lootkro.com Open in urlscan Pro
184.168.131.241 Public Scan

URL:
http://lootkro.com/
Submission: On October 12 via api (October 12th 2020, 11:19:55 pm UTC) from GB

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 20 domains to perform 51 HTTP transactions. The main IP is 184.168.131.241, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is lootkro.com.

This is the only time lootkro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
3	2a00:1450:400... 2a00:1450:4001:81d::2013	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:817::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2009	15169 (GOOGLE) (GOOGLE)
6	104.17.214.185 104.17.214.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	116.12.50.155 116.12.50.155	38532 (USONYX-AS...) (USONYX-AS-AP USONYX PTE LTD)
1	185.127.16.115 185.127.16.115	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	2606:4700:303... 2606:4700:3032::6812:2d38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:80c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2606:4700:303... 2606:4700:3037::ac43:8f26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:774	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
51	20

1 184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

lootkro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.lootkro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img2.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.214.185 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lottoland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.12.50.155 (Singapore)

ASN38532 (USONYX-AS-AP USONYX PTE LTD, SG)
PTR: mail.rupeecasinos.in

www.rupeecasinos.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.127.16.115 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

www.scams.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6812:2d38 (United States)

ASN13335 (CLOUDFLARENET, US)

pngimage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:80c (United States)

ASN13335 (CLOUDFLARENET, US)

www.bookmakers.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:483 (United States)

ASN13335 (CLOUDFLARENET, US)

casino.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:8f26 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.binaryoptionsexpert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:774 (United States)

ASN13335 (CLOUDFLARENET, US)

www.expertinvestor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com	272 KB
6	lottoland.com www.lottoland.com	337 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
5	blogger.com www.blogger.com	59 KB
4	lootkro.com lootkro.com www.lootkro.com	39 KB
3	expertinvestor.net www.expertinvestor.net	195 KB
3	binaryoptionsexpert.net 3 redirects www.binaryoptionsexpert.net	781 B
2	doubleclick.net googleads.g.doubleclick.net
2	blogblog.com img2.blogblog.com resources.blogblog.com	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	62 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	casino.help casino.help	6 KB
1	bookmakers.bet www.bookmakers.bet	2 KB
1	pngimage.net pngimage.net	206 KB
1	scams.info www.scams.info	164 KB
1	rupeecasinos.in www.rupeecasinos.in	13 KB
1	gstatic.com fonts.gstatic.com	28 KB
51	20

	Domain	Requested by
6	www.lottoland.com	www.lootkro.com
5	1.bp.blogspot.com	www.lootkro.com
5	www.blogger.com	www.lootkro.com www.blogger.com
4	pagead2.googlesyndication.com	www.lootkro.com pagead2.googlesyndication.com
3	www.expertinvestor.net	www.lootkro.com
3	www.binaryoptionsexpert.net	3 redirects
3	www.lootkro.com	lootkro.com www.lootkro.com www.blogger.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	2.bp.blogspot.com	www.lootkro.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	4.bp.blogspot.com	www.lootkro.com
2	maxcdn.bootstrapcdn.com	www.lootkro.com maxcdn.bootstrapcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	resources.blogblog.com	www.lootkro.com
1	casino.help	www.lootkro.com
1	www.bookmakers.bet	www.lootkro.com
1	pngimage.net	www.lootkro.com
1	www.scams.info	www.lootkro.com
1	www.rupeecasinos.in	www.lootkro.com
1	fonts.gstatic.com	fonts.googleapis.com
1	3.bp.blogspot.com	www.lootkro.com
1	img2.blogblog.com	www.lootkro.com
1	ajax.googleapis.com	www.lootkro.com
1	fonts.googleapis.com	www.lootkro.com
1	lootkro.com
51	27

This site contains no links.

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.lottoland.com AlphaSSL CA - SHA256 - G2	`2020-02-12` - `2021-02-12`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
mail.rupeecasinos.in Let's Encrypt Authority X3	`2020-09-06` - `2020-12-05`	3 months	crt.sh
www.scams.info Let's Encrypt Authority X3	`2020-09-18` - `2020-12-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-28` - `2021-07-28`	a year	crt.sh
bookmakers.bet Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
expertinvestor.net Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://lootkro.com/
Frame ID: E63C0BB3ECC4FD20FE7D611827D6B764
Requests: 1 HTTP requests in this frame

Frame: http://www.lootkro.com/
Frame ID: C5CACACD8A2FE97B754B150F79C6BF77
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: 6BAE505412357CE6E5028651018307AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3329281371546988&output=html&adk=1812271804&adf=3279755397&plat=1%3A33288%2C2%3A33288%2C8%3A512%2C9%3A33288%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Flootkro.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602544778169&bpp=55&bdt=54&idt=200&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=266767054139&frm=24&ife=1&pv=2&ga_vid=985202997.1602544778&ga_sid=1602544778&ga_hid=86550297&ga_fc=0&iag=3&icsg=2602&nhd=1&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2932455045&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=1158712466126637&pem=488&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=0.mncrsw894wt3&fsb=1&dtd=219
Frame ID: 030FA6E88AFC69E49001CAB675C28DE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 0405C362793679D47BEE8B456BFEC4D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

73 %
HTTPS

81 %
IPv6

20
Domains

27
Subdomains

20
IPs

5
Countries

1593 kB
Transfer

2206 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.binaryoptionsexpert.net/images/02-account-types.png HTTP 301
https://www.expertinvestor.net/images/02-account-types.png

Request Chain 28

https://www.binaryoptionsexpert.net/images/05-mobile-trading.png HTTP 301
https://www.expertinvestor.net/images/05-mobile-trading.png

Request Chain 29

https://www.binaryoptionsexpert.net/images/06-deposits.png HTTP 301
https://www.expertinvestor.net/images/06-deposits.png

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lootkro.com/ 350 B
527 B 407ms
371ms Document
text/html 184.168.131.241
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://lootkro.com/
Protocol: HTTP/1.1
Server: 184.168.131.241 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-184-168-131-241.ip.secureserver.net
Software: nginx/1.16.1 /
Resource Hash: 4ccccf096dadd2600e8cf24ac8eda2ae6e7a4444cf8998bc486f36fbfd28e603

Request headers

Host: lootkro.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Mon, 12 Oct 2020 23:19:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK / Show response
www.lootkro.com/ Frame C5CA 179 KB
35 KB 368ms
342ms Document
text/html 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.lootkro.com/

Requested by

Host: lootkro.com
URL: http://lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6af5f96efe1e82c7fa15953cc445278d2580d555ba02253de5a5d12a34f2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.lootkro.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://lootkro.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lootkro.com/

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Mon, 12 Oct 2020 23:19:38 GMT
Date: Mon, 12 Oct 2020 23:19:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 06 Oct 2020 09:02:00 GMT
ETag: W/"8345c4650323b911377a851b3d13bfa71b9f04e3f52cd01723476299954742b6"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 35800
Server: GSE

GET
H2 200 14020288-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ Frame C5CA 31 KB
7 KB 27ms
5ms Stylesheet
text/css 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/14020288-widget_css_bundle.css

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 10:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Oct 2020 09:13:04 GMT
server: sffe
age: 562799
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6823
x-xss-protection: 0
expires: Wed, 06 Oct 2021 10:59:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C5CA 131 KB
45 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14b624733ebcb699aa82089eb6390c28e5168b668436b1c146f09a7162f68f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45815
x-xss-protection: 0
server: cafe
etag: 3397847753444791534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Oct 2020 23:19:38 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame C5CA 3 KB
964 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Dosis:300,400,700

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d01c5c382d07cb0b44350b69af85f8a9be26482be7fe49e9725629b18f763529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 12 Oct 2020 23:19:38 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 12 Oct 2020 23:19:38 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame C5CA 23 KB
6 KB 14ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 5442

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ Frame C5CA 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 15:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28340
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 15:27:18 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ Frame C5CA 1 B
865 B 125ms
112ms Stylesheet
text/css 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8719298817563451908&zx=a3a701e0-e218-40d5-a92d-5021182587d9

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 12 Oct 2020 23:19:38 GMT
server: GSE
date: Mon, 12 Oct 2020 23:19:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ Frame C5CA 230 KB
87 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88664
x-xss-protection: 0
server: cafe
etag: 2239360983930794775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Oct 2020 23:19:38 GMT

GET
H/1.1 200
OK cooltext333004087039854.png
4.bp.blogspot.com/-MVMFTtTf3Bc/XVZzaj6hQ6I/AAAAAAAABs8/goz2WmGr-bUp7IWJWB_FtKr5QHUZ6oJpgCK4BGAYYCw/s1600/ Frame C5CA 64 KB
64 KB 282ms
273ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-MVMFTtTf3Bc/XVZzaj6hQ6I/AAAAAAAABs8/goz2WmGr-bUp7IWJWB_FtKr5QHUZ6oJpgCK4BGAYYCw/s1600/cooltext333004087039854.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5b8a4767173090229cb7433e990110819a1d34f01cf38747b515b2e0ebdf279a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v6d0"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cooltext333004087039854.png"
Timing-Allow-Origin: *
Content-Length: 65561
X-XSS-Protection: 0
Expires: Tue, 13 Oct 2020 06:43:23 GMT

GET
H/1.1 200
OK icon18_edit_allbkg.gif
img2.blogblog.com/img/ Frame C5CA 162 B
492 B 15ms
6ms Image
image/gif 2a00:1450:4001:825::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://img2.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 17:36:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 11 Oct 2020 10:16:00 GMT
Server: sffe
Age: 107009
Content-Type: image/gif
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 162
X-XSS-Protection: 0
Expires: Sun, 18 Oct 2020 17:36:09 GMT

GET
H2 200 How-does-Lottoland-work-main.jpg
www.lottoland.com/cms/5a9021290eb358758ec5f5bc/ Frame C5CA 84 KB
84 KB 202ms
150ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5a9021290eb358758ec5f5bc/How-does-Lottoland-work-main.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75add04ff5e5ceef170fb50da26ca488dd0bd6be31c2aa3dc5326a4257feca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2018 14:11:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c003a433317-CDG
content-length: 86119
cf-request-id: 05c0b5d425000033174e086200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H2 200 lottoland-scam.jpg
www.lottoland.com/cms/5d31cd00b9c5b5002eaf44e4/ Frame C5CA 22 KB
22 KB 183ms
131ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5d31cd00b9c5b5002eaf44e4/lottoland-scam.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878965d1c7b360c6ea695d93f34eb9c22ba4748bbe931ed501af0043ac1e00c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2019 14:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c003a443317-CDG
content-length: 22025
cf-request-id: 05c0b5d425000033174e087200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H2 200 lottoland-business-model-nz.jpg
www.lottoland.com/cms/5d31d53db9c5b5002eaf4c6d/ Frame C5CA 144 KB
144 KB 234ms
182ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5d31d53db9c5b5002eaf4c6d/lottoland-business-model-nz.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d32907f51484b342fc77d28176194a335916ae8e74fa9d1eb22759e797c9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2019 14:35:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c003a453317-CDG
content-length: 147133
cf-request-id: 05c0b5d425000033174e088200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H/1.1 200
OK line_colored.png
3.bp.blogspot.com/-aXPJ3b60U74/VNWHtuwKBII/AAAAAAAAPjw/LAgDISb1I8s/s1600/ Frame C5CA 561 B
1 KB 13ms
6ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-aXPJ3b60U74/VNWHtuwKBII/AAAAAAAAPjw/LAgDISb1I8s/s1600/line_colored.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21ef9469baae4f8d7e2fc47cc56a1d6ffca160b4840a64268a303188440e1bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 20:00:20 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 11958
ETag: "v3e3e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="line_colored.png"
Timing-Allow-Origin: *
Content-Length: 561
X-XSS-Protection: 0
Expires: Sat, 10 Oct 2020 17:11:22 GMT

GET
H/1.1 200
OK HhyaU5sn9vOmLzloC_WoEoZK.woff2
fonts.gstatic.com/s/dosis/v18/ Frame C5CA 28 KB
28 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/dosis/v18/HhyaU5sn9vOmLzloC_WoEoZK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Dosis:300,400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607974e31ad67a1d71fd50dffaff14c2450d90cf88cb9ac8c145cbc4be15e61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.lootkro.com
Referer: http://fonts.googleapis.com/css?family=Dosis:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 09:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jun 2020 02:40:26 GMT
Server: sffe
Age: 50347
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28452
X-XSS-Protection: 0
Expires: Tue, 12 Oct 2021 09:20:31 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ Frame C5CA 55 KB
56 KB 12ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://www.lootkro.com
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 56792

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame 6BAE 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201007/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.lootkro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.lootkro.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 12 Oct 2020 17:34:09 GMT
expires: Mon, 26 Oct 2020 17:34:09 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 20729
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 powerball.PNG
1.bp.blogspot.com/-czEyEqW0V-E/XgBPFnjbUXI/AAAAAAAAB8Y/wOdAxLVftNElQv4INcyONw671OqTjMidwCLcBGAsYHQ/s640/ Frame C5CA 43 KB
43 KB 230ms
207ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-czEyEqW0V-E/XgBPFnjbUXI/AAAAAAAAB8Y/wOdAxLVftNElQv4INcyONw671OqTjMidwCLcBGAsYHQ/s640/powerball.PNG

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37dbd4f31c2591ff5b418d322ea6495c7448ea7f7a10b14d2c7cc7285b132517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="powerball.PNG"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44008
x-xss-protection: 0
server: fife
etag: "v7c7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Oct 2020 06:43:26 GMT

GET
H2 200 how-safe-is-lottoland.jpg
www.lottoland.com/cms/5d31ce27b9c5b5002eaf4601/ Frame C5CA 25 KB
25 KB 172ms
169ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5d31ce27b9c5b5002eaf4601/how-safe-is-lottoland.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bf41181fc432d5d2f02b06cf5fdd06f69d4652f575d746a59659720728c76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2019 14:05:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c006a6c3317-CDG
content-length: 25352
cf-request-id: 05c0b5d442000033174e08b200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H2 200 payout-jackpots-at-lottoland.jpg
www.lottoland.com/cms/5d31d8aeb9c5b5002eaf4fae/ Frame C5CA 27 KB
28 KB 183ms
180ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5d31d8aeb9c5b5002eaf4fae/payout-jackpots-at-lottoland.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e3017ebc2881b4c6a5c9f93d354bf014b0e55c1b400b8491f0db650f792840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2019 14:50:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c006a6d3317-CDG
content-length: 27875
cf-request-id: 05c0b5d442000033174e08c200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H2 200 lottery-taxes-us-lottery.jpg
www.lottoland.com/cms/5d31d7c8b9c5b5002eaf4ea2/ Frame C5CA 34 KB
34 KB 165ms
163ms Image
image/jpeg 104.17.214.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lottoland.com/cms/5d31d7c8b9c5b5002eaf4ea2/lottery-taxes-us-lottery.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.214.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bcfe0257d4e47b7d72b0a493ff05b905adf0a2296c008f2d25ec411e939e779

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2019 14:46:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5e148c006a6e3317-CDG
content-length: 34417
cf-request-id: 05c0b5d442000033174e08d200000001
expires: Tue, 12 Oct 2021 23:19:38 GMT

GET
H2 200 RoyalPanda.jpg
www.rupeecasinos.in/wp-content/uploads/2019/09/ Frame C5CA 13 KB
13 KB 1443ms
344ms Image
image/jpeg 116.12.50.155
USONYX-AS-AP USON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rupeecasinos.in/wp-content/uploads/2019/09/RoyalPanda.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.12.50.155 , Singapore, ASN38532 (USONYX-AS-AP USONYX PTE LTD, SG),

Reverse DNS

mail.rupeecasinos.in

Software

nginx/1.10.3 /

Resource Hash

9b13a5fa1e4e2ea61b40604073e0aa393f4c49aa2a5a46f069fad97fe01440b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:39 GMT
last-modified: Sat, 14 Sep 2019 11:24:37 GMT
server: nginx/1.10.3
etag: "5d7ccdf5-3481"
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 13441

GET
H2 200 royal-panda-homepage.jpg
www.scams.info/gallery/big/ Frame C5CA 163 KB
164 KB 114ms
35ms Image
image/webp 185.127.16.115
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scams.info/gallery/big/royal-panda-homepage.jpg
Requested by: Host: www.lootkro.com
URL: http://www.lootkro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.127.16.115 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Apache /
Resource Hash: 3a0fc819c01d42ffc550ad7b1718c1caf4bc15e8fd9164108b6fb282bbd8a599

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 13:57:57 GMT
server: Apache
vary: Accept,Accept-Encoding,User-Agent
content-type: image/webp
status: 200
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 panda-animated-png-3.png
pngimage.net/wp-content/uploads/2019/05/ Frame C5CA 205 KB
206 KB 112ms
84ms Image
image/png 2606:4700:3032::6812:2d38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pngimage.net/wp-content/uploads/2019/05/panda-animated-png-3.png
Requested by: Host: www.lootkro.com
URL: http://www.lootkro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:2d38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f1651f6d0ebca7b225cde5ab7abc410d115ef98c48d31f413ee93ed9924155

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 210181
cf-request-id: 05c0b5d4580000c295ac15b200000001
last-modified: Fri, 19 Jun 2020 23:15:03 GMT
server: cloudflare
etag: "33505-5a878101e83d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e148c008d03c295-FRA

GET
H2 200 trophy.png
www.bookmakers.bet/assets/img/ Frame C5CA 1 KB
2 KB 48ms
11ms Image
image/png 2606:4700:20::681a:80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookmakers.bet/assets/img/trophy.png
Requested by: Host: www.lootkro.com
URL: http://www.lootkro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1154a61084d744d75794e82653247e76e56385718cf2deea9df405c0560cd11b

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 443020
cf-polished: origSize=1507
status: 200
content-length: 1209
cf-request-id: 05c0b5d461000005e9d7131200000001
pragma: public
referrer-policy
last-modified: Thu, 12 Sep 2019 13:41:34 GMT
server: cloudflare
etag: "5e3-5925b4bc719e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Sun, 06 Dec 2020 20:15:59 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5e148c009e9805e9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 dragonclubcasino300x150-300x150.jpg
casino.help/wp-content/uploads/2019/03/ Frame C5CA 6 KB
6 KB 139ms
97ms Image
image/jpeg 2606:4700:20::681a:483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casino.help/wp-content/uploads/2019/03/dragonclubcasino300x150-300x150.jpg
Requested by: Host: www.lootkro.com
URL: http://www.lootkro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64bb93e560b60dbebc22555eeed65f28876300dccfa66d632c1e5f8c0090941

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 5923
cf-request-id: 05c0b5d46e00002bcaad99d200000001
last-modified: Mon, 04 Mar 2019 05:30:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 5e148c00b92e2bca-FRA
expires: Tue, 09 Feb 2021 23:19:38 GMT

GET
H2 200 Dragon-Club-bonus.png
2.bp.blogspot.com/-P3DXPfOWrmc/XJvJzpbswMI/AAAAAAAACzQ/B6g5ha9phS4DyEHlHAxnZahByVYz52CAwCLcBGAs/s320/ Frame C5CA 61 KB
62 KB 45ms
22ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-P3DXPfOWrmc/XJvJzpbswMI/AAAAAAAACzQ/B6g5ha9phS4DyEHlHAxnZahByVYz52CAwCLcBGAs/s320/Dragon-Club-bonus.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa6d432005dd36b0daf63ae4ba1cd3bb8c97ae3fa6de467aa536f885585873ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Dragon-Club-bonus.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62914
x-xss-protection: 0
server: fife
etag: "vb36"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Oct 2020 23:19:38 GMT

GET
H2

200

02-account-types.png
www.expertinvestor.net/images/ Frame C5CA
Redirect Chain

https://www.binaryoptionsexpert.net/images/02-account-types.png
https://www.expertinvestor.net/images/02-account-types.png

71 KB
72 KB

25ms
19ms

Image
image/png

2606:4700:20::681a:774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expertinvestor.net/images/02-account-types.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:774 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

e01a795042b1bf429c1c040e34a8e346f79a0728d9f0d3dc2ac01a62613e522e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44520
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72837
cf-request-id: 05c0b5d4bf00000614be8af200000001
pragma: public
last-modified: Thu, 05 Dec 2019 12:54:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11c85-598f46eba307d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
expires: Tue, 12 Oct 2021 10:57:38 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 5e148c013bdc0614-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.expertinvestor.net/images/02-account-types.png
cache-control: max-age=86400
cf-ray: 5e148c00a9fd1752-FRA
cf-request-id: 05c0b5d468000017521f33b200000001

GET
H2

200

05-mobile-trading.png
www.expertinvestor.net/images/ Frame C5CA
Redirect Chain

https://www.binaryoptionsexpert.net/images/05-mobile-trading.png
https://www.expertinvestor.net/images/05-mobile-trading.png

56 KB
56 KB

69ms
38ms

Image
image/png

2606:4700:20::681a:774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expertinvestor.net/images/05-mobile-trading.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:774 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

be6339aaf7f760ac0e95f20864fd0c6e01eed2af3a4d149af785f282ef767441

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57462
cf-request-id: 05c0b5d4bf00000614be8ad200000001
pragma: public
last-modified: Thu, 05 Dec 2019 12:54:40 GMT
server: cloudflare
etag: "e076-598f46ebe692f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e148c013bd80614-FRA
expires: Tue, 12 Oct 2021 23:19:38 GMT

Redirect headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.expertinvestor.net/images/05-mobile-trading.png
cache-control: max-age=86400
cf-ray: 5e148c00a9fe1752-FRA
cf-request-id: 05c0b5d468000017521f33c200000001

GET
H2

200

06-deposits.png
www.expertinvestor.net/images/ Frame C5CA
Redirect Chain

https://www.binaryoptionsexpert.net/images/06-deposits.png
https://www.expertinvestor.net/images/06-deposits.png

67 KB
67 KB

74ms
43ms

Image
image/png

2606:4700:20::681a:774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expertinvestor.net/images/06-deposits.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:774 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

7cc6e9ac14bf39973feacc047629c20957550b6250480349e7a968614e6b46c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68374
cf-request-id: 05c0b5d4bf00000614be8ae200000001
pragma: public
last-modified: Thu, 05 Dec 2019 12:54:41 GMT
server: cloudflare
etag: "10b16-598f46ec009d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e148c013bdb0614-FRA
expires: Tue, 12 Oct 2021 23:19:38 GMT

Redirect headers

date: Mon, 12 Oct 2020 23:19:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602544778"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.expertinvestor.net/images/06-deposits.png
cache-control: max-age=86400
cf-ray: 5e148c00ba041752-FRA
cf-request-id: 05c0b5d46e000017521f33d200000001

GET
H2 200 powerball.PNG
1.bp.blogspot.com/-czEyEqW0V-E/XgBPFnjbUXI/AAAAAAAAB8Y/wOdAxLVftNElQv4INcyONw671OqTjMidwCLcBGAsYHQ/s72-c/ Frame C5CA 10 KB
10 KB 177ms
176ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-czEyEqW0V-E/XgBPFnjbUXI/AAAAAAAAB8Y/wOdAxLVftNElQv4INcyONw671OqTjMidwCLcBGAsYHQ/s72-c/powerball.PNG

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

028b4e2eebb4370094ec1e823a601cb602589d2d8c6cddc5197eedf2c2b8f035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="powerball.PNG"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9746
x-xss-protection: 0
server: fife
etag: "v7c7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Oct 2020 06:43:26 GMT

GET
H2 200 images.png
1.bp.blogspot.com/-auz1-Wa5xAI/Xj68_JS8wHI/AAAAAAAACF0/NNkRUaMTHgI5YecqdVAvmbRGqTFBTCZJwCLcBGAsYHQ/s72-c/ Frame C5CA 2 KB
3 KB 166ms
165ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-auz1-Wa5xAI/Xj68_JS8wHI/AAAAAAAACF0/NNkRUaMTHgI5YecqdVAvmbRGqTFBTCZJwCLcBGAsYHQ/s72-c/images.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0185c733eac59d09449a925f5710c758279c6a20e2e9fd81eac6b0f02055df43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="images.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2210
x-xss-protection: 0
server: fife
etag: "v85e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Oct 2020 06:43:25 GMT

GET
H2 200 Screenshot_20191025-090636576_1.jpg
1.bp.blogspot.com/-zfKYHQJWaSg/XbJt67obR0I/AAAAAAAAB4Y/3bajhSyEsiIGJsyCKwoTtrPYpTTc5IP1QCLcBGAsYHQ/s72-c/ Frame C5CA 3 KB
3 KB 167ms
166ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zfKYHQJWaSg/XbJt67obR0I/AAAAAAAAB4Y/3bajhSyEsiIGJsyCKwoTtrPYpTTc5IP1QCLcBGAsYHQ/s72-c/Screenshot_20191025-090636576_1.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

933d11a6925f99f66c61c199dfd06a565cbf619e06a933e9ce8abf3edddfc6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="Screenshot_20191025-090636576_1.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2700
x-xss-protection: 0
server: fife
etag: "v787"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Oct 2020 06:43:25 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ Frame C5CA 475 B
611 B 7ms
5ms Image
image/png 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 09:17:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Oct 2020 07:28:59 GMT
server: sffe
age: 223337
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 17 Oct 2020 09:17:21 GMT

GET
H/1.1 200
OK your-survey.jpg
1.bp.blogspot.com/--Q5HfAPucw0/XZXTvKn1wxI/AAAAAAAAB2Y/wSKz66SllqUbOb1Pijc4D0Z-DJbytxaSACK4BGAYYCw/s1600/ Frame C5CA 43 KB
44 KB 27ms
22ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/--Q5HfAPucw0/XZXTvKn1wxI/AAAAAAAAB2Y/wSKz66SllqUbOb1Pijc4D0Z-DJbytxaSACK4BGAYYCw/s1600/your-survey.jpg

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc374c3e77578f49426d11cb711362bfbc54e5b8ccf591ab6b0eadd5e54adabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v767"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="your-survey.jpg"
Timing-Allow-Origin: *
Content-Length: 44145
X-XSS-Protection: 0
Expires: Tue, 13 Oct 2020 06:43:27 GMT

GET
H/1.1 200
OK Capture.PNG
4.bp.blogspot.com/-6trxU39HUNA/XYnfVRuT-5I/AAAAAAAAB1I/ZJC_qAiCiVkPU0C78Jlsllmf6wM6vHHBwCK4BGAYYCw/s1600/ Frame C5CA 42 KB
42 KB 156ms
151ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-6trxU39HUNA/XYnfVRuT-5I/AAAAAAAAB1I/ZJC_qAiCiVkPU0C78Jlsllmf6wM6vHHBwCK4BGAYYCw/s1600/Capture.PNG

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f83aabb4fa2e12680378f5df479f09361ce60e5f7a6c2db3b8e6e6e41ffcd9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v753"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Capture.PNG"
Timing-Allow-Origin: *
Content-Length: 42942
X-XSS-Protection: 0
Expires: Tue, 13 Oct 2020 23:19:38 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.lootkro.com/js/ Frame C5CA 6 KB
2 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.lootkro.com/js/cookienotice.js

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 12 Oct 2020 21:43:53 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Mon, 19 Oct 2020 23:19:38 GMT

GET
H3-Q050 200 389203291-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame C5CA 141 KB
51 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/389203291-widgets.js

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

042f1d54d51bacb058d5fe1c0b55cdd493f90d09d9f32164f9e9bc66e6a8c0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 11:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Oct 2020 20:37:02 GMT
server: sffe
age: 214884
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52258
x-xss-protection: 0
expires: Sun, 10 Oct 2021 11:38:14 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ Frame C5CA 1 B
46 B 203ms
202ms Stylesheet
text/css 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8719298817563451908&zx=a3a701e0-e218-40d5-a92d-5021182587d9

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 12 Oct 2020 23:19:38 GMT
server: GSE
date: Mon, 12 Oct 2020 23:19:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C5CA 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.lootkro.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Oct 2020 23:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C5CA 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lootkro.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Oct 2020 23:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 030F 0
0 25ms
25ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3329281371546988&output=html&adk=1812271804&adf=3279755397&plat=1%3A33288%2C2%3A33288%2C8%3A512%2C9%3A33288%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Flootkro.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602544778169&bpp=55&bdt=54&idt=200&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=266767054139&frm=24&ife=1&pv=2&ga_vid=985202997.1602544778&ga_sid=1602544778&ga_hid=86550297&ga_fc=0&iag=3&icsg=2602&nhd=1&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2932455045&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=1158712466126637&pem=488&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=0.mncrsw894wt3&fsb=1&dtd=219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3329281371546988&output=html&adk=1812271804&adf=3279755397&plat=1%3A33288%2C2%3A33288%2C8%3A512%2C9%3A33288%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Flootkro.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602544778169&bpp=55&bdt=54&idt=200&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=266767054139&frm=24&ife=1&pv=2&ga_vid=985202997.1602544778&ga_sid=1602544778&ga_hid=86550297&ga_fc=0&iag=3&icsg=2602&nhd=1&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2932455045&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=1158712466126637&pem=488&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=0.mncrsw894wt3&fsb=1&dtd=219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.lootkro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.lootkro.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 12 Oct 2020 23:19:38 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Oct-2020 23:34:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Oct 2020 23:19:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5CA 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602502693699453"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Mon, 12 Oct 2020 23:19:38 GMT

GET
H/1.1 200
OK search-icon.png
2.bp.blogspot.com/-cQ_qKGRdwbI/VNWHtg-F-gI/AAAAAAAAPjs/VU_SExH25bk/s1600/ Frame C5CA 543 B
1001 B 30ms
22ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-cQ_qKGRdwbI/VNWHtg-F-gI/AAAAAAAAPjs/VU_SExH25bk/s1600/search-icon.png

Requested by

Host: www.lootkro.com
URL: http://www.lootkro.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcb201928670dfd9e1879351a64cb2166faee9890d69f49f6748f917782d3bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v3e3d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search-icon.png"
Timing-Allow-Origin: *
Content-Length: 543
X-XSS-Protection: 0
Expires: Fri, 25 Sep 2020 12:49:43 GMT

GET
H/1.1 200
OK stats Show response
www.lootkro.com/b/ Frame C5CA 406 B
549 B 195ms
195ms XHR
text/html 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.lootkro.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCU7xgPIluoREJcSd0nDXWfaFx2cy9_fgbsdl6KhSa44Q58He5_7njdW2KS-QhThAbvWsEfXgoFBU7ZOwvjPv1__HKqfw

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/389203291-widgets.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa094431e56d5e4e8382af881e2e480e674973fd63d477fae5c0b8a23603b73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 12 Oct 2020 23:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 254
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Oct 2020 23:19:38 GMT

GET
H3-Q050 200 stats-flipper.png
www.blogger.com/img/widgets/ Frame C5CA 233 B
359 B 6ms
6ms Image
image/png 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/widgets/stats-flipper.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/14020288-widget_css_bundle.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/static/v1/widgets/14020288-widget_css_bundle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 08:59:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 07:18:24 GMT
server: sffe
age: 224394
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
expires: Sat, 17 Oct 2020 08:59:44 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C5CA 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac18a71b30822cff48bd45a952f0224608208a7fe4eda6a5be452c76d44eae89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Oct 2020 23:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6554
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C5CA 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 23:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Mon, 12 Oct 2020 23:19:40 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 0405 0
0 27ms
13ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.lootkro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.lootkro.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 12 Oct 2020 20:04:38 GMT
expires: Tue, 12 Oct 2021 20:04:38 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11702
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5CA 0
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201007&jk=1158712466126637&bg=!R0SlRGTNAAWqWepuqlgjxz00yhTVvQIAAABCUgAAAAsKAepyVqcqiylDL-NjZP6VREv15fo5S0va9pYSDBKp6cOtqJBhfecoVF0AK3j6kirepUHqdET8vxGkzlNplm4LZq9io1rKH6LYfVPd_irial9i6p8XFOXzMwZXY-RXnwfOR4j5U5Z4m-1tbFKHYvfK4PIfKMUxKzV6HzCJ907clkC4nikwumGw-c_wk2jf2Jg0BQv2uKA-oJi8FkaS18TiKa-yOzXXKcDEIQtFQZZvotEP55x9vULBgBltdNSdvl_LofBhYjxIraCmF6GRBe1VP9rpu_ntBkco5FGoG_4N5bU93fCNKhJgqt6Dviqa8VMTZAuxpisH6Ljxi4IafxRXq35sNU5enO2wJMZP01uTaBAOTlzw7zycVDvBnfm69fl7YeedubGvCIm3W-ZM3XVRnzk-ZGkwVc4P-4nuhWUl-fi6fzQw3K8oE05W9aNrWWOTQvQYX7aQBKYVPmc1QpwJMNMkoG8rD9pfbj2UuCPtAA5Bxo1a9xPZl6mEVUN7UaHfXU481ZDjnfhrzPTHkHoi_AwTH-ynSqmwjY86QZaT6kmmzB0si5VSYE3VDwMczIrqA6l7HAGCdauAepjlBtfRD5jvbo0xCHsI6WcRoRaiMjxbtMkgWkQxse76Tlw6NuuTLMfzhHtaH9U51qWWmQG7JJDpl0Lu3avF0rIsVQaOaBP6UGRSnWFjJubY8SpiBqXyuGfiOT4Vv8IYbL1dOyjEf1pETYKsxF5PIC26WaumcZojPdTVXtv9FPEcOUpbIFqa5XqyIdRZxNDIOb9WrAkyuSYFMdbfK0R4jV6UtH6RcxesTaI4_tEYO3jrvgIYp-K9BAPfZNiTDzWHANxEIaD0GzL1PPI7Cyhg0WvI0j9r7f3mK7734ToFQuaadr7AECYY6gzdTTsdU5A8_rO0eTwydlO1LYFi_kH2pp2oe3Fn4idjlul2SmURI3vdTta2i8BkbcsXA3ZCv6LHLRDXh7axK7asVf7ik51vmIJNNSgu6AXDbP3nP9kTAJzmGO7MmYLDF7rVgKDxNDJOwFwABdqBd_0e2psadlzjHTn-dx9nff4cqOyYXpnztMJKP41vdIcttosE1ffEYf-YwRcxsqpshX_4YRWRVvL8R1DWz4nvzcwr-yBtAKoFSjIKhtOkOTam70BvBlaLeiDCKdwX73M6ZQ-Y-YKsiz1rU0FUGqRP3g7XUsnuGiFWjvMdsXvobyXl30ngWeXUlHbKr2qZs3G0vbHfcw8u3EHgZAc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lootkro.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Oct 2020 23:19:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 13:09:05	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
casino.help
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img2.blogblog.com
lootkro.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pngimage.net
resources.blogblog.com
tpc.googlesyndication.com
www.binaryoptionsexpert.net
www.blogger.com
www.bookmakers.bet
www.expertinvestor.net
www.googletagservices.com
www.lootkro.com
www.lottoland.com
www.rupeecasinos.in
www.scams.info
104.17.214.185
116.12.50.155
184.168.131.241
185.127.16.115
2001:4de0:ac19::1:b:2b
2606:4700:20::681a:483
2606:4700:20::681a:774
2606:4700:20::681a:80c
2606:4700:3032::6812:2d38
2606:4700:3037::ac43:8f26
2a00:1450:4001:806::2001
2a00:1450:4001:816::2003
2a00:1450:4001:817::2009
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:81d::2013
2a00:1450:4001:821::2002
2a00:1450:4001:824::200a
2a00:1450:4001:825::2009
0185c733eac59d09449a925f5710c758279c6a20e2e9fd81eac6b0f02055df43
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
028b4e2eebb4370094ec1e823a601cb602589d2d8c6cddc5197eedf2c2b8f035
042f1d54d51bacb058d5fe1c0b55cdd493f90d09d9f32164f9e9bc66e6a8c0f6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1154a61084d744d75794e82653247e76e56385718cf2deea9df405c0560cd11b
21ef9469baae4f8d7e2fc47cc56a1d6ffca160b4840a64268a303188440e1bb6
2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
31bf41181fc432d5d2f02b06cf5fdd06f69d4652f575d746a59659720728c76a
37dbd4f31c2591ff5b418d322ea6495c7448ea7f7a10b14d2c7cc7285b132517
3a0fc819c01d42ffc550ad7b1718c1caf4bc15e8fd9164108b6fb282bbd8a599
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
4ccccf096dadd2600e8cf24ac8eda2ae6e7a4444cf8998bc486f36fbfd28e603
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5b8a4767173090229cb7433e990110819a1d34f01cf38747b515b2e0ebdf279a
607974e31ad67a1d71fd50dffaff14c2450d90cf88cb9ac8c145cbc4be15e61f
72e3017ebc2881b4c6a5c9f93d354bf014b0e55c1b400b8491f0db650f792840
75d32907f51484b342fc77d28176194a335916ae8e74fa9d1eb22759e797c9f8
7cc6e9ac14bf39973feacc047629c20957550b6250480349e7a968614e6b46c3
878965d1c7b360c6ea695d93f34eb9c22ba4748bbe931ed501af0043ac1e00c2
8bcfe0257d4e47b7d72b0a493ff05b905adf0a2296c008f2d25ec411e939e779
933d11a6925f99f66c61c199dfd06a565cbf619e06a933e9ce8abf3edddfc6ee
96f1651f6d0ebca7b225cde5ab7abc410d115ef98c48d31f413ee93ed9924155
9b13a5fa1e4e2ea61b40604073e0aa393f4c49aa2a5a46f069fad97fe01440b8
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a64bb93e560b60dbebc22555eeed65f28876300dccfa66d632c1e5f8c0090941
aa094431e56d5e4e8382af881e2e480e674973fd63d477fae5c0b8a23603b73f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac18a71b30822cff48bd45a952f0224608208a7fe4eda6a5be452c76d44eae89
bcb201928670dfd9e1879351a64cb2166faee9890d69f49f6748f917782d3bbb
be6339aaf7f760ac0e95f20864fd0c6e01eed2af3a4d149af785f282ef767441
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0
cc374c3e77578f49426d11cb711362bfbc54e5b8ccf591ab6b0eadd5e54adabb
d01c5c382d07cb0b44350b69af85f8a9be26482be7fe49e9725629b18f763529
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d6af5f96efe1e82c7fa15953cc445278d2580d555ba02253de5a5d12a34f2a59
e01a795042b1bf429c1c040e34a8e346f79a0728d9f0d3dc2ac01a62613e522e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14b624733ebcb699aa82089eb6390c28e5168b668436b1c146f09a7162f68f3
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
f75add04ff5e5ceef170fb50da26ca488dd0bd6be31c2aa3dc5326a4257feca1
f83aabb4fa2e12680378f5df479f09361ce60e5f7a6c2db3b8e6e6e41ffcd9f8
fa6d432005dd36b0daf63ae4ba1cd3bb8c97ae3fa6de467aa536f885585873ce

lootkro.com Open in urlscan Pro 184.168.131.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

73 %HTTPS

81 %IPv6

20 Domains

27 Subdomains

20 IPs

5 Countries

1593 kBTransfer

2206 kBSize

1 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

lootkro.com Open in urlscan Pro
184.168.131.241 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

73 %
HTTPS

81 %
IPv6

20
Domains

27
Subdomains

20
IPs

5
Countries

1593 kB
Transfer

2206 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions