lootdest.org Open in urlscan Pro
104.21.7.82 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lootdest.org/s?269f0ef2
Submission: On May 27 via manual (May 27th 2025, 8:10:45 am UTC) from AU — Scanned from AU

Summary HTTP 46 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 15 domains to perform 46 HTTP transactions. The main IP is 104.21.7.82, located in and belongs to CLOUDFLARENET, US. The main domain is lootdest.org. The Cisco Umbrella rank of the primary domain is 599562.
TLS certificate: Issued by WE1 on April 30th 2025. Valid for: 3 months.

This is the only time lootdest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.21.7.82 104.21.7.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.177.97.95 108.177.97.95	15169 (GOOGLE) (GOOGLE)
1	13.35.148.91 13.35.148.91	16509 (AMAZON-02) (AMAZON-02)
4	64.233.187.94 64.233.187.94	15169 (GOOGLE) (GOOGLE)
1	52.217.170.58 52.217.170.58	16509 (AMAZON-02) (AMAZON-02)
3 7	104.18.1.22 104.18.1.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.76.98 142.250.76.98	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	13.35.148.88 13.35.148.88	16509 (AMAZON-02) (AMAZON-02)
2	172.67.197.84 172.67.197.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
2	18.67.95.64 18.67.95.64	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
1	142.250.204.6 142.250.204.6	15169 (GOOGLE) (GOOGLE)
1	173.194.174.106 173.194.174.106	15169 (GOOGLE) (GOOGLE)
1	142.250.72.150 142.250.72.150	15169 (GOOGLE) (GOOGLE)
4	172.217.167.74 172.217.167.74	15169 (GOOGLE) (GOOGLE)
1	142.250.66.225 142.250.66.225	15169 (GOOGLE) (GOOGLE)
2	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
4	142.250.157.102 142.250.157.102	15169 (GOOGLE) (GOOGLE)
46	22

3 104.21.7.82 (None, )

ASN13335 (CLOUDFLARENET, US)

lootdest.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.175.226 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.97.95 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.148.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-91.syd1.r.cloudfront.net

d1i4rchxg0yau7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.187.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.170.58 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

fingerprinting36542.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.1.22 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.148.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-88.syd1.r.cloudfront.net

d3h26c51lqz4go.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.197.84 (United States)

ASN13335 (CLOUDFLARENET, US)

nerventualken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.95.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-95-64.syd62.r.cloudfront.net

d1wzdj81h1hubn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.194 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.174.106 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.150 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s49-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.157.102 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f102.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	898 KB
7	unpkg.com 3 redirects unpkg.com — Cisco Umbrella Rank: 979	136 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	76 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 jnn-pa.googleapis.com — Cisco Umbrella Rank: 407	46 KB
5	google.com www.google.com — Cisco Umbrella Rank: 9 play.google.com — Cisco Umbrella Rank: 60	24 KB
5	cloudfront.net d1i4rchxg0yau7.cloudfront.net d3h26c51lqz4go.cloudfront.net d1wzdj81h1hubn.cloudfront.net	335 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 71 static.doubleclick.net — Cisco Umbrella Rank: 373	664 B
3	lootdest.org lootdest.org — Cisco Umbrella Rank: 599562	80 KB
2	nerventualken.com nerventualken.com — Cisco Umbrella Rank: 198896	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 248	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 124	4 KB
1	taboola.com api.taboola.com — Cisco Umbrella Rank: 2411	753 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 151	52 KB
1	amazonaws.com fingerprinting36542.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 232936	38 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	7 KB
46	15

	Domain	Requested by
7	www.youtube.com	lootdest.org www.youtube.com
7	unpkg.com	3 redirects lootdest.org
4	play.google.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	lootdest.org	lootdest.org
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	d1wzdj81h1hubn.cloudfront.net
2	nerventualken.com	lootdest.org
2	d3h26c51lqz4go.cloudfront.net	lootdest.org
2	fonts.googleapis.com	lootdest.org
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	api.taboola.com	lootdest.org
1	pagead2.googlesyndication.com	lootdest.org
1	fingerprinting36542.s3.us-east-1.amazonaws.com	lootdest.org
1	d1i4rchxg0yau7.cloudfront.net	lootdest.org
1	cdn.jsdelivr.net	lootdest.org
46	21

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
minecraftsketchbros.eu
lootlabs.gg
support.google.com

