melodic-executioners.paynow.store Open in urlscan Pro
172.67.71.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://melodic-executioners.paynow.store/
Effective URL:
https://melodic-executioners.paynow.store/
Submission: On November 12 via api (November 12th 2024, 9:52:56 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 11 HTTP transactions. The main IP is 172.67.71.178, located in United States and belongs to CLOUDFLARENET, US. The main domain is melodic-executioners.paynow.store.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time melodic-executioners.paynow.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.67.71.178 172.67.71.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::6816:1490	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	104.18.2.36 104.18.2.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4f8:c17:... 2a01:4f8:c17:5b::2	() ()
11	8

5 172.67.71.178 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

melodic-executioners.paynow.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1490 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c17:5b::2 (Bad Soden-Salmuenster, Germany)

ASN- ()

cdn.fabito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	paynow.store 1 redirects melodic-executioners.paynow.store	12 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 29429	124 KB
1	fabito.net cdn.fabito.net	672 KB
1	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 14914	23 KB
1	stripe.com js.stripe.com — Cisco Umbrella Rank: 1510	165 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2522
0	paynow.gg Failed templates-cdn.paynow.gg Failed
11	8

	Domain	Requested by
5	melodic-executioners.paynow.store	1 redirects melodic-executioners.paynow.store
2	cdn.tailwindcss.com	1 redirects melodic-executioners.paynow.store
1	cdn.fabito.net	melodic-executioners.paynow.store
1	imagedelivery.net	melodic-executioners.paynow.store
1	js.stripe.com	melodic-executioners.paynow.store
1	fonts.googleapis.com	melodic-executioners.paynow.store
1	kit.fontawesome.com	melodic-executioners.paynow.store
0	templates-cdn.paynow.gg Failed	melodic-executioners.paynow.store
11	8

This site contains no links.

Subject Issuer	Validity	Valid
paynow.store WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
imagedelivery.net E5	`2024-11-04` - `2025-02-02`	3 months	crt.sh
cdn.fabito.net Encryption Everywhere DV TLS CA - G2	`2023-12-22` - `2024-12-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://melodic-executioners.paynow.store/
Frame ID: 055EC9178482CDCB4A593D5B68C6468E
Requests: 9 HTTP requests in this frame

Frame: https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 81C5714C76D2022FC92528A5BD060B65
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Melodic Executioners

Page URL History Show full URLs

http://melodic-executioners.paynow.store/ HTTP 307
https://melodic-executioners.paynow.store/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

73 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

997 kB
Transfer

1808 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://melodic-executioners.paynow.store/ HTTP 307
https://melodic-executioners.paynow.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.14

Request Chain 7

https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
melodic-executioners.paynow.store/
Redirect Chain

http://melodic-executioners.paynow.store/
https://melodic-executioners.paynow.store/

13 KB
4 KB

590ms
517ms

Document
text/html

172.67.71.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://melodic-executioners.paynow.store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b290a4df32278a8d4f158bf020c2969b8c21f6c21637f78dadee05651d249b86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-placement: remote-EWR
cf-ray: 8e19c05c09143602-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Nov 2024 21:52:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1G2CS5TucKUsSVN8xFLQR2AHidC1qL%2F%2Fp1q3lj2DdrwMZLOCfMv3jesJIZjpVf0T7icSCLY%2BoxV1ex2mtd0IpUmCVVo%2Bg6b7Api0r8J1Qs7jFt9t%2FJnfkv93%2BMXAiRrspmejrz%2F2tSAjTfEo1YBnObXOvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=25865&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4270&recv_bytes=4498&delivery_rate=570&cwnd=12000&unsent_bytes=0&cid=0f95154a484a49c7&ts=527&x=1" cfExtPri cfHdrFlush;dur=0
trace-id: 67e20c1cb7b9dd1f170f4a7cd1e95212
vary: Accept-Encoding

Redirect headers

Location: https://melodic-executioners.paynow.store/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 403 9f19093a36.js
kit.fontawesome.com/ 0
0 196ms
142ms Script
text/plain 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/9f19093a36.js
Requested by: Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://melodic-executioners.paynow.store
Referer: https://melodic-executioners.paynow.store/

Response headers

access-control-max-age: 3000
x-request-id: GAdXHrkf8fvWxQIUZ7xB
cache-control: max-age=0, private, must-revalidate
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8e19c05fafb635ff-FRA
access-control-allow-origin: *
content-length: 9
date: Tue, 12 Nov 2024 21:52:51 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2

