urlscan.io logo urlscan.io
SecurityTrails logo

loot-link.com Open in urlscan Pro
172.67.134.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://loot-link.com/s?ufes
Submission: On March 27 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 16 HTTP transactions. The main IP is 172.67.134.201, located in United States and belongs to CLOUDFLARENET, US. The main domain is loot-link.com. The Cisco Umbrella rank of the primary domain is 535303.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.
This is the only time loot-link.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.134.201 13335 (CLOUDFLAR...)
1 151.101.129.229 54113 (FASTLY)
2 5 104.16.126.175 13335 (CLOUDFLAR...)
1 172.253.63.95 15169 (GOOGLE)
1 13.225.189.47 16509 (AMAZON-02)
2 142.251.163.94 15169 (GOOGLE)
1 142.251.163.155 15169 (GOOGLE)
2 104.21.25.241 13335 (CLOUDFLAR...)
2 3.161.210.75 16509 (AMAZON-02)
16 9
3    172.67.134.201 (United States)

ASN13335 (CLOUDFLARENET, US)
loot-link.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    104.16.126.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
1    13.225.189.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-189-47.yul62.r.cloudfront.net
dof9zd9l290mz.cloudfront.net
2    142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
1    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
pagead2.googlesyndication.com
2    104.21.25.241 (None, )

ASN13335 (CLOUDFLARENET, US)
gforanopportu.info
2    3.161.210.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-210-75.yul62.r.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 725
106 KB
3 cloudfront.net
dof9zd9l290mz.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
11 KB
3 loot-link.com
loot-link.com — Cisco Umbrella Rank: 535303
211 KB
2 gforanopportu.info
gforanopportu.info — Cisco Umbrella Rank: 348597
924 B
2 gstatic.com
fonts.gstatic.com
36 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
50 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
7 KB
16 8
Domain Requested by
5 unpkg.com 2 redirects loot-link.com
unpkg.com
3 loot-link.com loot-link.com
2 d1wzdj81h1hubn.cloudfront.net
2 gforanopportu.info loot-link.com
2 fonts.gstatic.com fonts.googleapis.com
1 pagead2.googlesyndication.com loot-link.com
1 dof9zd9l290mz.cloudfront.net loot-link.com
1 fonts.googleapis.com loot-link.com
1 cdn.jsdelivr.net loot-link.com
16 9

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
loot-link.com
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
gforanopportu.info
GTS CA 1P5		 2024-02-28 -
2024-05-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loot-link.com/s?ufes
Frame ID: BFB2F9DAEA3664986BB556A53FAB90F8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox Game

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

422 kB
Transfer

966 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Request Chain 11
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
loot-link.com/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/s?ufes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb82eaf2e5bcb914d6820bcf70974afbdd077acc15bc74102599f5acc1861c85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b2076e994e3701-YYZ
content-encoding
br
content-type
text/html
date
Wed, 27 Mar 2024 20:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGOooodr8eLN0Y0gG9%2BB5qPWqK%2BsUoIQdFeOO3ypKxlL%2B%2FxPAsHt6rqX5YGzE55kzQJjiOwXVJEKsDQz71IWeJI3iaYxEky93YD6qWGc4O73Dhwb39xA5u7jZNU6pA4M"}],"group":"cf-nel","max_age":604800}
server
cloudflare
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?ufes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Mar 2024 20:11:20 GMT
x-content-type-options
nosniff
content-encoding
br
age
661398
x-jsd-version
6.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6589
x-served-by
cache-fra-eddf8230078-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.38/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?ufes
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 20:11:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2422548
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRJ9ER3A5RJBJBNGEHEG4PD-yyz
server
cloudflare
etag
W/"25aa-yeh624Ry4lNtolY7//6loV1g3kc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86b207703b4c36a8-YYZ

Redirect headers

date
Wed, 27 Mar 2024 20:11:20 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HT0R692803FAKXPYAR5X8QEG-yyz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
441
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/detect-gpu@5.0.38/dist/detect-gpu.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
86b2076fda7136a8-YYZ
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?ufes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Mar 2024 20:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 20:06:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Mar 2024 20:11:20 GMT
1.js
loot-link.com/ 		307 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/1.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?ufes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06e223f634b4a24fef8daf688c875c124e0a87c309e0f9fa2342c6122ec71ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/s?ufes
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:11:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2024 18:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4963
etag
W/"66046410-4cac3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEEdvf8pN835TywuFPLdp0ZcHLdAZxrumumC6XT9LpYCwZtdlPfoid0gKpOn%2BrutEn7kahYEWynbt%2BzIP1P%2BgZ6pSiPygQZ5Z1pUIv1J0NlW8CG%2FFw1LfsJthVG5Y35k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86b2076f7ac43701-YYZ
alt-svc
h3=":443"; ma=86400
/
dof9zd9l290mz.cloudfront.net/ 		678 B
792 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dof9zd9l290mz.cloudfront.net/?tid=1022325&params_only=1
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.189.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-189-47.yul62.r.cloudfront.net
Software
/
Resource Hash
ae1bee8b6d811cb997ec080bcb3a9b1b7d850bd5865aedc073eae23e4df06bb5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 20:11:21 GMT
content-encoding
gzip
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://loot-link.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
415
x-amz-cf-id
QAIyA2bxvJ6tkiuBRoQXkz8Pt-jxskZeOxSghoaLWASNrLsM5ckE5A==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 05:54:25 GMT
x-content-type-options
nosniff
age
483416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Mar 2025 05:54:25 GMT
favicon.ico
loot-link.com/ 		561 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/s?ufes
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:11:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIyH32orLHG2N6ye%2BNmiR1u%2BS%2BS1EF3YOgpZGA2pbnZSTvZJ5u9a9%2BhxMOcBi6XD61rXg5j9fqXWd2ZVXTwiXa076gerPyfMhdKC7RKsxrzCMp%2BrdSiyl4rNzZGkrjTY"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
86b207720f5b3701-YYZ
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7e0e5daadc840c6049ce8abe123476e854cca98004f205abfa14225a2d72e320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:11:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50824
x-xss-protection
0
server
cafe
etag
15337711269242772
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 27 Mar 2024 20:11:21 GMT
d-intel.json
unpkg.com/detect-gpu@5.0.38/dist/benchmarks/ 		43 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.38/dist/benchmarks/d-intel.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6283a00844c99fc9d94cf99ffdd0c3392b9be908467fdd80fa2914843fb78564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:11:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2422572
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRJ8Q2DKFFJMZB21JFZSWKQ-yyz
server
cloudflare
etag
W/"aa9e-PItSkECxUbKs93/O0lLbbP8haoo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86b207728bfe54af-YYZ
tc
gforanopportu.info/ 		450 B
924 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gforanopportu.info/tc
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f69765d25b42740c83eca6e87ea326019624e93c703504608d8917ea88efa3a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 27 Mar 2024 20:11:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsB12YdJgMt%2Fnm5Xgq2fQ28lxDVU6dOkhdehF19h97RltCRGjs9wPVWiLqiKbt%2BWYx6ranVsuf0QuAmNMPcAu0t4csNjUiJsistNXKJt%2F5Lp4lxDEygybfGa7uIv%2B5ymJTx8uXU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-link.com
content-type
application/json
access-control-allow-credentials
true
cf-ray
86b20774ec7336cf-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc
h3=":443"; ma=86400
tc
gforanopportu.info/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gforanopportu.info/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loot-link.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-link.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b207734e903972-YYZ
date
Wed, 27 Mar 2024 20:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPxSZPeThETjotEzCAt8LBeJzfmu%2F35rxi8cLbyo7wF4%2FFOvXbf2t0NV3Ddhi%2FXPtlWmL8b3l8D%2F%2F8DIvmIA9JzobfHl9tOM%2Fxcoy6YYFhV3FUt2koHyT3Oynzqof0gmvqmEB9k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
371 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 20:11:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2004675
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HR50SSFPCPRB81VNXA32FDMA-yyz
server
cloudflare
etag
W/"5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86b207765fdf36a8-YYZ

Redirect headers

date
Wed, 27 Mar 2024 20:11:21 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HT0R9DPAGYX8B18ZH5KQ0ARA-yyz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
339
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
86b20775fef036a8-YYZ
7d62db2fdb184b9e.png
d1wzdj81h1hubn.cloudfront.net/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/7d62db2fdb184b9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.210.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-210-75.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87de979f652f78f714a260b4127c39bdbc46949490c80ca83ce5d1f0aaa2b3fc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 05:20:10 GMT
via
1.1 8f20ff24dd415d652c896cb797feb54e.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jan 2024 22:48:36 GMT
x-amz-meta-timestamp
2024-01-30T08:51:58.905972
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
53473
etag
"609b6f90755ba2ce60f6b6d3183831bf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6232
x-amz-cf-id
pg9ffh_AuIVldsVCFKviEX-etQxjVvwCxN16a0ZLAV8R4G2AbyPlgA==
apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.210.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-210-75.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://loot-link.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 14:31:43 GMT
via
1.1 8f20ff24dd415d652c896cb797feb54e.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
20379
etag
"fe92fe3dee69ba5c6dc9ab4b1785c556"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3115
x-amz-cf-id
_1GvtDKHIxRvl3KSm9ExjgLFOBzDKU-z8FFSxFhTMiaig3Zqml-4lw==
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 03:05:29 GMT
x-content-type-options
nosniff
age
493552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Mar 2025 03:05:29 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| regeneratorRuntime object| DetectGPU function| a0_0x2657 function| a0_0x342d function| a0_0x38e6ee function| sendRequest object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
gforanopportu.info/ Name: ci
Value: 1266733346092582

2 Console Messages

Source Level URL
Text
network error URL: https://loot-link.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://loot-link.com/s?ufes
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.