urlscan.io logo urlscan.io
SecurityTrails logo

loot-links.com Open in urlscan Pro
104.21.63.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://loot-links.com/s?mMHt
Submission: On March 10 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 104.21.63.65, located in and belongs to CLOUDFLARENET, US. The main domain is loot-links.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time loot-links.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.63.65 13335 (CLOUDFLAR...)
1 151.101.129.229 54113 (FASTLY)
4 10 104.16.126.175 13335 (CLOUDFLAR...)
2 142.250.80.42 15169 (GOOGLE)
1 13.225.210.27 16509 (AMAZON-02)
2 142.250.65.163 15169 (GOOGLE)
1 142.250.65.194 15169 (GOOGLE)
2 104.21.25.241 13335 (CLOUDFLAR...)
2 18.238.59.91 16509 (AMAZON-02)
19 10
2    104.21.63.65 (None, )

ASN13335 (CLOUDFLARENET, US)
loot-links.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
10    104.16.126.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    142.250.80.42 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net
fonts.googleapis.com
1    13.225.210.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-210-27.ewr50.r.cloudfront.net
d1u5ibtsigyagv.cloudfront.net
2    142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net
fonts.gstatic.com
1    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.21.25.241 (None, )

ASN13335 (CLOUDFLARENET, US)
gforanopportu.info
2    18.238.59.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-59-91.jfk52.r.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
10 unpkg.com
unpkg.com — Cisco Umbrella Rank: 709
182 KB
3 cloudfront.net
d1u5ibtsigyagv.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
107 KB
2 gforanopportu.info
gforanopportu.info — Cisco Umbrella Rank: 591143
929 B
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
2 loot-links.com
loot-links.com
976 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
50 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
7 KB
19 8
Domain Requested by
10 unpkg.com 4 redirects loot-links.com
unpkg.com
2 d1wzdj81h1hubn.cloudfront.net
2 gforanopportu.info loot-links.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com loot-links.com
2 loot-links.com loot-links.com
1 pagead2.googlesyndication.com loot-links.com
1 d1u5ibtsigyagv.cloudfront.net loot-links.com
1 cdn.jsdelivr.net loot-links.com
19 9

This site contains links to these domains. Also see Links.

Domain
tiktok.com
youtube.com
www.simplymiprii.com
lootlabs.gg
Subject Issuer Validity Valid
loot-links.com
GTS CA 1P5		 2024-01-14 -
2024-04-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
gforanopportu.info
GTS CA 1P5		 2024-02-28 -
2024-05-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loot-links.com/s?mMHt
Frame ID: B748A7DD52122554058DC534017E0BB4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BE Sanrio Bunnies Pack

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

79 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

1355 kB
Transfer

2768 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Request Chain 8
  • https://unpkg.com/nes.css@latest/css/nes.min.css HTTP 302
  • https://unpkg.com/nes.css@2.3.0/css/nes.min.css
Request Chain 9
  • https://unpkg.com/nes.css/css/nes-core.min.css HTTP 302
  • https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css
Request Chain 17
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
loot-links.com/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loot-links.com/s?mMHt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.63.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
366a06e4075e693d8e83bdf0581b7b9f014b6042112bb8fba8a81f8c6b427705

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
861f4929182539c5-YYZ
content-encoding
br
content-type
text/html
date
Sun, 10 Mar 2024 00:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNC1veFeivkKbBX42QX4lSXxhZuMrn0aNCKgXxejIvtuc0gYkuUOE4NOm%2F85ov1uszeN6BSJuHHqiyMwzfdlZvBYP2klBmooPSNzYsqGqbnZYTzY0umFS%2BmWuDGBCdRJxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: loot-links.com
URL: https://loot-links.com/s?mMHt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 10 Mar 2024 00:46:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1465183
x-jsd-version
6.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6589
x-served-by
cache-fra-eddf8230078-FRA, cache-yul1970040-YUL
x-jsd-version-type
version
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.38/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Requested by
Host: loot-links.com
URL: https://loot-links.com/s?mMHt
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
883837
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRJ9ER3A5RJBJBNGEHEG4PD-yyz
server
cloudflare
etag
W/"25aa-yeh624Ry4lNtolY7//6loV1g3kc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f494288663739-YYZ

Redirect headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HRJWN64WRZN1G49ETCGB7MY1-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
552
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/detect-gpu@5.0.38/dist/detect-gpu.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
861f494248073739-YYZ
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: loot-links.com
URL: https://loot-links.com/s?mMHt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 00:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 00:28:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 00:46:10 GMT
3.js
loot-links.com/ 		1 MB
967 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-links.com/3.js
Requested by
Host: loot-links.com
URL: https://loot-links.com/s?mMHt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.63.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72ae41e0a4ff66d566afb16fcaded136eec618120207442d3b709a42fa880cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/s?mMHt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Mar 2024 23:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3255
etag
W/"65ece9f0-14f00c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yedKYwAjNWZ6lj8p4vTcmBYClmamkM5VIZ%2B7dAYhJ%2BcoJbNi%2FcR5w1LGylcMo4V3DnemqWODrDd4A1jWGS3ggQZkXgxSBtOSjnjwL21GFOd8hQ9B4cvKRzOXXLSjW6jL7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
861f4942087a39c5-YYZ
alt-svc
h3=":443"; ma=86400
/
d1u5ibtsigyagv.cloudfront.net/ 		689 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1u5ibtsigyagv.cloudfront.net/?tid=1018287&params_only=1
Requested by
Host: loot-links.com
URL: https://loot-links.com/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.210.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-210-27.ewr50.r.cloudfront.net
Software
/
Resource Hash
5d15b918f7fa41cd2e1f330a0061f118868936bf49b0290724a20af7a9d2372e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 00:46:10 GMT
content-encoding
gzip
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://loot-links.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
424
x-amz-cf-id
iKKoDElbi_KyrmMvL9X0_5Di6jUBAoypYqlvym91iLC3uTR06Auy8w==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-links.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 09:12:52 GMT
x-content-type-options
nosniff
age
315198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 09:12:52 GMT
css2
fonts.googleapis.com/ 		4 KB
770 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@700&family=Press+Start+2P&display=swap
Requested by
Host: loot-links.com
URL: https://loot-links.com/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
7814ba119e30ae1dbe7324f4d33c5769411cf8792d5775c8085bd42e90764dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 00:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 00:46:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 00:46:10 GMT
nes.min.css
unpkg.com/nes.css@2.3.0/css/ 		282 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/nes.css@2.3.0/css/nes.min.css
Requested by
Host: loot-links.com
URL: https://loot-links.com/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
875355
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRTC9RR4HX9CZ0NG73KTYFC-yyz
server
cloudflare
etag
W/"4670b-21n/Bl8Sgi5pEuSuXjCWV96fIaA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f49441b333739-YYZ
nes.min.css
unpkg.com/nes.css@2.3.0/css/
Redirect Chain
  • https://unpkg.com/nes.css@latest/css/nes.min.css
  • https://unpkg.com/nes.css@2.3.0/css/nes.min.css
282 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/nes.css@2.3.0/css/nes.min.css
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
875355
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRTC9RR4HX9CZ0NG73KTYFC-yyz
server
cloudflare
etag
W/"4670b-21n/Bl8Sgi5pEuSuXjCWV96fIaA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f49444b923739-YYZ

Redirect headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HRJWPKTZPAGYB7H4K5Z1WMTT-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
505
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/nes.css@2.3.0/css/nes.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
861f49441b3a3739-YYZ
nes-core.min.css
unpkg.com/nes.css@2.3.0/css/
Redirect Chain
  • https://unpkg.com/nes.css/css/nes-core.min.css
  • https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css
51 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/nes.css@2.3.0/css/nes-core.min.css
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e296c179198b2edaeecba06ff5a0ef8a73c996939edff3dbea072190b3626b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
882336
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRKQ8EYK2CQN8D613WFWDZT-yyz
server
cloudflare
etag
W/"cd63-BS11VHqCQWO+1vzymJ4DKuYfmpI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f49444b933739-YYZ

Redirect headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HRJWPKXKX3M5REGPVRZ422T2-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
505
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/nes.css@2.3.0/css/nes-core.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
861f49441b3e3739-YYZ
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: loot-links.com
URL: https://loot-links.com/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
b2494b4c7cb01dce8fef12241e72f3485ecfb953771781b616090c5bdbea87d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50753
x-xss-protection
0
server
cafe
etag
2242473727463129229
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 10 Mar 2024 00:46:10 GMT
d-intel.json
unpkg.com/detect-gpu@5.0.38/dist/benchmarks/ 		43 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/benchmarks/d-intel.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6283a00844c99fc9d94cf99ffdd0c3392b9be908467fdd80fa2914843fb78564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
883861
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRJ8Q2DKFFJMZB21JFZSWKQ-yyz
server
cloudflare
etag
W/"aa9e-PItSkECxUbKs93/O0lLbbP8haoo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f49446c5b36fd-YYZ
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cada8f13ba3073d027ca94c87805f7b970475caacf2473da41aa9b6e9f56b4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
fonts.gstatic.com/s/pressstart2p/v15/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/pressstart2p/v15/e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@700&family=Press+Start+2P&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-links.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:39:23 GMT
x-content-type-options
nosniff
age
65207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12480
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:30:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Mar 2025 06:39:23 GMT
truncated
/ 		335 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6bf4ae0daf913a3875c88846cf003255949b6e34da39c0f7914e7963004e335

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
tc
gforanopportu.info/ 		452 B
929 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gforanopportu.info/tc
Requested by
Host: loot-links.com
URL: https://loot-links.com/3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98a251cb1ab981501507642085ea8ea613ae86b8972679213a2adf2aa3570fe

Request headers

Referer
https://loot-links.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 10 Mar 2024 00:46:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud4wgSh8WSqJ7aIvqiBxrEP4UjtxvO%2FNgmh3TFipv5yR0UJk5VWUBRdycFf86lIVZcob5xcAQoVDN7IKGDz7kexSkNVpmjeSD5CCfYwwsF46horlxYtyFsqR1y%2BhM0t8sgGOLvE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-links.com
content-type
application/json
access-control-allow-credentials
true
cf-ray
861f4945c8f836b0-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc
h3=":443"; ma=86400
tc
gforanopportu.info/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gforanopportu.info/tc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loot-links.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-links.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
861f49451ee239fa-YYZ
date
Sun, 10 Mar 2024 00:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65R%2BGEXfMgdbMXJoh1pOLr7S%2F00LYPEnvyASks%2FCHbKWksDQ574rMlhkRO6w55JtV1kteOhsU3macicVANYAT1F9USSP%2FU2k783B%2Fx9qHnCBIvSRZ9H805Nxp%2Br1tTNA5EkcqQ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
371 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:46:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
465966
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HR50SSFPCPRB81VNXA32FDMA-yyz
server
cloudflare
etag
W/"5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
861f494f2f9b3739-YYZ

Redirect headers

date
Sun, 10 Mar 2024 00:46:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HRJWWWNSQPXPDDV3138QE0VE-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
302
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
861f494eff423739-YYZ
e039377214b02be5.jpeg
d1wzdj81h1hubn.cloudfront.net/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/e039377214b02be5.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.59.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-59-91.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a6b8a9d9ad60a43a1676cf7beeeb1318eb92335d2ad2b04728bba794d05bf64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 13:30:40 GMT
via
1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2024 17:41:26 GMT
x-amz-meta-timestamp
2024-01-10T04:04:08.133003
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
40533
etag
"677379a797ffc395375f9a858658b3dc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
105124
x-amz-cf-id
nCo_pOJqKnuUWfbkH7TNppneEIdeHD4WpPLZHLKZFwhsNROAqSQvmg==
apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.59.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-59-91.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-links.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 16:33:08 GMT
via
1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
29585
etag
"fe92fe3dee69ba5c6dc9ab4b1785c556"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3115
x-amz-cf-id
b5N_SRnTVrmmhLSs3OMQhC91vgvmnftww3FeJFDgiaIqif36lSAHyA==
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca65398526393b63a84937b21d819ff5ea33838a96cdad8b813c517ce6455fc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6694fe2c6a936e2db1d2d58ebdff529c8900c77fbbdb8b2d852ad8e5523d0472

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10dacb98c41272d56fca6b6c392dcb9a46c47c4b0f661bb938cf2f440597a462

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		261 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a48125ae1e0e8c8959a31df7a8b4ba2febdeadde813898899cde1305ae14b7ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x35dc4b function| a0_0x4eed function| a0_0x43ce function| sendRequest object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
gforanopportu.info/ Name: ci
Value: 1900954315771410

1 Console Messages

Source Level URL
Text
other warning URL: https://loot-links.com/s?mMHt
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d1u5ibtsigyagv.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gforanopportu.info
loot-links.com
pagead2.googlesyndication.com
unpkg.com
104.16.126.175
104.21.25.241
104.21.63.65
13.225.210.27
142.250.65.163
142.250.65.194
142.250.80.42
151.101.129.229
18.238.59.91
10dacb98c41272d56fca6b6c392dcb9a46c47c4b0f661bb938cf2f440597a462
2a6b8a9d9ad60a43a1676cf7beeeb1318eb92335d2ad2b04728bba794d05bf64
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0
366a06e4075e693d8e83bdf0581b7b9f014b6042112bb8fba8a81f8c6b427705
3cada8f13ba3073d027ca94c87805f7b970475caacf2473da41aa9b6e9f56b4b
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
4e296c179198b2edaeecba06ff5a0ef8a73c996939edff3dbea072190b3626b5
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317
5d15b918f7fa41cd2e1f330a0061f118868936bf49b0290724a20af7a9d2372e
6283a00844c99fc9d94cf99ffdd0c3392b9be908467fdd80fa2914843fb78564
6694fe2c6a936e2db1d2d58ebdff529c8900c77fbbdb8b2d852ad8e5523d0472
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
7814ba119e30ae1dbe7324f4d33c5769411cf8792d5775c8085bd42e90764dcd
98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6
a48125ae1e0e8c8959a31df7a8b4ba2febdeadde813898899cde1305ae14b7ce
a6bf4ae0daf913a3875c88846cf003255949b6e34da39c0f7914e7963004e335
b2494b4c7cb01dce8fef12241e72f3485ecfb953771781b616090c5bdbea87d7
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
c0b52769a408118ac6ca92d8940e77dba8ab92e97809c43658484f81ea83b756
c72ae41e0a4ff66d566afb16fcaded136eec618120207442d3b709a42fa880cd
ca65398526393b63a84937b21d819ff5ea33838a96cdad8b813c517ce6455fc5
e98a251cb1ab981501507642085ea8ea613ae86b8972679213a2adf2aa3570fe