www.payday2.pw Open in urlscan Pro
2606:4700:3031::ac43:d8b3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.payday2.pw/
Effective URL:
https://www.payday2.pw/
Submission: On June 21 via api (June 21st 2024, 1:37:42 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3031::ac43:d8b3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.payday2.pw.
TLS certificate: Issued by E1 on April 24th 2024. Valid for: 3 months.

This is the only time www.payday2.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3031::ac43:d8b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.216.179 172.67.216.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
15	5

8 2606:4700:3031::ac43:d8b3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.payday2.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.216.179 (United States)

ASN13335 (CLOUDFLARENET, US)

www.payday2.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	payday2.pw www.payday2.pw	561 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	72 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
15	4

	Domain	Requested by
10	www.payday2.pw	www.payday2.pw
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fontawesome.com	www.payday2.pw use.fontawesome.com
1	fonts.googleapis.com	www.payday2.pw
15	4

This site contains links to these domains. Also see Links.

Domain
superblt.znix.xyz
steamcommunity.com
palone.top
github.com
high-minded.net
t.me
solo.to

Subject Issuer	Validity	Valid
payday2.pw E1	`2024-04-24` - `2024-07-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.payday2.pw/
Frame ID: 954EFD75C1E7D9A00D197BF604E873DC
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GAB's PD2 Mods - to enhance your game

Page URL History Show full URLs

http://www.payday2.pw/ HTTP 307
https://www.payday2.pw/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

15
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

666 kB
Transfer

803 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://superblt.znix.xyz/
Title: PAYDAY 2 SuperBLT

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/sharedfiles/filedetails/?id=512690479
Title: Here

Search URL Search Domain Scan URL

URL: https://palone.top/
Title: p410n3

Search URL Search Domain Scan URL

URL: https://github.com/GABRlEL/payday2.pw-Mods
Title: open source

Search URL Search Domain Scan URL

URL: https://high-minded.net/members/gab.41181/
Title: High-Minded

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/id/inside

Search URL Search Domain Scan URL

URL: https://t.me/Ganon

Search URL Search Domain Scan URL

URL: https://solo.to/gab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.payday2.pw/ HTTP 307
https://www.payday2.pw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.payday2.pw/
Redirect Chain

http://www.payday2.pw/
https://www.payday2.pw/

100 KB
10 KB

199ms
68ms

Document
text/html

2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc53b45cbe689efba35f2fef6e01a270517fd87e8b2941155e872c7633be582

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8970463f8f4e9052-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 01:37:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTvr5QAv9V8zfaZj6pdDVaIcd1hTZOcfH6sikK%2B3cpN%2BLE97h5pfIdmbe9sf1x3D%2FdpJX6GeZrbfJy85Vmat7pes6YdduMimM2nKKeM8cGVZQzWVALxDIUVCiVxVtwkKrtje%2BUwGImIpFLoNGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://www.payday2.pw/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 steam.png
www.payday2.pw/img/ 2 KB
3 KB 61ms
60ms Image
image/png 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payday2.pw/img/steam.png
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d5b4a59db5c2923cd35f43f4079c1c3c30e3cedc91077381da89da8cc8363c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c66ad4a-8e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FPSAXk7sXLZTVGAlpujHXhjpaeLtRA2Q2o87%2F7U%2BWFPkZ9JgAHoROtk7L2aHoZYoOh3o69bxj%2F2eZhoXJpo%2FpcbWfwPakd1KOYJM0ITpMCM55MVrJir7sKzJuofLeBqURPEhPJZe4dV905qBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897046400f809052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2273

GET
H2 200 telegram.png
www.payday2.pw/img/ 2 KB
2 KB 60ms
59ms Image
image/png 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payday2.pw/img/telegram.png
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6286ef4f8ef0166d58039c10fc474fe45238fd1a59f2954b492cc4b66cd147

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c66ad4a-853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waZITV4M3NPC%2BW4HbAN9ntYI9IOMbdTiu%2BigMYOdyiYqv0bldkr6EfvEUe%2B5SU37uEYRM7XqaFmnAAHl5ZtCHXeQ0yXfOEEiXBQQ36K6sxbpZ5aj9bxEzLD87%2BNb3bsihFBPmJ2QiuKYn2VOOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897046400f819052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2131

GET
H2 200 link-solid.png
www.payday2.pw/img/ 3 KB
4 KB 60ms
59ms Image
image/png 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payday2.pw/img/link-solid.png
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ec87951a513bd2cbb1f5f9292cc2b0b0a84c09efc400ea2bb2039b2dd12d71

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Apr 2022 22:38:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626dba5c-d20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EOO47SBnhMTtmHuJ4PoYwpteDPa70WJtFMwYz3WvrWiiK3hRpJKXUepFJ8eGWU2T1W555WEe%2Fpb%2BcFcWD3rNu7zt6RMJ8Yifv1djFj6iwz2LirPuS3%2FJSbDF83NwROG2v4eYyByyPqi6K6nbpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897046402f8a9052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3360

GET
H2 200 mail.png
www.payday2.pw/img/ 2 KB
2 KB 59ms
58ms Image
image/png 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payday2.pw/img/mail.png
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b825939ef4738d476d9d01f3eada916c423f7796e7bb1d6cbb0f6eed9873da17

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c66ad4a-682"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vaRf5AMTolKD4QVVmfSekPWNXB%2Fx6wYbydPSZevWA1B8o%2B0OA96BgNVUeNQVcEdf3boi72CIhUU6sE2exFS9%2F2thwMu67vNuMUFtzzr81qgh5wqqAegOkbNJZ8%2FH4IBDgCDTv1KGtQPfbRY89w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897046402f8c9052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1666

GET
H2 200 style.css
www.payday2.pw/css/ 12 KB
3 KB 61ms
59ms Stylesheet
text/css 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payday2.pw/css/style.css
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8bf76e905c47865d7a70fa1ffd0cfe83dc731b1ce8f51446a2c1a85a1b72973

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Apr 2022 22:13:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"626db47f-309a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aj0zcxkp9VvLj1NICIFtdKF9NBWcnpL9SjHphUO6jy%2FrhmDv2z5yutahT3IwRlHUm6p%2FpciRKOGEo4KzBxaGUvWEL6ILygQGmGBb805Rblu5abvCgzLqiFHCypDoEuXkD3kNChJKI%2FZfGqLXTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 897046402f8e9052-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 7 KB
2 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Oswald

Requested by

Host: www.payday2.pw
URL: https://www.payday2.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbb913e4a90b04c84363f37faca64fccfd06f8c3e75fda0e49982767bd3097bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 01:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 23:38:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 01:37:37 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
10 KB 265ms
177ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Origin: https://www.payday2.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEXelbGdKxqpHCTSXAHgodtQdVPcIGMmgBu1WPuZe8vpLeLMlqLLfyQxa4GhrLliJOUX3d9kSwzYhCRpF7Yim8ohQVJFbgZkVoy8yWhl%2BCpEISOMFLV1UUp%2FjN0f8%2FbRTSEELPw1AZ8V5zBb1awtXoIn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89704640acc5bbf2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
www.payday2.pw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 42ms
42ms Script
application/javascript 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payday2.pw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.payday2.pw
URL: https://www.payday2.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 12:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666c3b9a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOXanCt5pe8UHnzZhe1OKNm64Rkw%2FsFtCjKVKZVqixEN0uOVtiHIgYXO5209Jsl8JSUXa5K4VIwoE5CHif4tGp1Tj35vjVm0DdMTe6Pjc9486L%2FkJKLrD4%2FZhAV5wybqpeFOeZZJDgnw9Z9wVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 897046402f8f9052-FRA
expires: Sun, 23 Jun 2024 01:37:37 GMT

GET
H2 200 road-rage.otf
www.payday2.pw/fonts/ 334 KB
335 KB 66ms
65ms Font
application/octet-stream 2606:4700:3031::ac43:d8b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payday2.pw/fonts/road-rage.otf
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d8b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d908c5e4d4cda1685d6b1a3b0d8b980794f7c4861ca16356bbb4fe05b785ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Origin: https://www.payday2.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c66ad4a-53700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uijooMFQGnvkIMkyy1TUEl4IDrU4H6YRFAWoN8xWp7r0ocMWR6Pbgny74d2wu0owsiklVhzDq6fXPkf4PuGqkriFIi8ni8l5CoBLOWOXRmM2Q4dd08EqZouuv4%2BMr%2BVMi2HxSPrVjYw3VnyQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 897046405fa39052-FRA
alt-svc: h3=":443"; ma=86400
content-length: 341760

GET
H3 200 header-bg-2-OG.jpg
www.payday2.pw/img/ 201 KB
201 KB 59ms
58ms Image
image/jpeg 172.67.216.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payday2.pw/img/header-bg-2-OG.jpg
Requested by: Host: www.payday2.pw
URL: https://www.payday2.pw/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7e2776f9d688166cd2f2eda58d896a129aca2530cbbe939d12dced9a38b710

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c66ad4a-32290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCbZNWGPEwmjrR2iNOBlpTRhrCDdAbS%2BSvZBU6Ujo3hwOHyyI90GHRe3MDWSwyllFXunTOggLnRTy%2BAd%2FsTIRSvsL7asjIBl8dKVqMzijHHXVUD7X3iJwowOlDcRz32fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89704640984e3a7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 205456

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 216ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.payday2.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:54:03 GMT
x-content-type-options: nosniff
age: 211414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:54:03 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 223ms
47ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.payday2.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:05:19 GMT
x-content-type-options: nosniff
age: 210738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:05:19 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 182ms
181ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.payday2.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHqPa6JbeDdJCE6eg0XPnAw0JRMPaSAoJOVxz9%2B3lQjlIaYwkDP%2BciopDz48Rk0U167FeCiZvZGudLKjlGUBW8ZkdkUGix6GES8ZhrRJmxfUvxey8vrf%2Fm5Z051lHK2AIniBHjfaEd5ihZ69%2FadjXwH4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89704641dda2bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62472

GET
H3 200 favicon.ico
www.payday2.pw/ 1 KB
1 KB 64ms
63ms Other
image/x-icon 172.67.216.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payday2.pw/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc859903cfe3699a776ebd45b5d54791cfb4e3e4362b01abdde4c936bcc63a18

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.payday2.pw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Feb 2019 12:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c66ad4a-47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7QBTp56D4fXNPz3YN6e%2FpeeH3VBGxdsG2wduSPX5hdDB8a%2FvS%2Baqjqvf8aDSDcn5O3yNTXqEQQPOixoAYbaMXBorrYt1leKUjS5nFfvGF8ByuAWMO6OeOKxHCm1hmCLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 897046432a193a7a-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
www.payday2.pw
172.67.216.179
2606:4700:3031::ac43:d8b3
2606:4700:3036::6815:1b98
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
45d908c5e4d4cda1685d6b1a3b0d8b980794f7c4861ca16356bbb4fe05b785ab
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
6d7e2776f9d688166cd2f2eda58d896a129aca2530cbbe939d12dced9a38b710
7dc53b45cbe689efba35f2fef6e01a270517fd87e8b2941155e872c7633be582
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
a2ec87951a513bd2cbb1f5f9292cc2b0b0a84c09efc400ea2bb2039b2dd12d71
a9d5b4a59db5c2923cd35f43f4079c1c3c30e3cedc91077381da89da8cc8363c
b825939ef4738d476d9d01f3eada916c423f7796e7bb1d6cbb0f6eed9873da17
b8bf76e905c47865d7a70fa1ffd0cfe83dc731b1ce8f51446a2c1a85a1b72973
bbb913e4a90b04c84363f37faca64fccfd06f8c3e75fda0e49982767bd3097bf
cb6286ef4f8ef0166d58039c10fc474fe45238fd1a59f2954b492cc4b66cd147
dc859903cfe3699a776ebd45b5d54791cfb4e3e4362b01abdde4c936bcc63a18
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

www.payday2.pw Open in urlscan Pro 2606:4700:3031::ac43:d8b3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

80 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

666 kBTransfer

803 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

www.payday2.pw Open in urlscan Pro
2606:4700:3031::ac43:d8b3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

666 kB
Transfer

803 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions