urlscan.io logo urlscan.io
SecurityTrails logo

loot-gh.vercel.app Open in urlscan Pro
216.198.79.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://loot-gh.vercel.app/
Effective URL: https://loot-gh.vercel.app/
Submission: On May 28 via api from IL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 216.198.79.65, located in United States and belongs to AMAZON-02, US. The main domain is loot-gh.vercel.app.
TLS certificate: Issued by R11 on April 21st 2025. Valid for: 3 months.
This is the only time loot-gh.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 216.198.79.65 16509 (AMAZON-02)
1 20.4.130.154 8075 (MICROSOFT...)
1 172.217.23.106 15169 (GOOGLE)
9 4
Apex Domain
Subdomains		 Transfer
5 vercel.app
loot-gh.vercel.app
6 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
1 cryptocompare.com
min-api.cryptocompare.com — Cisco Umbrella Rank: 71043
726 B
0 stayworld.site Failed
stayworld.site Failed
9 4
Domain Requested by
5 loot-gh.vercel.app loot-gh.vercel.app
1 fonts.googleapis.com client
1 min-api.cryptocompare.com loot-gh.vercel.app
0 stayworld.site Failed loot-gh.vercel.app
9 4

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R11		 2025-04-21 -
2025-07-20		 3 months crt.sh
min-api.cryptocompare.com
R10		 2025-04-14 -
2025-07-13		 3 months crt.sh
upload.video.google.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loot-gh.vercel.app/
Frame ID: C599BAEC2082FB26FD0C1960CFB47CD1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LootBot Dashboard

Page URL History Show full URLs

  1. http://loot-gh.vercel.app/ HTTP 307
    https://loot-gh.vercel.app/ Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

8075 kB
Transfer

14827 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loot-gh.vercel.app/ HTTP 307
    https://loot-gh.vercel.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
loot-gh.vercel.app/
Redirect Chain
  • http://loot-gh.vercel.app/
  • https://loot-gh.vercel.app/
6 MB
4 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://loot-gh.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.79.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8e3b79da84d6d609d8d7e12643ddd2e0ab376cf88bf7f3ade0509eaad82508d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-length
4410276
content-type
text/html; charset=utf-8
date
Wed, 28 May 2025 06:32:04 GMT
etag
"c7662fb9828aca99ad70e4029dd8b8e5"
last-modified
Wed, 28 May 2025 06:32:01 GMT
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
fra1::8vft6-1748413924126-2950ccf856d3

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://loot-gh.vercel.app/
Non-Authoritative-Reason
HSTS
ethers.js
loot-gh.vercel.app/assets/web3-provider/ 		742 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-gh.vercel.app/assets/web3-provider/ethers.js
Requested by
Host: loot-gh.vercel.app
URL: https://loot-gh.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.79.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://loot-gh.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
"71f8c498e792c6179d4e2840228f777a"
age
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
177643
date
Wed, 28 May 2025 06:32:04 GMT
content-disposition
inline; filename="ethers.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 28 May 2025 06:32:04 GMT
x-vercel-id
fra1::v4fnb-1748413924425-80867750cae0
ethereum-tx.js
loot-gh.vercel.app/assets/web3-provider/ 		317 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-gh.vercel.app/assets/web3-provider/ethereum-tx.js
Requested by
Host: loot-gh.vercel.app
URL: https://loot-gh.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.79.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2a37a8cdb378bb86cd9e9056658b967d3123a405ef3a474e24b02bf63241445d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://loot-gh.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
"6d23ff59cdf9bc236cd630a94471f086"
age
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
96825
date
Wed, 28 May 2025 06:32:04 GMT
content-disposition
inline; filename="ethereum-tx.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 28 May 2025 06:32:04 GMT
x-vercel-id
fra1::hrls5-1748413924425-2d4e168e96ab
vrtx2.0.0.js
loot-gh.vercel.app/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-gh.vercel.app/vrtx2.0.0.js
Requested by
Host: loot-gh.vercel.app
URL: https://loot-gh.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.79.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f4c75a93ff255d8bc3cbec39c970df43ba9f58398d8af654a39b7647dc292222
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://loot-gh.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
"2c5ea50699da7c0b733e968919f910c7"
age
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
1829353
date
Wed, 28 May 2025 06:32:05 GMT
content-disposition
inline; filename="vrtx2.0.0.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 28 May 2025 06:32:05 GMT
x-vercel-id
fra1::wrsqr-1748413925164-89ef6d0b0287
vrtxscript.js
loot-gh.vercel.app/ 		154 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-gh.vercel.app/vrtxscript.js
Requested by
Host: loot-gh.vercel.app
URL: https://loot-gh.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.79.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ce247b1399d7487b8b9a1799a5094f09da4b03e1faf8b0ee29e8f8af4c53a7a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://loot-gh.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
"698b03ff087ba4d69d916ffcb8974520"
age
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
40374
date
Wed, 28 May 2025 06:32:05 GMT
content-disposition
inline; filename="vrtxscript.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 28 May 2025 06:32:05 GMT
x-vercel-id
fra1::hghn2-1748413925097-2b376a57e65b
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
704472ed414242277aefabe6c8df13f8a929a01f4ac44c0a008bee3f91263dde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c652776c45d7a32737a3112a695ee7f491d6627dbe7c4ed3f1098a81e4e9096

