urlscan.io logo urlscan.io
SecurityTrails logo

lootlinks.co Open in urlscan Pro
172.67.193.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://lootlinks.co/s?cpRk
Submission: On November 24 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 172.67.193.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is lootlinks.co.
TLS certificate: Issued by GTS CA 1P5 on October 16th 2023. Valid for: 3 months.
This is the only time lootlinks.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.193.217 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.213.174 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.159.130.233 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
12 10
2    172.67.193.217 (United States)

ASN13335 (CLOUDFLARENET, US)
lootlinks.co
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223f:4e00:15:ee46:7700:21 (United States)

ASN16509 (AMAZON-02, US)
d1appgm50chwbg.cloudfront.net
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    172.67.213.174 (United States)

ASN13335 (CLOUDFLARENET, US)
onasider.top
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    162.159.130.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
1    2600:9000:223e:3800:a:3cd2:30c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
94 KB
2 onasider.top
onasider.top — Cisco Umbrella Rank: 492738
962 B
2 gstatic.com
fonts.gstatic.com
36 KB
2 cloudfront.net
d1appgm50chwbg.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
3 KB
2 lootlinks.co
lootlinks.co
99 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2888
22 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
52 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
12 8
Domain Requested by
2 unpkg.com 1 redirects
2 onasider.top lootlinks.co
2 fonts.gstatic.com fonts.googleapis.com
2 lootlinks.co lootlinks.co
1 d1wzdj81h1hubn.cloudfront.net
1 cdn.discordapp.com
1 pagead2.googlesyndication.com lootlinks.co
1 d1appgm50chwbg.cloudfront.net lootlinks.co
1 fonts.googleapis.com lootlinks.co
12 9

This site contains links to these domains. Also see Links.

Domain
tiktok.com
youtube.com
twitter.com
galaxyswapperv2.com
lootlabs.gg
Subject Issuer Validity Valid
lootlinks.co
GTS CA 1P5		 2023-10-16 -
2024-01-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
onasider.top
E1		 2023-11-12 -
2024-02-10		 3 months crt.sh
discordapp.com
Cloudflare Inc ECC CA-3		 2023-10-20 -
2024-10-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lootlinks.co/s?cpRk
Frame ID: 5306B69D0FF6375904E9E620CB7640BA
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Galaxy Swapper v2 | In Game

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

12
Requests

92 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

307 kB
Transfer

751 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
lootlinks.co/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootlinks.co/s?cpRk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66835f982f6f3c742217941cdb4fcaff78ac9fafee0ffc135de9cbcbb91523ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82b266a2fc963735-FRA
content-encoding
br
content-type
text/html
date
Fri, 24 Nov 2023 14:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FJkfL9VrvtWTGgaRRtoMoTkabJGNlTELUK4O%2BBMv5HGp5tC3KQPdOX0wXOAfiNYxsS66XC4nJqVZ0nIp3tYCKG0Ew1xDAIne0%2Bxo%2BB5kslG4X%2FquPviZhiak%2FbbUXg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: lootlinks.co
URL: https://lootlinks.co/s?cpRk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7385bd67584b169b2c4af8e2ff3685d12ed3d10a9e14787f318d7851129da06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 14:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 13:38:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 14:39:22 GMT
1.js
lootlinks.co/ 		155 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootlinks.co/1.js
Requested by
Host: lootlinks.co
URL: https://lootlinks.co/s?cpRk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211410daf6935c3db179c9e9c08a1a11aaeaa0903f38159e4c861b22e5d3f6c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/s?cpRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:39:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Nov 2023 07:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5895
etag
W/"656049f0-26b89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pfRAXTM%2FFXNLJFy8J93xL9%2BF2vpvYYd0Wwu2BRHMkT91Tp7ATblPsYJQ%2FplgMM%2Fxkb65TZcPGU1h9dSW099VOrkAgpJclyXPweGYCC1DfSXoUa14DyePTchz6JcYA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82b266a50f803735-FRA
alt-svc
h3=":443"; ma=86400
/
d1appgm50chwbg.cloudfront.net/ 		525 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1appgm50chwbg.cloudfront.net/?tid=993763&params_only=1
Requested by
Host: lootlinks.co
URL: https://lootlinks.co/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:15:ee46:7700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2232bb043fbf2051dbc9c191168f3f81bc080cc9a05733c99c682748fcde6091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 14:39:22 GMT
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
https://lootlinks.co
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
331
x-amz-cf-id
uDqm6VG9yb98DS7RTmLrz16k2wLEQmgpEK7-HjxdCk1N_LQB8fDBsg==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootlinks.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:10:42 GMT
x-content-type-options
nosniff
age
592120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:10:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lootlinks.co
URL: https://lootlinks.co/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdd9377cde5c7effcf93c04f65a1bed0499b120a9380134af1a8c9609b4c69a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:39:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52684
x-xss-protection
0
server
cafe
etag
17466226088766664487
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 14:39:22 GMT
tc
onasider.top/ 		541 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onasider.top/tc
Requested by
Host: lootlinks.co
URL: https://lootlinks.co/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aca101a8c214e1ab8618e31e99daa4689e31d69854d3d2e11dea46d6a47142a

Request headers

Referer
https://lootlinks.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 14:39:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rnEmgOuceIoPmVzOOC433tQ6hwQl0QnwdCewiM75XtqimBFpe9tGV83md1v18HZNGrzDQfq1gfQGHfWFh5SD1aoZNMEwcqXkwF3RtSRPY8E5PoVCFh4aa%2Bh%2BFXjwaU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootlinks.co
content-type
application/json
access-control-allow-credentials
true
cf-ray
82b266a81af239ce-FRA
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc
h3=":443"; ma=86400
tc
onasider.top/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onasider.top/tc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lootlinks.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootlinks.co
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82b266a6bb9b65ab-FRA
date
Fri, 24 Nov 2023 14:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRXWEz0in80rjsEQpPaCxvSsEwjkRtpW1LuAoWGB9RCggAOZWqspqzqtu8pSuNdle6kBSmZNkRhEHC%2Fzbfc%2FnhyK0FI0I9ULL9LKLbkbwL1%2BJnm6E7ilNxL5rhqJgY4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
359 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:39:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1924016
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE7HEAWWT769MHZP341YCCQW-fra
server
cloudflare
etag
W/"59a07-4AFgJQ3i5PlD1ojTWKqOoTRXKIo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82b266acfbf8367b-FRA

Redirect headers

date
Fri, 24 Nov 2023 14:39:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HG0W69XB7XSWA08Z9GMKKZ3H-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
147
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
82b266acdbc0367b-FRA
ServerLogo.png
cdn.discordapp.com/attachments/1122580592370921494/1131527290401062932/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/1122580592370921494/1131527290401062932/ServerLogo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6e622f31409fa69512e203594d2a6670cd335dcb5f5ad6f0772a5a817ea92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:39:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1064146
alt-svc
h3=":443"; ma=86400
content-length
21232
last-modified
Thu, 20 Jul 2023 10:05:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaCZae3OoizJszTEADZtgTq5Mt%2BlKxjheYWVQk5YRhxWzDh9IkfSaSS0lVy%2BOyPzoye7u%2BIqQhpDQH%2FgBnfgl1gXlItGeShjqlDKbzZt4jldx9urZKMLC3xOX9Ydd9hV24%2BYUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes, bytes
cf-ray
82b266acd9d26ae8-FRA
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 23 Nov 2024 14:39:23 GMT
eye.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/eye.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b953ec39fabb061c05a22bb904d6695b3b6e058f5b72bc98788a70061114c2a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlinks.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:00:52 GMT
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 09:32:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
20312
x-amz-server-side-encryption
AES256
etag
"97e0270a42f9a0bd5c833193a53c5fb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2303
x-amz-cf-id
4HMLi-qXLs990YmbTqlcJypE3DiBV-NImW-OskIpi2iCAx9RRldDyw==
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a9f46789b7a46abcd5c65ed7eccb8234b968cb1c5f5ee662bd5be13b678a6fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09b553621c6fd216ff515d5eb24b92bb61923d118961fb8ad5de6e8fff43ef03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39a2eab430e8620adf34f5e534d989e0a44dd513c16539c2587ddb6c4cf38e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e233d93dfbaf50731131770b781d0269722835c8cf8c2461e41bd7fc6a23674c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootlinks.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:53:42 GMT
x-content-type-options
nosniff
age
38741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:53:42 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| a0_0x4b58 function| a0_0x52568d function| sendRequest function| a0_0x3a6e object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

3 Cookies

Domain/Path Name / Value
onasider.top/ Name: ci
Value: 1243024320179448
.discordapp.com/ Name: __cf_bm
Value: 9OtSMO3eZzMBTNY9.PceXU3YFtuC7yOgGGtRqww63OA-1700836763-0-Ad5SEBbyRZLqqXEYRiLpjN8JFtumr/M+5bsf5GodWl6WC+aFBva1FSeGmHcRsMeyQcanhFVBsJ6Xit6IH00dgXM=
.discordapp.com/ Name: _cfuvid
Value: oQZyZtsSEgTlTqkWwbzZI6Wj.hHvtd3dV9nRxTGr38I-1700836763687-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.discordapp.com
d1appgm50chwbg.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lootlinks.co
onasider.top
pagead2.googlesyndication.com
unpkg.com
162.159.130.233
172.67.193.217
172.67.213.174
2600:9000:223e:3800:a:3cd2:30c0:21
2600:9000:223f:4e00:15:ee46:7700:21
2606:4700::6810:7baf
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:831::200a
09b553621c6fd216ff515d5eb24b92bb61923d118961fb8ad5de6e8fff43ef03
211410daf6935c3db179c9e9c08a1a11aaeaa0903f38159e4c861b22e5d3f6c2
2232bb043fbf2051dbc9c191168f3f81bc080cc9a05733c99c682748fcde6091
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5
66835f982f6f3c742217941cdb4fcaff78ac9fafee0ffc135de9cbcbb91523ac
8a9f46789b7a46abcd5c65ed7eccb8234b968cb1c5f5ee662bd5be13b678a6fc
9aca101a8c214e1ab8618e31e99daa4689e31d69854d3d2e11dea46d6a47142a
9f6e622f31409fa69512e203594d2a6670cd335dcb5f5ad6f0772a5a817ea92e
a39a2eab430e8620adf34f5e534d989e0a44dd513c16539c2587ddb6c4cf38e5
b953ec39fabb061c05a22bb904d6695b3b6e058f5b72bc98788a70061114c2a0
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
e233d93dfbaf50731131770b781d0269722835c8cf8c2461e41bd7fc6a23674c
e7385bd67584b169b2c4af8e2ff3685d12ed3d10a9e14787f318d7851129da06
fdd9377cde5c7effcf93c04f65a1bed0499b120a9380134af1a8c9609b4c69a3