXAp6nPASzJXXxM8nalG.Eznq8HopiLbjotzDz9nQAbA0bBmTLOyxzETxT34lsPBVYbqEFggq2oVBraK7dmV.BuuSKd.1Xm6SOWROFiJDct9682lhx35FTlnMlrbMWzNt.tjXkpKGVMwCAiNVJWBpzqMgWVQfiaB4cdwnshxqbIq7KbyjfOJr_ybGeERORo2Jj.tKqTzTTX5dHXd.ru7Txn7eZaHcaPF

1 Console Messages

Source Level URL
Text
network error URL: https://melodic-executioners.paynow.store/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fabito.net
cdn.tailwindcss.com
fonts.googleapis.com
imagedelivery.net
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
melodic-executioners.paynow.store
templates-cdn.paynow.gg
templates-cdn.paynow.gg
104.18.2.36
13.32.99.105
172.67.139.119
172.67.71.178
2606:4700:10::6816:1590
2606:4700:4400::6812:2844
2a00:1450:4001:82a::200a
2a01:4f8:c17:5b::2
02859a204bfc304be6c55e6025427db023cebf4563789386871336fae86dfa12
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
850821670b45edbf26c1386459c2ba7d1cd49c7e9f6998c7af02f4306e2b6053
ab57c17401db5788c76e2803999747ee040bc438cd2cd226ba355f7537f5e23a
c16dfe48800d004341005486eb41ce60c47e1639718574a10eb7ba634d0bab7a
c62be4dc75d72141fb16dee8ca41408649df5f16d459ecf0edf5b076cf921f6b
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dfdb5bee4f0c5f85dae4e718c3915342c747c9006da9e0f763426d189b7161
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221