Subject Issuer	Validity	Valid
lootdest.org WE1	`2025-04-30` - `2025-07-29`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	a year	crt.sh
*.gstatic.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2025-05-20` - `2026-05-15`	a year	crt.sh
unpkg.com WE1	`2025-04-29` - `2025-07-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
nerventualken.com WE1	`2025-05-25` - `2025-08-23`	3 months	crt.sh
*.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
edgestatic.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.googleusercontent.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lootdest.org/s?269f0ef2
Frame ID: 698DAC1F5CB2F5FB6EF0BA716DAE9BBF
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw
Frame ID: 301B6E35D21FBF54D63BD4DA133385CB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Optifine

Detected technologies

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

46
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

22
IPs

2
Countries

1700 kB
Transfer

5578 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@https://youtube.com/@TGK_Minecraft

Search URL Search Domain Scan URL

URL: https://minecraftsketchbros.eu/

Search URL Search Domain Scan URL

URL: https://lootlabs.gg/
Title: LootLabs - You Create, We Monetize

Search URL Search Domain Scan URL

URL: https://support.google.com/youtube/answer/6276924
Title: Find out more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://unpkg.com/nes.css@latest/css/nes.min.css HTTP 302
https://unpkg.com/nes.css@2.3.0/css/nes.min.css

Request Chain 9

https://unpkg.com/nes.css/css/nes-core.min.css HTTP 302
https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css

Request Chain 18

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

Request Chain 31

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

46 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request s Show response
lootdest.org/ 21 KB
10 KB 512ms
449ms Document
text/html 104.21.7.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://lootdest.org/s?269f0ef2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05d0d9245d01f6e19f0f90adce8d028795a2152d9ef381b4749aa387cd35434

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 946409a39fc05c07-SYD
content-encoding: zstd
content-type: text/html
date: Tue, 27 May 2025 08:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCU0%2FlzR%2FO9Mw6eAGaBHsRR1p8BY5P%2B%2B49Wj6Dhba5Hg%2FtbvU7GZAPqlh4XbXpRHprdKxbDEQbAVfxTQijUQBHp8gGrCLBckc24OWmA%2B04f7vBkGRX4m3DoScaGXWro%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19337&min_rtt=8308&rtt_var=10788&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3691&recv_bytes=3334&delivery_rate=106471&cwnd=12000&unsent_bytes=0&cid=7b8024e19ebbdf96&ts=475&x=80"

GET
H2 200 runtime.js Show response
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 21 KB
7 KB 78ms
58ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js

Requested by

Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
age: 1608771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNSxnR%2BXjthq4X%2BQZ%2FBEht%2FZno9gtcL%2Br8rmwN1bqYkSS0XhRXvM80yBqSWwruURFcRY2uhkNIF9FQSSUPvwIiYQzfVXLNUmstsmF%2FQVykm67uuK64%2F0S6T7SAWUJNnfoOE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 08:10:46 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230078-FRA, cache-lga21975-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946409a81f40aad1-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6589
server: cloudflare
x-jsd-version: 6.5.0

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 540ms
267ms Stylesheet
text/css 108.177.97.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap

Requested by

Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.97.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f95.1e100.net

Software

ESF /

Resource Hash

6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:10:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:10:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 07:58:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 3.js Show response
lootdest.org/ 148 KB
69 KB 19ms
18ms Script
application/javascript 104.21.7.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://lootdest.org/3.js
Requested by: Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f08608897b99ae11c4fbbb4304774f414b2a5bbc81899d219855e4fa0996b57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/s?269f0ef2

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: zstd
cf-cache-status: HIT
etag: W/"683562f0-24fd6"
age: 2240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USCUcx9UCbsUoCXBmGhwiuY%2FCoVeNKZTKMX5RRt9JfSqWDgpMTFwcCWMM7T%2F8ASV465lTjsSUM%2BWJX2Q8FC1Q9McScYxEN8Y8x5hDC4f8O5tqHT%2By4%2BEEa0Kxf1iYhI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946409a7bfd65c07-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13625&min_rtt=5249&rtt_var=6701&sent=23&recv=18&lost=0&retrans=0&sent_bytes=13923&recv_bytes=3909&delivery_rate=910327&cwnd=12000&unsent_bytes=0&cid=7b8024e19ebbdf96&ts=709&x=80"
date: Tue, 27 May 2025 08:10:46 GMT
content-type: application/javascript
last-modified: Tue, 27 May 2025 07:00:00 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
d1i4rchxg0yau7.cloudfront.net/ 600 B
726 B 180ms
164ms Fetch 13.35.148.91
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1i4rchxg0yau7.cloudfront.net/?tid=990473&params_only=1
Requested by: Host: lootdest.org
URL: https://lootdest.org/3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.148.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-148-91.syd1.r.cloudfront.net
Software: /
Resource Hash: 539ea2eac508943109bdc7046b6e9bb22e744acfa5971d5606f856b004734b41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
access-control-allow-origin: https://lootdest.org
x-cache: Miss from cloudfront
content-length: 350
x-amz-cf-id: NkYqZ8oQt0DBzwQgUobmQuRf8S3KlEGJpw-DSS6HYRkS54U8S3auIg==
date: Tue, 27 May 2025 08:10:47 GMT
x-amz-cf-pop: SYD1-C1

GET
H3 200 6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 18 KB
18 KB 276ms
137ms Font
font/woff2 64.233.187.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.187.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tj-in-f94.1e100.net

Software

sffe /

Resource Hash

42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://lootdest.org
Referer: https://fonts.googleapis.com/

Response headers

age: 123478
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 21:52:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 21:52:49 GMT
last-modified: Thu, 24 Aug 2023 19:54:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18100
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fingerprint.js Show response
fingerprinting36542.s3.us-east-1.amazonaws.com/ 37 KB
38 KB 941ms
451ms Script
application/javascript 52.217.170.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
Requested by: Host: lootdest.org
URL: https://lootdest.org/3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.170.58 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://lootdest.org
Referer: https://lootdest.org/

Response headers

x-amz-server-side-encryption: AES256
ETag: "9ac06ba71cc5803c7515b3e8c3a2854d"
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
x-amz-request-id: X4CQ214DRDA0QSDA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 38143
Date: Tue, 27 May 2025 08:10:48 GMT
Last-Modified: Mon, 09 Dec 2024 12:08:59 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
Content-Type: application/javascript
x-amz-id-2: CNmc6NaSKtd75b+vt6l57oSW03gJRGzUqYo526vl0gZWrAzh+yhdN1La25WFLQ2uPDVq63uC6L0=

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
819 B 202ms
199ms Stylesheet
text/css 108.177.97.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Play:wght@700&family=Press+Start+2P&display=swap

Requested by

Host: lootdest.org
URL: https://lootdest.org/3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.97.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f95.1e100.net

Software

ESF /

Resource Hash

e3f81091396413c5acc75e13127296e3e1cadaa36b3d57d21cb4ef3b807edcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:10:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 08:10:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 nes.min.css
unpkg.com/nes.css@2.3.0/css/ 282 KB
31 KB 55ms
42ms Stylesheet
text/css 104.18.1.22
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/nes.css@2.3.0/css/nes.min.css

Requested by

Host: lootdest.org
URL: https://lootdest.org/3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
age: 2383839
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
expires: Wed, 27 May 2026 08:10:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 17:16:22 GMT
vary: Accept-Encoding
fly-request-id: 01JT18SDS9KD4EWCQ1S9XQ75BF-ord
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
priority: u=0,i=?0
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io, 1.1 fly.io
cf-ray: 946409ac6c64d5d0-SYD
content-digest: sha256=:wLUnaaQIEYrGypLYlA5326irkul4CcQ2WEhPgeqDt1Y=:
access-control-allow-origin: *
server: cloudflare

GET
H3

200

nes.min.css
unpkg.com/nes.css@2.3.0/css/
Redirect Chain

https://unpkg.com/nes.css@latest/css/nes.min.css
https://unpkg.com/nes.css@2.3.0/css/nes.min.css

282 KB
0

0ms
0ms

Stylesheet
text/css

104.18.1.22
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/nes.css@2.3.0/css/nes.min.css

Requested by

Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2

Protocol

Server

104.18.1.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
age: 2383839
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
expires: Wed, 27 May 2026 08:10:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 17:16:22 GMT
vary: Accept-Encoding
fly-request-id: 01JT18SDS9KD4EWCQ1S9XQ75BF-ord
access-control-allow-headers: *
priority: u=0,i=?0
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io, 1.1 fly.io
cf-ray: 946409ac6c64d5d0-SYD
content-digest: sha256=:wLUnaaQIEYrGypLYlA5326irkul4CcQ2WEhPgeqDt1Y=:
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=300
location: /nes.css@2.3.0/css/nes.min.css
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 946409ac6c5fd5d0-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 45
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3

200

nes-core.min.css
unpkg.com/nes.css@2.3.0/css/
Redirect Chain

https://unpkg.com/nes.css/css/nes-core.min.css
https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css

51 KB
8 KB

47ms
47ms

Stylesheet
text/css

104.18.1.22
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css

Requested by

Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2

Protocol

Server

104.18.1.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e296c179198b2edaeecba06ff5a0ef8a73c996939edff3dbea072190b3626b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
age: 2383839
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
expires: Wed, 27 May 2026 08:10:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 17:16:24 GMT
vary: Accept-Encoding
fly-request-id: 01JT18SDS74TTW13P6C530HEX1-ord
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
priority: u=0,i=?0
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io, 1.1 fly.io
cf-ray: 946409acccb1d5d0-SYD
content-digest: sha256=:TilsF5GYsu2u7LoG/1oO+Kc8mWk57f89vqByGQs2JrU=:
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=300
location: /nes.css@2.3.0/css/nes-core.min.css
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 946409ac6c63d5d0-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 50
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 239ms
122ms Fetch
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lootdest.org
URL: https://lootdest.org/3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

aeb4e6157123b61a53db63ef51a4e42c919a5e6e57e3463e87794088701d1914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

content-encoding: br
etag: 4554437001598288671
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:10:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53231
x-xss-protection: 0
server: cafe

GET
H2 200 user.sync Show response
api.taboola.com/2.0/json/lootlabs-roblox/ 83 B
753 B 763ms
474ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by: Host: lootdest.org
URL: https://lootdest.org/3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e132fd9b644b197363bddade9e8eff0deaec56ac3a78c7554aaf4d5d2b0f0cdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Tue, 27 May 2025 08:10:47 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-cache-hits: 0
x-served-by: cache-bfi-kbfi7400027-BFI
x-timer: S1748333448.586057,VS0,VE197
x-vcl-time-ms: 197
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://lootdest.org
x-service-version: v1
server: nginx

GET
H2 200 block-b.png
d3h26c51lqz4go.cloudfront.net/loot-sources/ 2 KB
2 KB 20ms
5ms Image
image/png 13.35.148.88
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d3h26c51lqz4go.cloudfront.net/loot-sources/block-b.png
Requested by: Host: lootdest.org
URL: https://lootdest.org/s?269f0ef2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.148.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-148-88.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cada8f13ba3073d027ca94c87805f7b970475caacf2473da41aa9b6e9f56b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

etag: "80a55748e7b4c539cbd79b9657bede96"
age: 3268
via: 1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 1606
x-amz-cf-id: 5ycb1JZ199VycZ5JXM4j4aBmYILKFgA1fWgprT3oFu8c0uq9GriUZQ==
date: Tue, 27 May 2025 07:16:20 GMT
content-type: image/png
last-modified: Sun, 06 Oct 2024 08:08:50 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 335 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6bf4ae0daf913a3875c88846cf003255949b6e34da39c0f7914e7963004e335

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
fonts.gstatic.com/s/pressstart2p/v15/ 12 KB
12 KB 134ms
133ms Font
font/woff2 64.233.187.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/pressstart2p/v15/e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@700&family=Press+Start+2P&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.187.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tj-in-f94.1e100.net

Software

sffe /

Resource Hash

5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://lootdest.org
Referer: https://fonts.googleapis.com/

Response headers

age: 49341
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 18:28:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:28:26 GMT
last-modified: Tue, 02 May 2023 15:30:42 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12480
x-xss-protection: 0
server: sffe

GET
H3 404 favicon.ico
lootdest.org/ 561 B
758 B 15ms
14ms Other
text/html 104.21.7.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://lootdest.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/s?269f0ef2

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: zstd
cf-cache-status: HIT
age: 157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HExkgz78Xf60zsHkoS6CFMtBugsGpw6u6vVHe5VPSzzAcoYHtHFoowxVHr1IY%2FCm%2FvWE8Mq5%2F1NMp7uVqARa9Z%2F2aCGVwrJN3y9qigzTq72G%2BWZombcuvMzu9FZe%2BQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946409addff75c07-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2012&min_rtt=1351&rtt_var=663&sent=88&recv=53&lost=0&retrans=0&sent_bytes=86436&recv_bytes=5814&delivery_rate=1018552&cwnd=46800&unsent_bytes=0&cid=7b8024e19ebbdf96&ts=1684&x=80"
date: Tue, 27 May 2025 08:10:47 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

POST
H3 200 tc Show response
nerventualken.com/ 473 B
1 KB 556ms
546ms Fetch
application/json 172.67.197.84
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://nerventualken.com/tc
Requested by: Host: lootdest.org
URL: https://lootdest.org/3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7831424ec680435d6a63e05a27b5708d250d670a0e6527e5511a2289ab0483db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://lootdest.org/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tv7eltZJHXkj3NloPMxMDE%2FHwsD%2F1GWg3xuvuA%2FZ59xLynHbpw9nKZdpzbUneZCW7KtRS3ddknkY%2FVtecPI6xt8%2FY7b7pwu2qR9q3bd4T6hZdlO5eiEztXEP%2FmQghqWZ3Chyxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946409b45e1bdac6-SYD
access-control-allow-origin: https://lootdest.org
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1366&min_rtt=894&rtt_var=682&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3659&recv_bytes=3522&delivery_rate=1878262&cwnd=12000&unsent_bytes=0&cid=14054e08a0ffeac0&ts=545&x=80"
date: Tue, 27 May 2025 08:10:48 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H3 200 tc
nerventualken.com/ Frame 0
0 464ms
452ms Preflight
application/json 172.67.197.84
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://nerventualken.com/tc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lootdest.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-origin: https://lootdest.org
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 946409b17e59a819-SYD
content-length: 0
content-type: application/json
date: Tue, 27 May 2025 08:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3KYFWHJjFbgSj8oab1wY0oK7YbrxKXmYrIp43VYSIraGPANihbx1QZmi0uyhtMeMUmMvBCnpbEkkjftWSYikIf10QSttxfnEedujvVBKJj50NDjgPztLGdX0iD%2FivgJIzP9Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=1741&min_rtt=1199&rtt_var=970&sent=13&recv=12&lost=0&retrans=1&sent_bytes=4226&recv_bytes=3295&delivery_rate=1615202&cwnd=12000&unsent_bytes=0&cid=0a9143c18964b5cc&ts=456&x=80"

GET
H3

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

375 KB
97 KB

30ms
29ms

Script
text/javascript

104.18.1.22
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

Protocol

Server

104.18.1.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
age: 1545042
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
expires: Wed, 27 May 2026 08:10:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 29 Apr 2025 17:16:14 GMT
vary: Accept-Encoding
fly-request-id: 01JT18S4QMXBPS96PSFS1JWCXY-ord
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
priority: u=3,i=?0
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io, 1.1 fly.io
cf-ray: 946409b80e11d5d0-SYD
content-digest: sha256=:s5bGhH+Rb5OzU93ckkWwVq2QDRFc+1ieeQm6mW6vcK8=:
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=300
location: /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 946409b7cde8d5d0-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 71
server-timing: cfExtPri
date: Tue, 27 May 2025 08:10:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 l5qN-MRF8FY Show response
www.youtube.com/embed/ Frame 301B 111 KB
46 KB 276ms
154ms Document
text/html 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Requested by

Host: lootdest.org
URL: https://lootdest.org/3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

ESF /

Resource Hash

06554df5f56bf48dd86b29dc495c2e8ee4481597da262b47d9e31a6a8982957b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lootdest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 08:10:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3dd96f7ae00b8135.png
d1wzdj81h1hubn.cloudfront.net/ 319 KB
319 KB 41ms
12ms Image
image/png 18.67.95.64
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1wzdj81h1hubn.cloudfront.net/3dd96f7ae00b8135.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.95.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-95-64.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3987cea134617c3cc6025db88ea79061320e7e64a56b81008ed491f7e2b34299

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

etag: "dbe1196c6f2b07e9068e95cf7cbb2d39"
age: 15670
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-meta-timestamp: 2024-01-15T05:20:56.786297
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 326385
x-amz-cf-id: mIqOE3XL_mDR-0tMljadMI59jyyZVPaCMyhqofWHrAPkB1zmhdlTYQ==
date: Tue, 27 May 2025 03:49:39 GMT
content-type: image/png
last-modified: Mon, 15 Jan 2024 08:57:13 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 3 KB
3 KB 40ms
12ms Image
image/png 18.67.95.64
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.95.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-95-64.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

vary: accept-encoding
etag: "fe92fe3dee69ba5c6dc9ab4b1785c556"
age: 8145
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 3115
x-amz-cf-id: LLpNnulq_nulFjZKhP_A0rtic8pEQwmhAOT14-Il0xy5rwHPidiilA==
date: Tue, 27 May 2025 05:58:43 GMT
content-type: image/png
last-modified: Tue, 07 Feb 2023 09:32:37 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 35 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6694fe2c6a936e2db1d2d58ebdff529c8900c77fbbdb8b2d852ad8e5523d0472

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 block-w.png
d3h26c51lqz4go.cloudfront.net/loot-sources/ 9 KB
10 KB 5ms
5ms Image
image/png 13.35.148.88
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d3h26c51lqz4go.cloudfront.net/loot-sources/block-w.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.148.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-148-88.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10dacb98c41272d56fca6b6c392dcb9a46c47c4b0f661bb938cf2f440597a462

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://lootdest.org/

Response headers

etag: "5927b5f1c98d04272acd2094e4e26c4e"
age: 3268
via: 1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 9523
x-amz-cf-id: psLJj-dY3v3tJwCi5SUXpBdl7Ziq1GiYVSK50rZQcD9P4Nk9uxrdVA==
date: Tue, 27 May 2025 07:16:21 GMT
content-type: image/png
last-modified: Sun, 06 Oct 2024 08:06:47 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a48125ae1e0e8c8959a31df7a8b4ba2febdeadde813898899cde1305ae14b7ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 www-player.css
www.youtube.com/s/player/59b252b9/ Frame 301B 445 KB
54 KB 7ms
5ms Stylesheet
text/css 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

d859031b6162db6fc273911306e5f467965119e9ebc835e9a2960d62f7a5d190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

content-encoding: br
age: 37321
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 21:48:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:48:48 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/css
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 55386
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 301B 15 KB
15 KB 288ms
140ms Font
font/woff2 64.233.187.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.187.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tj-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.youtube.com
Referer: https://www.youtube.com/

Response headers

age: 344437
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 08:30:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 23 May 2025 08:30:12 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 301B 15 KB
15 KB 279ms
131ms Font
font/woff2 64.233.187.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.187.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tj-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.youtube.com
Referer: https://www.youtube.com/

Response headers

age: 108061
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 02:09:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 02:09:48 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET
H2 200 embed.js Show response
www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/ Frame 301B 33 KB
9 KB 9ms
7ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

a112d079a9dddc59af5ecb1f206b6f3bcf1e5609e6bd107dd1ec259a9984f45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

content-encoding: br
age: 119886
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 22:52:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 22:52:43 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 9565
x-xss-protection: 0
server: sffe

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/59b252b9/www-embed-player.vflset/ Frame 301B 345 KB
103 KB 14ms
13ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

97302c50001e9b77f8dde6611c80e718d0364fd8f19fa07480a2b655a8909f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

content-encoding: br
age: 198199
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 01:07:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 01:07:30 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 104998
x-xss-protection: 0
server: sffe

GET
H2 200 base.js Show response
www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/ Frame 301B 2 MB
650 KB 18ms
17ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

49447b028778e4b4f06e4e891aa5ddf17a7214067cc451678485eaed4324004d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

content-encoding: br
age: 58790
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 15:50:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 15:50:59 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 665180
x-xss-protection: 0
server: sffe

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 301B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

107ms
107ms

XHR
application/json

142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fd7d83442f2f7ec36ed21703532efae5403da8334285b60765047bd11575a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 08:10:49 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-length: 120
x-xss-protection: 0
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 08:10:49 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 301B 29 B
495 B 240ms
138ms Script
text/javascript 142.250.204.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

age: 391
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:19:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:04:18 GMT
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
cache-control: public, max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 29
x-xss-protection: 0
server: sffe

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/ Frame 301B 122 KB
35 KB 6ms
6ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

87d1b63778c915c2d9176c4c80618e606383cb8244ad1246af1863a56aea3fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

content-encoding: br
age: 109114
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 01:52:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:52:15 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 36062
x-xss-protection: 0
server: sffe

GET
H3 200 i1dpPJRUNxVtcKykMVoGOA7eY-xgjSNp3LENidLkR1M.js Show response
www.google.com/js/th/ Frame 301B 57 KB
22 KB 335ms
146ms Script
text/javascript 173.194.174.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/js/th/i1dpPJRUNxVtcKykMVoGOA7eY-xgjSNp3LENidLkR1M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.174.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f106.1e100.net

Software

sffe /

Resource Hash

8b57693c945437156d70aca4315a06380ede63ec608d2369dcb10d89d2e44753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: br
age: 150518
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 14:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 14:22:11 GMT
last-modified: Mon, 12 May 2025 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22212
x-xss-protection: 0
server: sffe

GET
H2 200 default.webp
i.ytimg.com/vi_webp/l5qN-MRF8FY/ Frame 301B 3 KB
4 KB 583ms
293ms Image
image/webp 142.250.72.150
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/l5qN-MRF8FY/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.150 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f22.1e100.net

Software

sffe /

Resource Hash

8459654f8730aaced41d02761b56a74c1f2a5b49f7cb2672549135441f0f02bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

cache-control: public, max-age=7200
etag: "1723129302"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 10:10:50 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 3464
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: image/webp
vary: Origin
server: sffe

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 301B 97 KB
44 KB 119ms
115ms XHR
application/json+protobuf 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

2febc083e64ad35ea8ffe68a824676a9edcd61d3870fac7231808a428aa470f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45197
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 258ms
102ms Preflight
text/html 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 May 2025 08:10:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 301B 175 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 557aOc0cRQFIhtODzyRbtrMM-1Ek4XJzKhq8o-ljEGdKAjdY8joeBw0ffSdmH31sD2KwibflhYg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 301B 2 KB
2 KB 161ms
6ms Image
image/jpeg 142.250.66.225
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://yt3.ggpht.com/557aOc0cRQFIhtODzyRbtrMM-1Ek4XJzKhq8o-ljEGdKAjdY8joeBw0ffSdmH31sD2KwibflhYg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f1.1e100.net

Software

fife /

Resource Hash

088a494acc57cc8387ab652df216f0eaddc13d6577b175ffca158ea5c805d7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 4430
x-content-type-options: nosniff
expires: Wed, 28 May 2025 06:56:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 06:56:59 GMT
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2148
x-xss-protection: 0
server: fife

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 301B 4 KB
2 KB 245ms
104ms Script
text/javascript 142.250.67.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:10:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:10:49 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="cloudview"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges: bytes
content-length: 2007
x-xss-protection: 0
server: sffe

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/136/ Frame 301B 48 KB
14 KB 5ms
4ms Script
text/javascript 142.250.67.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/eureka/clank/136/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

abc1abef9c59379e7c151f43287a92f21742a3ed36f7a0beeaffb8ace4efc8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
age: 72396
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 12:04:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 12:04:13 GMT
last-modified: Mon, 07 Apr 2025 15:04:06 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges: bytes
content-length: 13847
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
www.youtube.com/ Frame 301B 0
10 B 3ms
3ms Image
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.youtube.com/generate_204?xUMT6A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/l5qN-MRF8FY?si=rK4KJwoZeHx0JMxw

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 May 2025 08:10:50 GMT
cross-origin-resource-policy: cross-origin

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 98ms
97ms Preflight
text/html 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 May 2025 08:10:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 301B 90 B
133 B 104ms
103ms XHR
application/json+protobuf 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

06c944631396d592aa17f5aae75f1a2f4e1e177b8742810ea19552198295f50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 log
play.google.com/ Frame 301B 131 B
438 B 593ms
317ms Ping
text/plain 142.250.157.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.157.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 27 May 2025 08:10:50 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H2 200 log
play.google.com/ Frame 301B 131 B
437 B 591ms
317ms Ping
text/plain 142.250.157.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.157.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 27 May 2025 08:10:50 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H2 200 log
play.google.com/ Frame 301B 131 B
745 B 590ms
316ms Ping
text/plain 142.250.157.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.157.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 27 May 2025 08:10:50 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 27 May 2025 08:10:50 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H2 200 log
play.google.com/ Frame 301B 131 B
459 B 274ms
272ms Ping
text/plain 142.250.157.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59b252b9/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.157.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 27 May 2025 08:10:51 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 27 May 2025 08:10:51 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

Verdicts & Comments Add Verdict or Comment

18 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lootdest.org/	1970-01-21 14:24:29	Name: uid Value: qENxqlLLhCJTUoRE3uQ84OMYpuKaiDmy
nerventualken.com/	1970-01-21 05:40:19	Name: ci Value: 1556958233888851
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vq2slIH2N94
.youtube.com/	1970-01-21 09:58:05	Name: VISITOR_INFO1_LIVE Value: mWL-v-JumBo
.youtube.com/	1970-01-21 09:58:05	Name: VISITOR_PRIVACY_METADATA Value: CgJBVRIEGgAgNQ%3D%3D
.youtube.com/	1970-01-21 09:58:05	Name: __Secure-ROLLOUT_TOKEN Value: CNaDys79tInqoAEQ-Km70ZnDjQMY-Km70ZnDjQM%3D
.google.com/	1970-01-21 10:02:24	Name: NID Value: 524=PQf7qJhY_GBRK2ePjJz6Cm91cNbjPKKotQlNBD22NfUnGjisoHvgoqCdf58_XyYioESyauKvYD7YeZXJTB7382FAsODfecOVeWvSUIVBu9Mn6PGN6-fIw-qjijE89Z__eca8foEIJBZL1Hb5k-GrkAUuA8xicUswk-yH9SEnpZGb_dBPVI_2gEp4jgerIqLmJA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lootdest.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://lootdest.org/s?269f0ef2 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C00542A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
other	warning	URL: https://lootdest.org/3.js Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d1i4rchxg0yau7.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
d3h26c51lqz4go.cloudfront.net
fingerprinting36542.s3.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lootdest.org
nerventualken.com
pagead2.googlesyndication.com
play.google.com
static.doubleclick.net
unpkg.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.175.226
104.18.1.22
104.21.7.82
108.177.97.95
13.35.148.88
13.35.148.91
142.250.157.102
142.250.204.14
142.250.204.6
142.250.66.194
142.250.66.225
142.250.67.3
142.250.72.150
142.250.76.98
151.101.129.44
172.217.167.74
172.67.197.84
173.194.174.106
18.67.95.64
52.217.170.58
64.233.187.94
06554df5f56bf48dd86b29dc495c2e8ee4481597da262b47d9e31a6a8982957b
06c944631396d592aa17f5aae75f1a2f4e1e177b8742810ea19552198295f50e
088a494acc57cc8387ab652df216f0eaddc13d6577b175ffca158ea5c805d7c1
10dacb98c41272d56fca6b6c392dcb9a46c47c4b0f661bb938cf2f440597a462
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0
2febc083e64ad35ea8ffe68a824676a9edcd61d3870fac7231808a428aa470f0
3987cea134617c3cc6025db88ea79061320e7e64a56b81008ed491f7e2b34299
3cada8f13ba3073d027ca94c87805f7b970475caacf2473da41aa9b6e9f56b4b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
49447b028778e4b4f06e4e891aa5ddf17a7214067cc451678485eaed4324004d
4e296c179198b2edaeecba06ff5a0ef8a73c996939edff3dbea072190b3626b5
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
539ea2eac508943109bdc7046b6e9bb22e744acfa5971d5606f856b004734b41
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317
6694fe2c6a936e2db1d2d58ebdff529c8900c77fbbdb8b2d852ad8e5523d0472
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd
7831424ec680435d6a63e05a27b5708d250d670a0e6527e5511a2289ab0483db
7f08608897b99ae11c4fbbb4304774f414b2a5bbc81899d219855e4fa0996b57
8459654f8730aaced41d02761b56a74c1f2a5b49f7cb2672549135441f0f02bb
87d1b63778c915c2d9176c4c80618e606383cb8244ad1246af1863a56aea3fd0
8b57693c945437156d70aca4315a06380ede63ec608d2369dcb10d89d2e44753
97302c50001e9b77f8dde6611c80e718d0364fd8f19fa07480a2b655a8909f39
a112d079a9dddc59af5ecb1f206b6f3bcf1e5609e6bd107dd1ec259a9984f45f
a48125ae1e0e8c8959a31df7a8b4ba2febdeadde813898899cde1305ae14b7ce
a6bf4ae0daf913a3875c88846cf003255949b6e34da39c0f7914e7963004e335
abc1abef9c59379e7c151f43287a92f21742a3ed36f7a0beeaffb8ace4efc8dd
aeb4e6157123b61a53db63ef51a4e42c919a5e6e57e3463e87794088701d1914
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756
d859031b6162db6fc273911306e5f467965119e9ebc835e9a2960d62f7a5d190
e05d0d9245d01f6e19f0f90adce8d028795a2152d9ef381b4749aa387cd35434
e132fd9b644b197363bddade9e8eff0deaec56ac3a78c7554aaf4d5d2b0f0cdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f81091396413c5acc75e13127296e3e1cadaa36b3d57d21cb4ef3b807edcf4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fd7d83442f2f7ec36ed21703532efae5403da8334285b60765047bd11575a88a

lootdest.org Open in urlscan Pro 104.21.7.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

91 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

22 IPs

2 Countries

1700 kBTransfer

5578 kBSize

7 Cookies

4 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lootdest.org Open in urlscan Pro
104.21.7.82 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

22
IPs

2
Countries

1700 kB
Transfer

5578 kB
Size

7
Cookies

46 HTTP transactions
4 data transactions