urlscan.io logo urlscan.io
SecurityTrails logo

loot-link.com Open in urlscan Pro
172.67.134.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://loot-link.com/s?nzFW
Submission: On February 16 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 172.67.134.201, located in United States and belongs to CLOUDFLARENET, US. The main domain is loot-link.com. The Cisco Umbrella rank of the primary domain is 623900.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time loot-link.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    172.67.134.201 (United States)

ASN13335 (CLOUDFLARENET, US)
loot-link.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2404:6800:4004:828::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2066:8a00:0:536:d740:21 (United States)

ASN16509 (AMAZON-02, US)
d2v4wf9my00msd.cloudfront.net
2    2404:6800:4004:80a::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    104.21.23.212 (None, )

ASN13335 (CLOUDFLARENET, US)
onasider.top
2    2600:9000:21b7:9a00:a:3cd2:30c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 931
106 KB
3 cloudfront.net
d2v4wf9my00msd.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
20 KB
2 onasider.top
onasider.top — Cisco Umbrella Rank: 380563
1 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 loot-link.com
loot-link.com — Cisco Umbrella Rank: 623900
210 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
50 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
7 KB
15 8
Domain Requested by
5 unpkg.com 2 redirects loot-link.com
unpkg.com
2 d1wzdj81h1hubn.cloudfront.net
2 onasider.top loot-link.com
2 fonts.gstatic.com fonts.googleapis.com
2 loot-link.com loot-link.com
1 pagead2.googlesyndication.com loot-link.com
1 d2v4wf9my00msd.cloudfront.net loot-link.com
1 fonts.googleapis.com loot-link.com
1 cdn.jsdelivr.net loot-link.com
15 9

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
loot-link.com
GTS CA 1P5		 2024-01-14 -
2024-04-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
onasider.top
E1		 2024-01-10 -
2024-04-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loot-link.com/s?nzFW
Frame ID: 120FF969DCFF4E0485AC3DA32F404DE9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TT8 - MULT - P

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

87 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

431 kB
Transfer

977 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Request Chain 10
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
loot-link.com/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/s?nzFW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fa9fe82db2695aa471f92e3b3f3a7ad88d3c7ce6a01df383bb8871f92c0d2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85632b00f8a81eb3-NRT
content-encoding
br
content-type
text/html
date
Fri, 16 Feb 2024 04:50:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iitt70N2amVcSRPJke7x6nxeXWFVP2lyUvU0XsV%2BhReNJJR9D0QidrBCEnWq7IDON%2BXzI3GJHkrMxvVdEj%2BppajBcMazftfY%2BXS7L%2BhG10k5ZtHOyzLxRPK9GExzTJ7M"}],"group":"cf-nel","max_age":604800}
server
cloudflare
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?nzFW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Feb 2024 04:50:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
2613598
x-jsd-version
6.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6589
x-served-by
cache-fra-eddf8230078-FRA, cache-nrt-rjtf7700041-NRT
x-jsd-version-type
version
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.38/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?nzFW
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 04:50:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1350140
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HNFWD86DFQXXEJT1K6WZZXQB-nrt
server
cloudflare
etag
W/"25aa-yeh624Ry4lNtolY7//6loV1g3kc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85632b08eb1d8a74-NRT

Redirect headers

date
Fri, 16 Feb 2024 04:50:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HPR3J5Z5ACQYYF5V88HHP3DQ-nrt
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
461
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/detect-gpu@5.0.38/dist/detect-gpu.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
85632b08cb038a74-NRT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?nzFW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Feb 2024 04:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 04:36:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Feb 2024 04:50:09 GMT
1.js
loot-link.com/ 		306 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/1.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?nzFW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda62d5098d62946d52a3ae45fa6d1b16a6e0febd411176af5fcea5423dd706f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/s?nzFW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 04:50:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 20:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2665
etag
W/"65ce6d40-4c729"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fktVjfISNxmorxMGIAgYyL4ygnSd1xc67WH7jRRuUDO4Cg%2F8aM%2BKXdRYYo35aPrv0t6Dn%2BZwSh%2FCZze7m6JPv2UIotxIY%2B56CwV7363hGDJ8YTrVEc5BwuYTCL2E2zHC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85632b099eab1eb3-NRT
alt-svc
h3=":443"; ma=86400
/
d2v4wf9my00msd.cloudfront.net/ 		638 B
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2v4wf9my00msd.cloudfront.net/?tid=1011103&params_only=1
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:8a00:0:536:d740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b9c4b0605c6cc9b13b6db22a7fd56e6468f4634b9f847a58fa7911b4a26a3d3a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Feb 2024 04:50:09 GMT
content-encoding
gzip
via
1.1 d59d7d2956e97f3172dac1922167d76a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
x-cache
Miss from cloudfront
access-control-allow-origin
https://loot-link.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
399
x-amz-cf-id
dYQjTLxchLblys8Xp4aLBPKGOXGoR2XVEIisdsO7k_EzWzYTCzbgUw==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:04:14 GMT
x-content-type-options
nosniff
age
38755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 18:04:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a69e152881b2bcc1f9ce7ba0da8bc0928c255d555224586f9f3cdf644ef704a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 04:50:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51027
x-xss-protection
0
server
cafe
etag
13000915904687114795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 16 Feb 2024 04:50:09 GMT
d-intel.json
unpkg.com/detect-gpu@5.0.38/dist/benchmarks/ 		43 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/benchmarks/d-intel.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6283a00844c99fc9d94cf99ffdd0c3392b9be908467fdd80fa2914843fb78564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 04:50:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
121319
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HPMG9X5HRZC8WED3NJDSX80R-nrt
server
cloudflare
etag
W/"aa9e-PItSkECxUbKs93/O0lLbbP8haoo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85632b0acadcdfdd-NRT
tc
onasider.top/ 		697 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onasider.top/tc
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82be1be0b340350c54f744f62fa84d59b87b4b3948f21e6e76501c263a77e377