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		318 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		405 KB
405 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed873f1d0b7d0f1381374f7d9ad6908b84a148a04728cc4b2e3164ec295ad02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		388 KB
388 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8622e42bc0d8bd71dccd9572557c7556eaaeffe48918dda4bbeef2981d53eb02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		420 KB
420 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64dd5243b3ec5568134c9c4ecbf37d4db65cb3d6a833e57b7971b2ec987f0459

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://loot-gh.vercel.app
Referer

Response headers

Content-Type
font/woff2
pricemulti
min-api.cryptocompare.com/data/ 		147 B
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://min-api.cryptocompare.com/data/pricemulti?fsyms=ETH,BNB,MATIC,AVAX,ARB,FTM,OP&tsyms=USD
Requested by
Host: loot-gh.vercel.app
URL: https://loot-gh.vercel.app/vrtxscript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.4.130.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
01b90eda72bca3ed8a400d24a6d562f7983ba9052c334fddb6ded806888588d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json
Referer
https://loot-gh.vercel.app/

Response headers

Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'none'
Cache-Control
public, max-age=10
Content-Encoding
gzip
X-CryptoCompare-Server-Id
cc-api-min-v2-18
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-CryptoCompare-Cache-HIT
false
Access-Control-Allow-Origin
https://loot-gh.vercel.app
Date
Wed, 28 May 2025 06:32:07 GMT
Content-Type
application/json; charset=UTF-8
Vary
Accept-Encoding
Server
nginx
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
8c79e152335a309e8ba0284f9c143d9bf8890e5d4f8f71f804f3cedfd0e0958a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://loot-gh.vercel.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 28 May 2025 06:32:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 06:32:07 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 28 May 2025 06:32:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
stayworld.site/ 		0
0
/
stayworld.site/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stayworld.site
URL
https://stayworld.site/
Domain
stayworld.site
URL
https://stayworld.site/

Verdicts & Comments Add Verdict or Comment

36 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x4cd6 function| addClassesToElements function| _0x1a16 function| savepage_ShadowLoader object| _ethers object| ethers object| ethereumjs function| _0x15a3 function| _0x3479 object| @walletconnect/ethereum-provider function| Buffer object| global object| process object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| setImmediate function| clearImmediate object| WalletConnectProvider object| regeneratorRuntime function| Web3 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| seaport object| MS_MetaMask_ChainData function| a0b function| a0a function| addWorkerWalletAddress

0 Cookies

3 Console Messages

Source Level URL
Text
other warning URL: https://loot-gh.vercel.app/(Line 16)
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://stayworld.site/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://stayworld.site/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload