urlscan.io logo urlscan.io
SecurityTrails logo

lootdest.org Open in urlscan Pro
172.67.135.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Submission: On August 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 172.67.135.229, located in United States and belongs to CLOUDFLARENET, US. The main domain is lootdest.org.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.
This is the only time lootdest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.135.229 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:244... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
2 104.21.76.222 13335 (CLOUDFLAR...)
3 2600:9000:20a... 16509 (AMAZON-02)
19 10
3    172.67.135.229 (United States)

ASN13335 (CLOUDFLARENET, US)
lootdest.org
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2449:de00:19:d10:db80:21 (United States)

ASN16509 (AMAZON-02, US)
d2uu46itxfd65q.cloudfront.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.taboola.com
2    104.21.76.222 (None, )

ASN13335 (CLOUDFLARENET, US)
eiwouldlikuk.com
3    2600:9000:20ab:4200:a:3cd2:30c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
151 KB
4 cloudfront.net
d2uu46itxfd65q.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
968 KB
3 lootdest.org
lootdest.org
182 KB
2 eiwouldlikuk.com
eiwouldlikuk.com
993 B
2 gstatic.com
fonts.gstatic.com
35 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 taboola.com
api.taboola.com — Cisco Umbrella Rank: 4349
750 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
51 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
7 KB
19 9
Domain Requested by
5 unpkg.com 2 redirects lootdest.org
unpkg.com
3 d1wzdj81h1hubn.cloudfront.net
3 lootdest.org lootdest.org
2 eiwouldlikuk.com lootdest.org
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com lootdest.org
1 api.taboola.com lootdest.org
1 pagead2.googlesyndication.com lootdest.org
1 d2uu46itxfd65q.cloudfront.net lootdest.org
1 cdn.jsdelivr.net lootdest.org
19 10

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
lootdest.org
WE1		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
eiwouldlikuk.com
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Frame ID: 8C09779DAFD6833B69A1B6AF45799282
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Double Counter Verification

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

89 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

1397 kB
Transfer

1974 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.43/dist/detect-gpu.umd.js
Request Chain 14
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
lootdest.org/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a14905c3fee0eaa4eb84f5673a97660d9e1c979de396b401548f1f3e6b45cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b2a25a49cd61e5a-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 16:40:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQ4BzyC7Qg8fSZsut2CdVhRMYgz1lqmhNmhO9BcCqeO%2Frv86gmhXrbz5dzZfrtauquexGrjkrYeYEp3f15yf3Qm%2FkiXFKSvDRsrdBJLfQJjHwgL5oQ1%2BN4t2RblMwe8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8732985
x-jsd-version
6.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6589
x-served-by
cache-fra-eddf8230078-FRA, cache-lga21936-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnViqkS%2BcAjLGtPyiwDjZaOtlbcDn2qahVE6lpbLZIy52aJ4HMqvWA9zO3AFFU%2Bl%2FBR3qBe1Q8UuqRw%2FRgtYTCYUwQpARxPn%2FFXP5Ot%2FEK9KKuY5%2BjZfPMLPM6TbZ51KuhfHf40w6Ib%2FMITjN%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b2a25a708ec18d1-FRA
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.43/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.43/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.43/dist/detect-gpu.umd.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e441d8baeef58e1e65be7bc2e72f3c10463bbd70702966924466fcaf3463a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
229000
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4ZFD0BCHM28RECMZQM6F6K9-fra
server
cloudflare
etag
"25c3-Ti/MzrsjkSxeP4Hkc2M7cO1JdMI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b2a25a71f7f8c46-FRA

Redirect headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J569AZ2W74RA91VFENBP21NV-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
477
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/detect-gpu@5.0.43/dist/detect-gpu.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8b2a25a6cf118c46-FRA
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 16:24:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Aug 2024 16:40:28 GMT
5.js
lootdest.org/ 		343 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/5.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1450090dcb4f005d1f7f807642508e9ebec0b6e48c28aa15a8a59eca6801bbd

Request headers

Referer
https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 14:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5318
etag
W/"66bb66e0-55ad2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Sq0HCQrD7PS1WpT2GLhcyqSF7WnZAIGcYMdsn%2FIu2z%2BGYrDn2ggisWV34sJPbM7bgCIc2wu1MoKbRSg63XI7I4FtR1EYrk0rHwcug7IlBvEB%2FHSJJfRiiX%2B6H0foJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b2a25a6e83b1e5a-FRA
alt-svc
h3=":443"; ma=86400
/
d2uu46itxfd65q.cloudfront.net/ 		630 B
766 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2uu46itxfd65q.cloudfront.net/?tid=1060694&params_only=1
Requested by
Host: lootdest.org
URL: https://lootdest.org/5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:de00:19:d10:db80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
011935a84963833015922e759932af4c4cf1a57718d734e5afb41893a4224660

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 16:22:29 GMT
content-encoding
gzip
via
1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
1079
x-cache
Hit from cloudfront
access-control-allow-origin
https://lootdest.org
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
382
x-amz-cf-id
jSIsChfyo9vvZjj6F1OqhA5zSE18ZQ3vpVWjua8dE9RBlZfy88WfqA==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootdest.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:15:35 GMT
x-content-type-options
nosniff
age
8693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:15:35 GMT
css2
fonts.googleapis.com/ 		2 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Exo+2:wght@700&display=swap
Requested by
Host: lootdest.org
URL: https://lootdest.org/5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f2dbb24fd5349af1cf74c7568ef1049cf6b990da1728a0822d8d40b438ce90f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 16:36:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Aug 2024 16:40:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f9633b920d89d9ef7dabe567e103cf1ae29f2c7c6f4bee7800cf195b16612355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52609
x-xss-protection
0
server
cafe
etag
15389216316574230121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Aug 2024 16:40:28 GMT
user.sync
api.taboola.com/2.0/json/lootlabs-roblox/ 		83 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by
Host: lootdest.org
URL: https://lootdest.org/5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
43acdbdaf270ad402b901d3119731ad043e9d96b0783cec4b579f37f26fd5c20

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
gzip
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230054-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1723567229.560893,VS0,VE9
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://lootdest.org
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2
fonts.gstatic.com/s/exo2/v21/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b2fea867d4b6f808c3cd40100acd253c89880d256e9bdb45637eb2346ab41de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootdest.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:18:33 GMT
x-content-type-options
nosniff
age
8515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16800
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:31:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:18:33 GMT
favicon.ico
lootdest.org/ 		561 B
565 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

Referer
https://lootdest.org/s?41e6ebbd&data=g6ssgedma%2BtLur0XLOCZKXISwzM00fZUALAxKzx5p8E6/VCTEoOmnFmGVZ53T4Vi
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Flgh9lhHpNPfqEz40%2BcWnW9XnIMKV35TB1i5Cg99SG0wJdL4SoosC97KDiXnX%2BR86tUN3fx7sdIKqniFQr6h3Bs%2B4xBEzEK3maRdC63Pv8uhmurlzEJlTErXhxQ%2FZAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b2a25aade941e5a-FRA
alt-svc
h3=":443"; ma=86400
d-intel.json
unpkg.com/detect-gpu@5.0.43/dist/benchmarks/ 		44 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.43/dist/benchmarks/d-intel.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
becd63abfd12a4f51b40227e4eb7d03812d7fda811bd29804d5b361153448251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:28 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
228829
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4ZFJ7ZHQDABT2VYSZNJJQB7-fra
server
cloudflare
etag
"afc8-vCpmndQyCItOIdnOPOEq/bsKazE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b2a25ab29463a3d-FRA
tc
eiwouldlikuk.com/ 		575 B
993 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eiwouldlikuk.com/tc
Requested by
Host: lootdest.org
URL: https://lootdest.org/5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfff1dfcbc523090941b1d6c1acc93ab81a6b75f5d35e850770a3a6269b200c0

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 16:40:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XVk9I7gwirLVv%2Fr7fzEZVwXTXH4ToOSPIG5AG5of2NXKVFstK3dK7iRb%2B0akHYGew2zzy8YyaC%2BENjUNYrSLSNi0xsPht2Gxqq%2B4YEOcdNGhZfoEvGYS5dMJonQ3rwloFKpQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootdest.org
content-type
application/json
access-control-allow-credentials
true
cf-ray
8b2a25adecf935e4-FRA
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc
h3=":443"; ma=86400
tc
eiwouldlikuk.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eiwouldlikuk.com/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lootdest.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b2a25ac5ee837e9-FRA
date
Tue, 13 Aug 2024 16:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXi4DIJSU%2FclDzL5urkUlB1%2B8VTRgT8m9hXeIla4ybnZmKYwoQILsmnZO1PV6VPaYlMRrs%2FPPvt9Upm4P7gB8RGpdg%2Bnqciwe9QLziZvQH2fwIJU8Bz2KObFUWz%2FJXbN3%2BXM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
371 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 16:40:29 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13223251
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW73W9E5N5JJGB816FPJ1CE-fra
server
cloudflare
etag
"5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b2a25b11ab38c46-FRA

Redirect headers

date
Tue, 13 Aug 2024 16:40:29 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J569HEARH99GHBP28HW2A8KE-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
266
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8b2a25b0ca698c46-FRA
23f3efb5d15b1736.png
d1wzdj81h1hubn.cloudfront.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/23f3efb5d15b1736.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:4200:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a70b8c6c0994b894ade6d0984ac5e50f4464cdc7cf5353336f7f9c9180d674d

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 03:47:07 GMT
via
1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jul 2024 17:36:18 GMT
x-amz-meta-timestamp
2024-07-03T12:10:59.352066
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
46403
x-amz-server-side-encryption
AES256
etag
"eb71225529f68815b34f2d0cd7cb5675"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
24759
x-amz-cf-id
b9QnA41-ozPXaL7a9kWrWvkd0Q4P1JbucoAfC7hxNvdM9zuxCp1rhQ==
7b3b7323bc920649.png
d1wzdj81h1hubn.cloudfront.net/ 		939 KB
940 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/7b3b7323bc920649.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:4200:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b056f5f22659f1512265c9e7e4c936bfa1f72f10fed57e0c74254baf5126218

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 18:52:49 GMT
via
1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2024 07:16:34 GMT
x-amz-meta-timestamp
2024-07-16T04:03:27.180602
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
78461
x-amz-server-side-encryption
AES256
etag
"2f439a8462499e4337920823f2b176a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
961077
x-amz-cf-id
VYcZdI8qKJVWkfQA0sXtSVXBGw5q7mTPtEgrWs5G343LiLM_OxYNSg==
eye.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/eye.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:4200:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b953ec39fabb061c05a22bb904d6695b3b6e058f5b72bc98788a70061114c2a0

Request headers

Referer
https://lootdest.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 10:31:40 GMT
via
1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 09:32:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
22284
x-amz-server-side-encryption
AES256
etag
"97e0270a42f9a0bd5c833193a53c5fb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2303
x-amz-cf-id
7ng7PPuNG5SUAAn7jcrGfwad43jMorkpqGe0tQNcyBQaa785fqO3qw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x34a58e function| sendRequest function| a0_0x5a58 function| a0_0x2be1 object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
eiwouldlikuk.com/ Name: ci
Value: 342803323773984

1 Console Messages

Source Level URL
Text
network error URL: https://lootdest.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d1wzdj81h1hubn.cloudfront.net
d2uu46itxfd65q.cloudfront.net
eiwouldlikuk.com
fonts.googleapis.com
fonts.gstatic.com
lootdest.org
pagead2.googlesyndication.com
unpkg.com
104.21.76.222
142.250.184.226
151.101.1.44
172.67.135.229
2600:9000:20ab:4200:a:3cd2:30c0:21
2600:9000:2449:de00:19:d10:db80:21
2606:4700::6811:f6cb
2606:4700::6812:ba1f
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
011935a84963833015922e759932af4c4cf1a57718d734e5afb41893a4224660
0e441d8baeef58e1e65be7bc2e72f3c10463bbd70702966924466fcaf3463a75
13a14905c3fee0eaa4eb84f5673a97660d9e1c979de396b401548f1f3e6b45cc
1b2fea867d4b6f808c3cd40100acd253c89880d256e9bdb45637eb2346ab41de
2f2dbb24fd5349af1cf74c7568ef1049cf6b990da1728a0822d8d40b438ce90f
3a70b8c6c0994b894ade6d0984ac5e50f4464cdc7cf5353336f7f9c9180d674d
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
43acdbdaf270ad402b901d3119731ad043e9d96b0783cec4b579f37f26fd5c20
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
8b056f5f22659f1512265c9e7e4c936bfa1f72f10fed57e0c74254baf5126218
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
b953ec39fabb061c05a22bb904d6695b3b6e058f5b72bc98788a70061114c2a0
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
becd63abfd12a4f51b40227e4eb7d03812d7fda811bd29804d5b361153448251
c1450090dcb4f005d1f7f807642508e9ebec0b6e48c28aa15a8a59eca6801bbd
cfff1dfcbc523090941b1d6c1acc93ab81a6b75f5d35e850770a3a6269b200c0
f9633b920d89d9ef7dabe567e103cf1ae29f2c7c6f4bee7800cf195b16612355