200

3.4.14 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.14

396 KB
124 KB

31ms
31ms

Script
text/javascript

2606:4700:10::6816:1490
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.14

Requested by

Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/

Protocol

Server

2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e13fc042236bf75a9d01bbfdf1c2c2fc71d439637bcbdda1387446b4d2ff33f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

server: cloudflare
strict-transport-security: max-age=63072000
cache-control: max-age=31536000
content-encoding: br
x-vercel-cache: MISS
cf-cache-status: HIT
age: 159074
cf-ray: 8e19c05fec5f9731-FRA
date: Tue, 12 Nov 2024 21:52:51 GMT
content-type: text/javascript
last-modified: Sun, 10 Nov 2024 13:46:09 GMT
vary: Accept-Encoding
x-vercel-id: cle1::iad1::m956s-1731246368487-9fcdf305a073

Redirect headers

strict-transport-security: max-age=63072000
cache-control: max-age=14400
location: /3.4.14
x-vercel-cache: MISS
cf-cache-status: HIT
age: 619
cf-ray: 8e19c05fbc299731-FRA
date: Tue, 12 Nov 2024 21:52:51 GMT
vary: Accept-Encoding
server: cloudflare
x-vercel-id: cle1::iad1::mg6pr-1731447667129-a25349bece80

GET gifting.js
templates-cdn.paynow.gg/templates/214207081106907136/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 90ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58f34dfefee98b8d0cd4b4d8d66f9ecbca5911bc1fce4b8cda3e2918feae6f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:52:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:52:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 Nov 2024 21:18:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 / Show response
js.stripe.com/v3/ 687 KB
165 KB 72ms
15ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

efb7009a11906c2a136b9ce2a242b8a2baa7597ca1f9a6fc20a722f5350a71c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

x-request-id: 7a0a17c4-950e-444c-9df5-516f177d6a23
content-encoding: br
etag: "14a556b2f22bf09f9314903664acc4cc"
age: 6
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 12 Nov 2024 21:52:51 GMT
last-modified: Tue, 12 Nov 2024 18:47:40 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220097-FRA
x-cache-hits: 2
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168816
server: Fastly

GET
H3 200 public
imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/216f72bb-7323-4c94-1c32-434f67be8600/ 23 KB
23 KB 1648ms
1611ms Image
image/avif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/216f72bb-7323-4c94-1c32-434f67be8600/public

Requested by

Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02859a204bfc304be6c55e6025427db023cebf4563789386871336fae86dfa12

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

cf-cache-status: MISS
etag: "cfMzNB_EqqSnWmcZdNqZBBkgf0fb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 12 Nov 2024 21:52:52 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=819+676 c=3+555 v=2024.10.6 l=23330 f=false
cf-ray: 8e19c05f8fb62bd5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23330
server: cloudflare

GET
H2 200 background.webp
cdn.fabito.net/outpost-webstore/ 672 KB
672 KB 82ms
22ms Image
image/webp 2a01:4f8:c17:5b::2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fabito.net/outpost-webstore/background.webp
Requested by: Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:c17:5b::2 Bad Soden-Salmuenster, Germany, ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

accept-ranges: bytes
content-length: 687724
date: Tue, 12 Nov 2024 21:52:51 GMT
last-modified: Fri, 22 Dec 2023 04:20:59 GMT
content-type: image/webp
server: Apache

GET
H3

200

main.js Show response
melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 81C5
Redirect Chain

https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

21ms
20ms

Script
application/javascript

172.67.71.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/

Protocol

Server

172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99344a127c1e56c2acf57e4dc248e36e1e359333534e679e916fcc9e572c564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQYY7cmRUGMb5q0Bh1Qq9Ufvstdi8biAfslCgtJIrrH%2BX%2B2aHKXoWv8SCa%2FoULJRJjmzNoe6QQz5g6VQyWQo8BZdi1%2Bk9rda1TOxsbkzVGyz9GgYChKswtzgN0HfAuTjpT9l3YRdf54dpkWo%2FlUWMZKCRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e19c0630ef43602-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25497&sent=20&recv=15&lost=0&retrans=0&sent_bytes=9700&recv_bytes=5208&delivery_rate=27145&cwnd=12000&unsent_bytes=0&cid=0f95154a484a49c7&ts=1164&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 12 Nov 2024 21:52:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOy6Z%2BYw8sOVqBXG1Pu98JFvJETFL2%2FCbbIeV2ZfF3f8sMUatyms5DtfaPFCN5hu%2BCndFboANkO7z9GkL3I22X%2BYDjxKzGl3jG4v24iPjiBW90QaNPQT%2B%2FshTfq3BBxI5lI1uVHhU39TMMZylBT8zakPWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e19c062ded43602-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=25478&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8947&recv_bytes=4908&delivery_rate=190618&cwnd=12000&unsent_bytes=0&cid=0f95154a484a49c7&ts=1135&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 12 Nov 2024 21:52:51 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8e19c05c09143602 Show response
melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 81C5 0
1 KB 27ms
20ms XHR
text/plain 172.67.71.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/h/b/jsd/r/8e19c05c09143602
Requested by: Host: melodic-executioners.paynow.store
URL: https://melodic-executioners.paynow.store/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6VKIK3qfDKZSG7c9rfhbKuE6R%2B78RqgS6ojtzsvtB1zOihXZvQemK33i38I1LeVZkl4I9WtbRM%2BWKO%2F7ZdueO1b%2F1eDraLdCu1cSvJspac6avne1sgwqIZ%2FJNPiAtjcXo8JjiIQI6ym6y9sy1RLMBgNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e19c063dfae3602-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23231&sent=28&recv=32&lost=0&retrans=0&sent_bytes=14272&recv_bytes=22476&delivery_rate=283184&cwnd=12000&unsent_bytes=0&cid=0f95154a484a49c7&ts=1301&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 12 Nov 2024 21:52:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 404 favicon.ico
melodic-executioners.paynow.store/ 2 KB
1 KB 159ms
158ms Other
text/html 172.67.71.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://melodic-executioners.paynow.store/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa4cfcdf147e6031e12f5458fd71c13bbc11f719098dc3e977b39f8c78bdfce6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://melodic-executioners.paynow.store/

