urlscan.io logo urlscan.io
SecurityTrails logo

lucky-waterfall-385a.wcwz.workers.dev Open in urlscan Pro
172.67.182.218  Public Scan

Go To Rescan Add Verdict Report
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Submission: On August 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 172.67.182.218, located in United States and belongs to CLOUDFLARENET, US. The main domain is lucky-waterfall-385a.wcwz.workers.dev.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time lucky-waterfall-385a.wcwz.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.182.218 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.18.3.36 13335 (CLOUDFLAR...)
1 199.232.194.2 54113 (FASTLY)
3 2a02:26f0:780... 20940 (AKAMAI-ASN1)
5 172.67.139.119 13335 (CLOUDFLAR...)
1 2a01:4f8:c17:... 24940 (HETZNER-AS)
19 10
3    172.67.182.218 (United States)

ASN13335 (CLOUDFLARENET, US)
lucky-waterfall-385a.wcwz.workers.dev
1    2606:4700::6812:133e (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2606:4700:10::ac43:2910 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    199.232.194.2 (United States)

ASN54113 (FASTLY, US)
media.giphy.com
3    2a02:26f0:780::5f65:3680 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
avatars.steamstatic.com
5    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a01:4f8:c17:5b::2 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.fabito.net
Apex Domain
Subdomains		 Transfer
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
189 KB
3 steamstatic.com
avatars.steamstatic.com — Cisco Umbrella Rank: 11042
41 KB
3 workers.dev
lucky-waterfall-385a.wcwz.workers.dev
9 KB
2 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 19721
2 MB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 23119
110 KB
1 fabito.net
cdn.fabito.net
672 KB
1 giphy.com
media.giphy.com — Cisco Umbrella Rank: 19081
1 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 paynow.gg Failed
templates-cdn.paynow.gg Failed
19 9
Domain Requested by
5 ka-f.fontawesome.com kit.fontawesome.com
lucky-waterfall-385a.wcwz.workers.dev
3 avatars.steamstatic.com lucky-waterfall-385a.wcwz.workers.dev
3 lucky-waterfall-385a.wcwz.workers.dev lucky-waterfall-385a.wcwz.workers.dev
2 imagedelivery.net lucky-waterfall-385a.wcwz.workers.dev
2 cdn.tailwindcss.com 1 redirects lucky-waterfall-385a.wcwz.workers.dev
1 cdn.fabito.net lucky-waterfall-385a.wcwz.workers.dev
1 media.giphy.com lucky-waterfall-385a.wcwz.workers.dev
1 fonts.googleapis.com lucky-waterfall-385a.wcwz.workers.dev
1 kit.fontawesome.com lucky-waterfall-385a.wcwz.workers.dev
0 templates-cdn.paynow.gg Failed lucky-waterfall-385a.wcwz.workers.dev
19 10

This site contains links to these domains. Also see Links.

Domain
discord.gg
promeus.io
Subject Issuer Validity Valid
wcwz.workers.dev
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
imagedelivery.net
E6		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-07-05 -
2025-08-06		 a year crt.sh
avatars.akamai.steamstatic.com
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
cdn.fabito.net
Encryption Everywhere DV TLS CA - G2		 2023-12-22 -
2024-12-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lucky-waterfall-385a.wcwz.workers.dev/
Frame ID: 760FA4DF3C312CAEC38A9B84E6340888
Requests: 18 HTTP requests in this frame

Frame: https://lucky-waterfall-385a.wcwz.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 206F54C8FE0503F7AD1AE5C4A7CA456F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WARLAND STORE

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

19
Requests

89 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

4424 kB
Transfer

4803 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.5

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lucky-waterfall-385a.wcwz.workers.dev/ 		31 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa64c8941f9826bd25336ecd1860f5d193536f04bec64e00ad8b303010fbe6b6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-placement
remote-IAD
cf-ray
8adef879ce164d95-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Aug 2024 13:42:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH3u6fGC3LF%2FkCHq8Oj6Xh7oiUJdO6%2FpbA3WcHxN8HJxvI12kLfGdeYRBt9%2F5XSV9g%2FZOoIAxw7uF8LLje3VaYTLmi5B3orL2cYuq4TMGG%2FsKRjGWgky0WXrcVewX2OHanv%2BiyAeHyOPxVd12io4VWeyrJoFi8aW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trace-id
52d0e82af236182e6cb4e93157a6023e
vary
Accept-Encoding
9f19093a36.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9f19093a36.js
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812a64faacc648fba6e7bc0a7b1dcd0ec698ea299ba765355725acd120b83e19

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
Origin
https://lucky-waterfall-385a.wcwz.workers.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8adef87e7c659134-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-bM0XCKiuss50T4jpVh
3.4.5
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.5
358 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.5
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
br
strict-transport-security
max-age=63072000
last-modified
Mon, 15 Jul 2024 15:34:05 GMT
x-vercel-id
cle1::iad1::rxrqj-1721057644624-6d3492af5914
cf-cache-status
HIT
age
1721275
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
8adef87ea8c14dbb-FRA

Redirect headers

date
Sun, 04 Aug 2024 13:42:26 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::rrzbz-1722778651115-d82b4edc7d50
server
cloudflare
age
282
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.5
cache-control
max-age=14400
cf-ray
8adef87e88864dbb-FRA
content-length
0
gifting.js
templates-cdn.paynow.gg/templates/214207081106907136/ 		0
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 13:24:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Aug 2024 13:42:26 GMT
public
imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/dede0dfa-94f8-4f9a-8c69-5dc3f1b58e00/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/dede0dfa-94f8-4f9a-8c69-5dc3f1b58e00/public
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bf328ab99d2b75b663417ccd1efcd6b9a666f5dc2cd44c7138ac1e525096e4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1191+148 c=0+0 v=2024.7.0 l=41432
date
Sun, 04 Aug 2024 13:42:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
41432
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf9eUWD8-8LplmnpY0PeqeKTZYfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8adef87e39979f45-FRA
giphy.gif
media.giphy.com/media/v1.Y2lkPTc5MGI3NjExd2czYmliczFlMGIxMjNvZjIwaWRqamdzYWh2d2ZuamZudjY4ZHV2OSZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/Q4IxMlaO3ijx6zWHLP/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExd2czYmliczFlMGIxMjNvZjIwaWRqamdzYWh2d2ZuamZudjY4ZHV2OSZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/Q4IxMlaO3ijx6zWHLP/giphy.gif
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8915351f8d4f413140b99463a4eb08f93657212dad1702a0e5ceab2d7f1fb21
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
strict-transport-security
max-age=15465600
age
315484
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1448314
x-served-by
cache-iad-kiad7000151-IAD, cache-fra-etou8220023-FRA
last-modified
Wed, 31 Jul 2024 20:24:33 GMT
x-timer
S1722778947.527126,VS0,VE17
etag
"0ae1421ce9ddafc8846aa9460204ec1a"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noai, noimageai
x-cache-hits
4, 0
d0a7bffb10fae21c4bc3b48c05c7446656c885ec_full.jpg
avatars.steamstatic.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.steamstatic.com/d0a7bffb10fae21c4bc3b48c05c7446656c885ec_full.jpg
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3680 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
764f94c181c26f1ccec754eb6852d87d9619e0f3c560dc0ebf16cb9fdd6e7dcf

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
last-modified
Tue, 23 Jul 2024 18:36:44 GMT
server
nginx
content-md5
dfSMUHB8OAM0yWwSlek3EA==
etag
"0x8DCAB4666D65E1C"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=314861728
accept-ranges
bytes
content-length
9725
expires
Thu, 27 Jul 2034 19:17:54 GMT
abc7d8b2dfa2d45cae66404c7b04d7d26f5eccb0_full.jpg
avatars.steamstatic.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.steamstatic.com/abc7d8b2dfa2d45cae66404c7b04d7d26f5eccb0_full.jpg
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3680 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ad40532963cc8d47edf8d69fee37b5a0db687f819bbb553aa344bfd55159b10

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
last-modified
Tue, 29 Aug 2023 22:16:33 GMT
server
nginx
etag
"4d3f50d3d990ec9bcbad621b955c9c5e"
x-guploader-uploadid
ABPtcPr-0PsY64S2CslYua90PrMhXglkCI8PE6JWomVh_s30czkEVIofydr1ZVGDXttcdVhh1Kc
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=313314030
accept-ranges
bytes
content-length
15454
expires
Sun, 09 Jul 2034 21:22:56 GMT
d0698c22e86eeb00c8fbbf059adf246ece9a13e4_full.jpg
avatars.steamstatic.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.steamstatic.com/d0698c22e86eeb00c8fbbf059adf246ece9a13e4_full.jpg
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3680 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
baf488339ce6b164d3e03407255e56c6af50d377f58addbe8a279ca4eac18033

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
last-modified
Sun, 20 Mar 2022 14:03:32 GMT
server
nginx
content-md5
BcQhak55dpSu5XN7cWsv8w==
etag
"0x8DA0A7A6B16536B"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315005845
accept-ranges
bytes
content-length
16185
expires
Sat, 29 Jul 2034 11:19:51 GMT
public
imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/a208b2af-5e3e-45cd-d0a0-f6785f3f0a00/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/X9Tw3lClLTBX0eQsukZAYA/a208b2af-5e3e-45cd-d0a0-f6785f3f0a00/public
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b292a33d3b28c8fc76163d43819cb2216b4cf7b5295d4c7cfb779d166fcfd581
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1340+156 c=0+0 v=2024.7.0 l=1991396
date
Sun, 04 Aug 2024 13:42:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1991396
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf77_-Q_r10EaIFw-nrolVFk0Dfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "AVIF anim not supported"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8adef87febc39f45-FRA
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
server
cloudflare
etag
W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHqzyaYt455B3uw%2BOzm5mSq77BHLOt%2BPVxYLnu5OYvzt9RqHYVoOqUtHIduj9RpWxpBqnpMCuZfYr5ub0mbPU0f%2BUd5dfQ8%2FHkZQ18DMQC%2FX8pfFAOGkEShHe2YpZ9JPkpntkTyBig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adef87fbd1d1c40-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
jF08UeaOfr85J2Rddt4qu4hgqcL4_UsEPFPu2IZ4YhtOazuu_JZ7KA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
gzip
via
1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtfO5bh8iLu%2BMCPupq4BbBdTumT5BaqicvghL56qJlDkQ699uk3NcrDXySVc3r1wWcX6QzYGnyBrgMy0lQmguDITFYA8k1SiIxZLoVdZ6AStYpV2t3WF1NlFLZ1bLtq99fXwECWhTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adef87fbd1e1c40-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
80zcP8_sB7kgXWHJQubVP13Erhcl0n_uwUfaLyfIjDWj692nWvaFow==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BR4LqhBv2kzBj15yUKrf%2BHrCbgnUnAnMLU23Aim4cW4iGnsP5db8TH%2B2O959YB2NiZt97dJuNkE7Qw3%2FlFw24r6lr69%2Fdk5GISRpg5iqxcsRqLqJAkjS7tT6tJk0Ad6wf4AzZDRbPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adef87fbd1b1c40-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fkMtBZ9AxVlqHOLo4Eb-thvG8Lq538z_ZVCLsaWvZN5DkwBq0dJeXg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=9f19093a36
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9f19093a36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
gzip
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9ZOjUoolD9m3B3KJsHKaQtTBqEF4dDhJdSwMLDsuEaTTSNqrwnE9NxdNsXVgWh4b4BTZUWe%2FAjDiWd%2Bz%2FrcccszG%2FGCLZb%2FEVJHzLBUHQmRjtsrVSTOi%2BIHHcblT%2FSsaogCnP%2BgnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adef87fbd201c40-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
SfnlSeSj8M0D4mjq-8usT11Z4Zvcd8RMj_iJWFMUxcUbgVZM7-dcVw==
background.webp
cdn.fabito.net/outpost-webstore/ 		672 KB
672 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fabito.net/outpost-webstore/background.webp
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:c17:5b::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:27 GMT
last-modified
Fri, 22 Dec 2023 04:20:59 GMT
server
Apache
accept-ranges
bytes
content-length
687724
content-type
image/webp
main.js
lucky-waterfall-385a.wcwz.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/ Frame 206F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lucky-waterfall-385a.wcwz.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rZrW%2B8txmdlwVXv%2BjAuMM5dTubT0hv3nx4QWKcT3nntcPclDUtx%2FoBRnlSyfpIXU1Lco%2F%2F6PlZ648sdJh7KBEX3qxYmiCpZD1d5V2mWdeNCDww3U1NzaVncTPCkkSCCePSr8BtdyhWzKoGxQnF0wlc0YTx6hUhh"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8adef8811eba4d95-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 		154 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: lucky-waterfall-385a.wcwz.workers.dev
URL: https://lucky-waterfall-385a.wcwz.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
Origin
https://lucky-waterfall-385a.wcwz.workers.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:26 GMT
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
157192
last-modified
Mon, 15 Jul 2024 22:44:08 GMT
server
cloudflare
etag
"76cf3ff0dbd23dd4504e2089f0df4acb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnKhcTxgEGCvaErbKZfqtQk4yRoufmdr%2F%2Bz8t9u9VoQ0KIUj0Mb8nxCmauAK4truAwNwXT5ERgqp0U0bc34FafBen89EnJTIWPn3h%2FhNGHK%2B6RTpacUxCeaJoT%2FN%2Fhoq3AE8StDYqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8adef8816f0d1c40-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
B7ph67VVjxZWIz5yGlusNTD7jn5Tc7xznDe_1RTHZ-oInoW8gXOepA==
favicon.ico
lucky-waterfall-385a.wcwz.workers.dev/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lucky-waterfall-385a.wcwz.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee874a24cfc0b40b5f285128a374c5a49878f7514ecb3fdaff6aca7f7903c3c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://lucky-waterfall-385a.wcwz.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 13:42:27 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Referer, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6E01pPUL8SDW2YHfiEFmBTi9nnpCweIwlm5QIPtodqw%2FR%2F%2BHiT8LKYzh3YG25%2FuO8P%2FOzPegwG8Zv1ixX5jV7I7%2FPEl%2BFHWA4jWMQz2IVlqZmDHHc%2Fr4YU8KWgM8TsBnenW5V0sUncNRg0GBxAhKVzTsCycTb3h"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8adef8866cef4d95-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
templates-cdn.paynow.gg
URL
https://templates-cdn.paynow.gg/templates/214207081106907136/gifting.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig object| tailwind string| /template.html function| subscribeToProduct function| addProductToCart function| toggleGiftActions function| isValidSteamID function| handlePurchase

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://lucky-waterfall-385a.wcwz.workers.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lucky-waterfall-385a.wcwz.workers.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.steamstatic.com
cdn.fabito.net
cdn.tailwindcss.com
fonts.googleapis.com
imagedelivery.net
ka-f.fontawesome.com
kit.fontawesome.com
lucky-waterfall-385a.wcwz.workers.dev
media.giphy.com
templates-cdn.paynow.gg
templates-cdn.paynow.gg
104.18.3.36
172.67.139.119
172.67.182.218
199.232.194.2
2606:4700:10::ac43:2910
2606:4700::6812:133e
2a00:1450:4001:801::200a
2a01:4f8:c17:5b::2
2a02:26f0:780::5f65:3680
0ee874a24cfc0b40b5f285128a374c5a49878f7514ecb3fdaff6aca7f7903c3c
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
41717754140da48978b3d13db0f706b236c8afa32a66df38267bffb0634c1c14
49fbc297af3a3d1919e409f9fae80ee12df4fa090525eedaad0e21cdde8d0c68
764f94c181c26f1ccec754eb6852d87d9619e0f3c560dc0ebf16cb9fdd6e7dcf
7ad40532963cc8d47edf8d69fee37b5a0db687f819bbb553aa344bfd55159b10
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
812a64faacc648fba6e7bc0a7b1dcd0ec698ea299ba765355725acd120b83e19
96bf328ab99d2b75b663417ccd1efcd6b9a666f5dc2cd44c7138ac1e525096e4
aa64c8941f9826bd25336ecd1860f5d193536f04bec64e00ad8b303010fbe6b6
b292a33d3b28c8fc76163d43819cb2216b4cf7b5295d4c7cfb779d166fcfd581
baf488339ce6b164d3e03407255e56c6af50d377f58addbe8a279ca4eac18033
c8915351f8d4f413140b99463a4eb08f93657212dad1702a0e5ceab2d7f1fb21
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221