Request headers

Referer
https://loot-link.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Feb 2024 04:50:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6k%2FOt%2F%2B3cLB%2FjOA0CT91jAIrAqWvyF%2BUJGqFxvKvRmvwHiJbQd9oRS0cUf3VENmwbzD672cbupzJnN3KSbpmejEECjxVFmhpWX6SaX8MGZf%2Fapu8gm2%2BrpY8NLeGSW8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-link.com
content-type
application/json
access-control-allow-credentials
true
cf-ray
85632b0c3f836856-NRT
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc
h3=":443"; ma=86400
tc
onasider.top/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onasider.top/tc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loot-link.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-link.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85632b0b0bd634bd-NRT
date
Fri, 16 Feb 2024 04:50:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVocTCeKRkVhEiSG%2F4YigBFj5NzA%2BsLmHFPnFRmc1gLwcWV3J9labHA19oD7FQ%2BJJJ%2BLu7BpdT7zOOn086d6nXa2sufhC3zP37AVsnclnIDLKGDV8e%2ByMGeA9S%2F6o04%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
371 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 04:50:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2134474
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HMRGD9XR729FXTM75X0RKE3H-nrt
server
cloudflare
etag
W/"5cd3c-gZ8PpSKSbn5Y5KicLgsVGpNROk4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85632b0f3aa08a74-NRT

Redirect headers

date
Fri, 16 Feb 2024 04:50:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HPR3GVWGM8C76WK5ABMBNKT8-nrt
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
505
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
85632b0f1a7b8a74-NRT
1c5825d7c9528a03.png
d1wzdj81h1hubn.cloudfront.net/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/1c5825d7c9528a03.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:9a00:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65a0e6e4f9f2a94d49f4b7261fbaff31f78db688ea87593a27fe65a30ad7e297

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 14:44:03 GMT
via
1.1 822f21db5d3d325e74dba2137f994fd4.cloudfront.net (CloudFront)
last-modified
Mon, 27 Nov 2023 08:12:24 GMT
x-amz-meta-timestamp
2023-11-27T04:03:51.239524
server
AmazonS3
x-amz-cf-pop
NRT57-C4
age
50768
x-amz-server-side-encryption
AES256
etag
"a8d34e41554fbdbfe86c54ed7ac3e307"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15708
x-amz-cf-id
kikDwJl4hwYX9_yQubrMT-c0ZSl3tWU0iyVXZyUbRRW_u5evZisv5Q==
bell.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/bell.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:9a00:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf1bb98b39b4b8716d1bac7cebd1fbff688ece7ea95988b7b385b7cf456784b1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 13:45:48 GMT
via
1.1 822f21db5d3d325e74dba2137f994fd4.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C4
age
54263
etag
"e05b6d8961d5c6cb3f7492e21e366e22"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3177
x-amz-cf-id
jApNzsV3SzcVsZ8SWEQiSf2X31WSbi-_vGJ7LIE70cK4GZx9nMihPg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e233d93dfbaf50731131770b781d0269722835c8cf8c2461e41bd7fc6a23674c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:49:59 GMT
x-content-type-options
nosniff
age
90011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 03:49:59 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x2912e9 function| a0_0xb750 function| a0_0x220d function| sendRequest object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
onasider.top/ Name: ci
Value: 929508077042606

1 Console Messages

Source Level URL
Text
other warning URL: https://loot-link.com/s?nzFW
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d1wzdj81h1hubn.cloudfront.net
d2v4wf9my00msd.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
loot-link.com
onasider.top
pagead2.googlesyndication.com
unpkg.com
104.21.23.212
172.67.134.201
2404:6800:4004:80a::2003
2404:6800:4004:810::2002
2404:6800:4004:828::200a
2600:9000:2066:8a00:0:536:d740:21
2600:9000:21b7:9a00:a:3cd2:30c0:21
2606:4700::6810:7eaf
2a04:4e42:400::485
1a69e152881b2bcc1f9ce7ba0da8bc0928c255d555224586f9f3cdf644ef704a
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
6283a00844c99fc9d94cf99ffdd0c3392b9be908467fdd80fa2914843fb78564
65a0e6e4f9f2a94d49f4b7261fbaff31f78db688ea87593a27fe65a30ad7e297
82be1be0b340350c54f744f62fa84d59b87b4b3948f21e6e76501c263a77e377
98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
b9c4b0605c6cc9b13b6db22a7fd56e6468f4634b9f847a58fa7911b4a26a3d3a
bda62d5098d62946d52a3ae45fa6d1b16a6e0febd411176af5fcea5423dd706f
cf1bb98b39b4b8716d1bac7cebd1fbff688ece7ea95988b7b385b7cf456784b1
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
e233d93dfbaf50731131770b781d0269722835c8cf8c2461e41bd7fc6a23674c
f7fa9fe82db2695aa471f92e3b3f3a7ad88d3c7ce6a01df383bb8871f92c0d2c