urlscan.io logo urlscan.io
SecurityTrails logo

weserveit.xyz Open in urlscan Pro
172.67.210.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid=974245&pubfeed=6458...
Effective URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd...
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 172.67.210.169, located in United States and belongs to CLOUDFLARENET, US. The main domain is weserveit.xyz.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time weserveit.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 94.130.72.48 24940 (HETZNER-AS)
1 18 172.67.210.169 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
18 weserveit.xyz
weserveit.xyz
511 KB
1 wetrackit.club
wetrackit.club
270 B
1 userstat.net
userstat.net — Cisco Umbrella Rank: 222499
643 B
1 lustgoddess.xyz
lustgoddess.xyz
790 B
19 4
Domain Requested by
18 weserveit.xyz 1 redirects weserveit.xyz
1 wetrackit.club
1 userstat.net weserveit.xyz
1 lustgoddess.xyz 1 redirects
19 4

This site contains links to these domains. Also see Links.

Domain
lustgoddess.xyz
Subject Issuer Validity Valid
weserveit.xyz
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
userstat.net
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh
wetrackit.club
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Frame ID: 05ACBB380B657ABE6DDD72ABD3B887A3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lust Goddess

Page URL History Show full URLs

  1. http://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid... HTTP 307
    https://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid... HTTP 302
    https://weserveit.xyz/LG/4girls_shadow/index.html?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52... HTTP 301
    https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

511 kB
Transfer

564 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid=974245&pubfeed=64582&keyword=*&query=file+sharing+hosting&banner=6488012&referrer=https%3a%2f%2fd000d.com%2f&referrer_domain=d000d.com&country=fr&t9=6488012&t10=974245 HTTP 307
    https://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid=974245&pubfeed=64582&keyword=*&query=file+sharing+hosting&banner=6488012&referrer=https%3a%2f%2fd000d.com%2f&referrer_domain=d000d.com&country=fr&t9=6488012&t10=974245 HTTP 302
    https://weserveit.xyz/LG/4girls_shadow/index.html?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312 HTTP 301
    https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
weserveit.xyz/lg/4girls_shadow/
Redirect Chain
  • http://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid=974245&pubfeed=64582&keyword=*&query=file+sharing+hosting&banner=6488012&referrer=https%3a%2f%2fd...
  • https://lustgoddess.xyz/c4thl3k.php?key=mpnn3w81zpajjm5xrp20&conversion=68kvpqa94v8&bid=0.0001&subid=974245&pubfeed=64582&keyword=*&query=file+sharing+hosting&banner=6488012&referrer=https%3a%2f%2f...
  • https://weserveit.xyz/LG/4girls_shadow/index.html?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&ca...
  • https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=112...
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d378fa81c5410dec3f68c4be78337932bbdb7cb910df650ac6c0d52671a09bb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
62557
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
89b92f719d809025-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 29 Jun 2024 21:59:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFG4xHUEo8ZJ4ZTaA%2FR562dKj8ALsn7NHpfVmQW0gyUAITRETTa7y7RE9sOybs2%2Bi1ibtDdD14QOhirRsuTdRp4Vss3l9U00rtOeWZz4y0on9bVdrdtN3jGSM7QtuWdb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01J1K05RRKF6PR78YP6Q9M1Q1E

Redirect headers

accept-ranges
bytes
age
62686
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
89b92f712d269025-FRA
content-type
text/html; charset=UTF-8
date
Sat, 29 Jun 2024 21:59:43 GMT
location
/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QzJe0PuYTRvRSeR%2BeP%2F%2FK2p4NVSFnW9p%2FbPPrLWXrNjzI0PloH68IrwWPgq78L7tk6X%2BHhh1FW0tuoZq2nnlqbrzfkgMx7Y%2FA6HQ2auF5M2%2BqIuEfKQ9Uq%2BbMRmv8pD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-nf-request-id
01J1K05RQ2XHDN2KA71GKTZ4Y7
main.css
weserveit.xyz/lg/4girls_shadow/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956da73fe49c683f4bcc1dd5b841910daa1bc381f6ee977100a95e962c7fabe9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J1F582DW4V0ZTRJ7CJFHHCRF
date
Sat, 29 Jun 2024 21:59:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3307
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"52e9b24b92d337af0dd89ad8afc652de-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CZhKs%2FX154xg8ZgchHfuRKM7umbjRV6ZFIifw%2BRKfQFVhxoGsDOS77sZoZVbBz0oR4Os9PtU%2FjJ2jb1fxqLbmmy1HZwDhyqfPuSLoT9hR17gW2FdUpa3C%2Fc7pjSDr6S"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89b92f71edc19025-FRA
jquery.min.js
weserveit.xyz/lg/4girls_shadow/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/js/jquery.min.js
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a250931ca999ba40a2b17700558581f3a3afa61dd5e64bb378e30695ef250f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J1J3M9C7RZX1AF7GR3900DS1
date
Sat, 29 Jun 2024 21:59:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"07abaaa7ad902315639360bfdfc031d6-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BzTn4SEpnrIW8oA0jx8ZBC3alcVCpGy1od8V76bupb46VSsBKbpl%2BZ8dEv9eB4JcZFJywISE8G90BlbPDxvHAx5C9BYKN1a%2FouKHtGIJaZ3cpoe%2FHJcYd7S%2F%2BJpsmL%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89b92f71edc29025-FRA
alt-svc
h3=":443"; ma=86400
px1.js
weserveit.xyz/lg/4girls_shadow/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/js/px1.js
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J1K05RV8S21F3PJ6EMDAYAAA
date
Sat, 29 Jun 2024 21:59:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ja8zsE3zuEheRbgIv6WDCt5Qg8TROR%2BJfKE61yvVzPQofHCxs0SdH3s0wtjLxKvqHYfFSaLIBnMiLfgH18%2F2mkLaqVR%2F4mFXfVh%2FAujc6J%2BHfCRDW6ssqdnJZzQaKvE%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89b92f71edc39025-FRA
alt-svc
h3=":443"; ma=86400
awpx_click.js
weserveit.xyz/lg/4girls_shadow/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/js/awpx_click.js
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J1K05RTCX13QXKYM4MA7S35S
date
Sat, 29 Jun 2024 21:59:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeHw9y9bW%2BBk3MTQ%2BpNnr16vIzh%2BfBhcAogTIIGEQ5SbEKJKWu4ldm0gFwf0vfvYl6AOKU8Xk8t1uZzwlwP2B1oGPSMJN%2FCCFqAetSBWZTpBWivwyz7Ngg7ijqW7OuoX"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89b92f71edc59025-FRA
alt-svc
h3=":443"; ma=86400
btn1.png
weserveit.xyz/lg/4girls_shadow/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/btn1.png
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEW4XGZ8G80APCB9KQN11
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"37b5843d8ce7be3c6329c6f177e8c9aa-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Chc8KAMyoeHXF4IMDRZRu9vP9u7rvnT000f1C6ewm7Vq9Id8aNubRFPgyVcLxAVbkq7Yb%2BSQqGljpO9O0gQvbpopt%2B9SiHfkor0S9uboNX3mIx057odfkM8d2QIcjd6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f71edc69025-FRA
alt-svc
h3=":443"; ma=86400
content-length
6866
btn2.png
weserveit.xyz/lg/4girls_shadow/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/btn2.png
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEW50P9C1KR7QN4JWE0ZC
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"a1fd5f8cf0bd9e00eb668a62ff42e0d5-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2F442sUW4MKC%2BKCLfddQcTorJoHNdD8iiu%2B7zTExwXWuQq3YqWi0HwkO8WwFcZWUf2dJOr0X9Ppb%2FN%2BQ7h71HAUjWbEkdvAx4sWXOpA4AjI83fVu72OBLgOTLf4wDlBg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f71edc79025-FRA
alt-svc
h3=":443"; ma=86400
content-length
9771
main.js
weserveit.xyz/lg/4girls_shadow/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/js/main.js
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J1K05RWPM8GF4VWBWFCPW3W8
date
Sat, 29 Jun 2024 21:59:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQRar5F6Ngu5GWmVrarJ8WZDkaPJCN8Y%2F%2Bdf8XpTJ4MZLmWP%2FE5Xkp2NsrDg1dm2mRQs%2BMso8Keprz12Fv8aAN3wj4ToXEDbx%2F2E0oZNDgkl%2FCb%2FC8DZBpXzjzx%2F7DzA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89b92f723e079025-FRA
alt-svc
h3=":443"; ma=86400
g1_open.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g1_open.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d95424c3f3857c13ff9f6a957f805b188a568ce769b51ee9fe68c8fd3537b319

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDPKVE0CWM7G20Q16CT
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"e349cfa216d95ca332f21cbc3b27f15f-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cXpm3kNOMcu7CB4ZAb3OcM9yfXAml9T5M%2FPWXNWp2XMylJ0wDkOBXqIQa3dDEUZuFHFzYFzJdM%2BcOT68gW0BoKUXWOP8hX48O724G3iSz9l25JlpAM0mf4S0dRUBg4U"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e569025-FRA
alt-svc
h3=":443"; ma=86400
content-length
84260
g1_close.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g1_close.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d88b039c0e88133bd2f53dc2fef48ea2d8bdae4eb6e3162fec9db714f97adea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDKNJ2F5SS4799H4VS9
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"c9f327cc6d98753bb960abc73dab95e1-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvkzojY2OfcmveJdGNOTLzu%2Fj%2Bk1Mqe8rsHThda%2FjNaKxajTejW0cS6UokaWyLE80lrLo7cSo2JOpC9PFFIt%2Bk0T5AD6ZiDgPls%2B4SEAlL1TyI0yph2s1y1EC3XJi%2FIm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e599025-FRA
alt-svc
h3=":443"; ma=86400
content-length
40179
g2_open.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g2_open.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d321fc26bb399bd642b1a3ae059a03308d286526e6b87a9cb37ba63833673372

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDQY50128SS1G89DQ94
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"90cb5b539b8b75b978ad4e89b87d0faa-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RhWkKArNZGk%2Ft%2FExDQH2KyXMivtUqRfRbh1TV4QqQGmX1Vv4zyG4AplkFZ5simj0Yu329jq05m9lk4cHiImTHX2cGTLrnnYM0qaPBhX0%2Fsq2LTIRtm117vUqprKsc%2Fwl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e5a9025-FRA
alt-svc
h3=":443"; ma=86400
content-length
79598
g2_close.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g2_close.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e8cd16f27d5d6a0cfd007881651ef8acd93ba95423c05741bc410454eabf40

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDMAKNJS3DYT0WK8AT3
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"53859999b333c4855c3a974e2690fb68-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PVcmDqOLFys0R2ulgggQ%2FTdAQL10sNzlqpJ6WUSCyvtnvXwdiayAguK4kK1P6VAe9ZuY9FbAqzLZSLdSVkvQd6ur0IqIa4Ah4NYeRJPlfoChLDX0M0W0LRB6zP%2BdErv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e5d9025-FRA
alt-svc
h3=":443"; ma=86400
content-length
41478
g3_open.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g3_open.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8364b19810c700ee3899c55089ca678291758ee0d62dbad821e2a6d73b08c93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0V91R9NXJPK5Y8GNRQSEGTW
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"a9917675644cf3b3c4ecdf7265e39622-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ausN1Uyk%2FBncTccA12xGzYpjFCVGRItLOB6ab0zYKDOcnc76n36%2BjgIqALN3wj73HfRcOsuRHp8RGZEkYXrVzZf%2BRREnsE0v1AWAB3Gp65DHC6FzHbZsvs1vZUX9JOAH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e5e9025-FRA
alt-svc
h3=":443"; ma=86400
content-length
63206
g3_close.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g3_close.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a49dc8fe71fafd7db501c43d96537be26a508a2c8a932ff8f03746bc9a55a83

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDP8EEEYE3AD41J3XZ8
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"2a933fba52294ac359bc6b377f1a87aa-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAXAHETc39t4risFfMalDzmChXZgppAqNsX8JItElRHW%2B4InCGfKgHcwpdS3dR5iZg98a8oFWA%2F9kCzl%2FINv3YOm9SXpEM5C%2BR36AX6VnEBuC0ewEN6FNhgV2b8PZ4vX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e609025-FRA
alt-svc
h3=":443"; ma=86400
content-length
40609
g4_open.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g4_open.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61a23797d6b68ed79222d950596e90da320e59f8ee23e7eb776c94ee0d6734c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0RYEWDS3DQVRC7XPNP9PW8V
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"ce414e7ea4d29219244694f4b3d5585c-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGNOBiV69q0qlPFKtegbwQacX1VmJjJ8u4h2aaAzKl2ufJXM819YOrhTf6CiXHcl%2F%2BF4KF8EV4C73hMD0quIomsZbc1C2b1Vmxlwn7Yy6I%2BpXvxolLylK8liv0v7nK9R"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e639025-FRA
alt-svc
h3=":443"; ma=86400
content-length
72874
g4_close.jpg
weserveit.xyz/lg/4girls_shadow/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/g4_close.jpg
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c0bdd5fc2ba1dfea6ccaedded312f27fd5d5ddf21f24ee607ad05c2c0f197b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0S5B540RQ964F672CVB2AZQ
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"9f74fcdf01e3ea2b1979e23b1958b1c8-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0oXuZafWxpJ1vqIDyFVIxO9gq6vPlHxGDeNj%2BPVsbs4QrJ9Vykch18WYU4hv7X49sLKSDePiuguntYt8RFsP7SaRWj2kLB9s8ZMiswiLVKKAcDPsZs6fxKkxd6dv2b%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f729e649025-FRA
alt-svc
h3=":443"; ma=86400
content-length
40656
fav.png
weserveit.xyz/lg/4girls_shadow/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://weserveit.xyz/lg/4girls_shadow/images/fav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0S5TQ0BVQ4KCS7D4XHD2B9N
date
Sat, 29 Jun 2024 21:59:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"b4fef199e566e87cdcbbbfeb90b9f59a-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2PL7gL7YxqZoVZ%2FvsZy2sIAXXts2Z7l%2FxhH16XriXida9J%2FEkAhdusfzH9sgbLUik0%2BfYnbsY%2FOHYeyM9wwPoD2Sza7oIBMiNRV%2FR%2FFjWmcBYp6UE7hHwrpLjIO1Kci"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89b92f73af539025-FRA
alt-svc
h3=":443"; ma=86400
content-length
1425
script.js
userstat.net/get/ 		129 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userstat.net/get/script.js?referrer=https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Requested by
Host: weserveit.xyz
URL: https://weserveit.xyz/lg/4girls_shadow/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 21:59:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://weserveit.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8J3YW8pnvN9J7loXekCCXlIXcUWpPq2Z5jCVK3KJGzcCuU4GiVOoCwny%2FWVnMkA0S5KynXDTZFjTa57obasiL4FbiImDaCq0lbez3PdfogJye5Y9TvWuZag81jDN3A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
89b92f793e0b91e3-FRA
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
click.php
wetrackit.club/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wetrackit.club/click.php?event7=1&uclick=8poja49z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
94.130.72.48 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.72.130.94.clients.your-server.de
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://weserveit.xyz/lg/4girls_shadow/?clickid=d7ea28poja49zeb3&t1_md5=ec73d8f4a27a5a52cfd1dc8b8d860713&t2_md5=5385bd4228a99b3647537793bf5f584b&t3_md5=3389dae361af79b04c9c8e7057f60cc6&campaign=1124&uclick=8poja49z&uclickhash=8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 29 Jun 2024 21:59:46 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Server
nginx/1.22.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| wrapUrlWithClickId function| pushToTrackerViaImage function| pushAfterTimeout number| TIMEOUT_IN_SECONDS function| go

3 Cookies

Domain/Path Name / Value
weserveit.xyz/lg/4girls_shadow Name: PHPREFS
Value: full
lustgoddess.xyz/ Name: uclick
Value: 8poja49z
lustgoddess.xyz/ Name: uclickhash
Value: 8poja49z-8poja49z-gx16-0-7vh9-2t7v8n-2t8r3y-f84312

3 Console Messages

Source Level URL
Text
network error URL: https://weserveit.xyz/lg/4girls_shadow/js/awpx_click.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://weserveit.xyz/lg/4girls_shadow/js/px1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://weserveit.xyz/lg/4girls_shadow/js/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()