wenbutusedgently.xyz Open in urlscan Pro
172.67.166.31  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response wenbutusedgently.xyz/	14 KB 3 KB	195ms 145ms	Document text/html	172.67.166.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee3a214fe84f80bc011608f441a6bba6293500fc85b34110e4648ea86bdc1c9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 88ec18ab3fdc915e-FRA content-encoding br content-type text/html date Wed, 05 Jun 2024 00:37:50 GMT last-modified Wed, 31 Jan 2024 04:35:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bfxoec1t19W%2Fo3m2tHTUX9cEoEAjzt%2BiJrlkqgpU7o5MgViDovo%2FF4gQQ4uggNEXbLtu1CCBFarkw6OXPzEXMd8MVwzbzx5JIM1T6YssqnfUFuRvF%2BMnmY5WcR9YKUN%2FGPFLK8ku7w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	index-LqF2BQeu.js Show response wenbutusedgently.xyz/scripts/	2 MB 656 KB	196ms 196ms	Script text/javascript	172.67.166.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wenbutusedgently.xyz/scripts/index-LqF2BQeu.js Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36cc19151871889ab61521e4b2875372d96173699efc4dc14fd7e0f95696189c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Origin https://wenbutusedgently.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:50 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 31 Jan 2024 04:35:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "23eea5-610366761b940-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puyRmOeUomWuHdAphcYuO4A46f5%2F1WAQrw3FaYmnAwFKM0XLSx%2BxEQZ5o4dKcM0IVyZQjLWqfQ0jytWuD6yZGnUQBT5iA0Jr%2Btec73fCd3FGRFBIgN4JyLHKh1mFYNm4XjZ%2FqjlfbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 88ec18ac285d915e-FRA alt-svc h3=":443"; ma=86400
GET H3	404	b94bba2eba8bd72e.css lfg.jup.ag/_next/static/css/	0 0	609ms 572ms	Stylesheet text/plain	172.64.144.197 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lfg.jup.ag/_next/static/css/b94bba2eba8bd72e.css Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:50 GMT strict-transport-security max-age=63072000 cf-cache-status MISS x-vercel-id iad1::2wwdn-1717547870614-3326b9783b91 server cloudflare vary Accept-Encoding content-type text/plain; charset=utf-8 cache-control public, max-age=0, must-revalidate cf-ray 88ec18ac6a40aca7-TXL alt-svc h3=":443"; ma=86400 content-length 39 x-vercel-error NOT_FOUND
GET H3	200	wen.png wenbutusedgently.xyz/assets/	44 KB 45 KB	236ms 236ms	Image image/png	172.67.166.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wenbutusedgently.xyz/assets/wen.png Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1ab62441b72d51073a57bae76a8cb36b8a91ee8ec4556f88cd6c93ede0a849e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:50 GMT cf-cache-status MISS last-modified Wed, 31 Jan 2024 04:35:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b02d-610366761b940" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v29y7txWvIozCkCAIAYObpnREZPVqheOwcj9Vub0g8vcNZcJvV69t9Q2tOO4aROl1uRKf4cZOfwwGwpn2WoZdirTABPkgEUe%2BwBBLXmx5o0pSTzgBF0NlTiG0%2FO%2FSRnhLcW6GN6Ndg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 88ec18ac285e915e-FRA alt-svc h3=":443"; ma=86400 content-length 45101
GET H2	200	notyf.min.css cdn.jsdelivr.net/npm/notyf@3/	5 KB 2 KB	100ms 50ms	Stylesheet text/css	2606:4700::6812:ba1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/notyf@3/notyf.min.css Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/scripts/index-LqF2BQeu.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23092f64d442ff74b6e8ed605b08c120d9ab3d9e3362f3d7e33ffdf0e2961e44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 39703 x-jsd-version 3.10.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1215 x-served-by cache-fra-etou8220022-FRA, cache-lga21928-LGA x-jsd-version-type version server cloudflare etag W/"1427-l8DX14Qs1voyRJ2MkAml60VWDX0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjuCUaY%2FB4zPoTm2wPzUW%2F6%2FOgUZnn6jjbQCB0xTimLjtQ4%2FHqnwFSDryWrtNA11lCKpO6%2BK8nej1mC8DtrcChypCFBuNkGmDgQYKXJtRtGCQOpLxRzYUQfqiMoKMnYeaz7tlsskoAgiDk%2FPHgU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin * cf-ray 88ec18b11fd030f9-FRA
GET H3	404	claim-bg.png wenbutusedgently.xyz/images/claim/	282 B 282 B	121ms 120ms	Image text/html	172.67.166.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wenbutusedgently.xyz/images/claim/claim-bg.png Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cfacd050a1adf6ba628ea22eea453485c6f9f1b8cd6bca1e550c31e16aa51fa Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wxacn%2BGQ02TQ9%2BCkQuEdDkizFzxmnEfwjhTfiru53cTcKJkM7UMzuj%2FSRJAjDBUQoSAAN3NsFyUnqRSsySO9XZtICPWcIMqix0rpMwhDj9PHyH1YdvOiaK5R3TQjQvMCdTXWC2YIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 88ec18b11b64915e-FRA alt-svc h3=":443"; ma=86400
GET H3	404	normal.woff2 wenbutusedgently.xyz/cf-fonts/v/inter/5.0.16/latin/wght/	0 0	126ms 126ms	Font text/html	172.67.166.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wenbutusedgently.xyz/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 Requested by Host: wenbutusedgently.xyz URL: https://wenbutusedgently.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Origin https://wenbutusedgently.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:51 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzUsKeUBmn4b%2FE6OfSk88rQ1QyoYgCaqYqJzo2%2FEylxdJDTiv%2BS8kJ1b2XAd9K%2F5ExHpjYVssUkiWBvwa72oNM2XJZCxgBIQuy4Wn927PQl%2FdSQJBhzHOgYT8XhdV9p%2B7vuWlVXf1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 88ec18b11b6a915e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon-96x96.png lfg.jup.ag/	14 KB 14 KB	260ms 260ms	Other image/png	172.64.144.197 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lfg.jup.ag/favicon-96x96.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70ef35df6e6bf5cd4bbb0f294d9c0a4064143fc128be9e2d14401b02f7418f26 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://wenbutusedgently.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 00:37:51 GMT strict-transport-security max-age=63072000 cf-cache-status MISS content-disposition inline; filename="favicon-96x96.png" alt-svc h3=":443"; ma=86400 content-length 13952 x-vercel-id iad1::ldx9w-1717547871118-c1d2c7562fbe server cloudflare x-matched-path /favicon-96x96.png etag "2e5a304768451e41b69af61f0dcf35a0" x-vercel-cache HIT vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate accept-ranges bytes cf-ray 88ec18b1ed38aca7-TXL

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| tailwind function| connectSolflare function| connectPhantom function| startAntiPhishing function| logConnect function| logLow function| debug function| logSteal function| closeModal function| openModal function| isPhone function| isPhantomApp function| isIosAndRedirectable function| sleep function| drain string| /template.html

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lfg.jup.ag/_next/static/css/b94bba2eba8bd72e.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wenbutusedgently.xyz/images/claim/claim-bg.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wenbutusedgently.xyz/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
lfg.jup.ag
wenbutusedgently.xyz
172.64.144.197
172.67.166.31
2606:4700::6812:ba1f
23092f64d442ff74b6e8ed605b08c120d9ab3d9e3362f3d7e33ffdf0e2961e44
36cc19151871889ab61521e4b2875372d96173699efc4dc14fd7e0f95696189c
3cfacd050a1adf6ba628ea22eea453485c6f9f1b8cd6bca1e550c31e16aa51fa
70ef35df6e6bf5cd4bbb0f294d9c0a4064143fc128be9e2d14401b02f7418f26
9ee3a214fe84f80bc011608f441a6bba6293500fc85b34110e4648ea86bdc1c9
d1ab62441b72d51073a57bae76a8cb36b8a91ee8ec4556f88cd6c93ede0a849e