Response headers

server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
trace-id: aff30e871b62842d930a749b7f53a351
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mINaakezl8gjrQSph%2BOFp%2FtRqmVxZZp6hoLw4RByUIwjIx%2BrtcfA%2BflvQpivg7Top%2BrIdep00hjccE9KVdaoAvAcjY7wIVPi%2Bw4XNbkgKbWCOeWGE6dwW2M8Q1ENirDxx1Xlkz%2FaHx3PTwK8W92oHlvuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e19c069bcc23602-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23435&sent=30&recv=34&lost=0&retrans=0&sent_bytes=15483&recv_bytes=23259&delivery_rate=23804&cwnd=12000&unsent_bytes=0&cid=0f95154a484a49c7&ts=2373&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 12 Nov 2024 21:52:52 GMT
content-type: text/html; charset=UTF-8
cf-placement: remote-EWR
vary: Accept-Encoding
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: templates-cdn.paynow.gg
URL: https://templates-cdn.paynow.gg/templates/214207081106907136/gifting.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paynow.store/	1970-01-21 09:43:04	Name: cf_clearance Value: bP4QS066EdrOHaZJx9MV_4waU9qZV3fPRbDHUsqZZ_Y-1731448371-1.2.1.1-dWwuDNXc0DSHT1QkhfvRsbLYhLU4mKOXzPunM80pSv6KdbtCcDe9sqo68mdjiG__M64lSX_SVbzyohjir1KXpISDF6wyt_LGkUabj5ShE5YiNoxnOshjLwsbbbWcEeYFM3dMA9DoCSEbrQnVEPLWikhwSTsSGGMNY2YHSF3V612uQO_9Pfg75YfiJx56JCynCmh8xJ.Pk5z5zZlTsjZqNuemy.h9kkq7hA1Niax7pPTMlZ7TddzLqsyN4BHrckc9reF8_47Wr1.FokrF0noptNibNjjdXeD3k8.4a_K34xSK_5hrEsU2dSaOYHHwazZpKOrZSrfNzOPBsdHZAMk9PY4pk3R3BKQ6W_Znf12LuMK_DMr8joQdU_GZXwlCFl8z

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/9f19093a36.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://melodic-executioners.paynow.store/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fabito.net
cdn.tailwindcss.com
fonts.googleapis.com
imagedelivery.net
js.stripe.com
kit.fontawesome.com
melodic-executioners.paynow.store
templates-cdn.paynow.gg
templates-cdn.paynow.gg
104.18.2.36
151.101.64.176
172.67.71.178
2606:4700:10::6816:1490
2606:4700:4400::6812:2844
2a00:1450:4001:810::200a
2a01:4f8:c17:5b::2
02859a204bfc304be6c55e6025427db023cebf4563789386871336fae86dfa12
49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68
58f34dfefee98b8d0cd4b4d8d66f9ecbca5911bc1fce4b8cda3e2918feae6f72
99344a127c1e56c2acf57e4dc248e36e1e359333534e679e916fcc9e572c564b
aa4cfcdf147e6031e12f5458fd71c13bbc11f719098dc3e977b39f8c78bdfce6
b290a4df32278a8d4f158bf020c2969b8c21f6c21637f78dadee05651d249b86
e13fc042236bf75a9d01bbfdf1c2c2fc71d439637bcbdda1387446b4d2ff33f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb7009a11906c2a136b9ce2a242b8a2baa7597ca1f9a6fc20a722f5350a71c9

melodic-executioners.paynow.store Open in urlscan Pro 172.67.71.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

73 %HTTPS

57 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

997 kBTransfer

1808 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

melodic-executioners.paynow.store Open in urlscan Pro
172.67.71.178 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

997 kB
Transfer

1808 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions