urlscan.io logo urlscan.io
SecurityTrails logo

lootlabs.gg Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lootlinks.co/
Effective URL: https://lootlabs.gg/
Submission: On November 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is lootlabs.gg.
TLS certificate: Issued by GTS CA 1P5 on September 21st 2023. Valid for: 3 months.
This is the only time lootlabs.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.193.217 13335 (CLOUDFLAR...)
1 1 104.21.60.73 13335 (CLOUDFLAR...)
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 7
1    172.67.193.217 (United States)

ASN13335 (CLOUDFLARENET, US)
lootlinks.co
1    104.21.60.73 (None, )

ASN13335 (CLOUDFLARENET, US)
lootlinks.co
13    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
lootlabs.gg
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
2    2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)
forms-na1.hsforms.com
Apex Domain
Subdomains		 Transfer
13 lootlabs.gg
lootlabs.gg
4 MB
3 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4294
forms-na1.hsforms.com — Cisco Umbrella Rank: 6733
6 KB
3 gstatic.com
fonts.gstatic.com
58 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
33 KB
2 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6454
357 KB
2 lootlinks.co
lootlinks.co
1 KB
24 6
Domain Requested by
13 lootlabs.gg lootlabs.gg
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com lootlabs.gg
js.hsforms.net
2 forms.hsforms.com js.hsforms.net
2 js.hsforms.net lootlabs.gg
js.hsforms.net
2 lootlinks.co 2 redirects
1 forms-na1.hsforms.com
24 7

This site contains links to these domains. Also see Links.

Domain
creators.lootlabs.gg
www.linkedin.com
twitter.com
discord.gg
Subject Issuer Validity Valid
lootlabs.gg
GTS CA 1P5		 2023-09-21 -
2023-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-16 -
2024-05-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lootlabs.gg/
Frame ID: B853D6D9E0C104C792480359E69F9FA2
Requests: 24 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 4813671D9BDD1A22D86062E75D0D12D3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LootLabs - Creators Elevated

Page URL History Show full URLs

  1. http://lootlinks.co/ HTTP 301
    https://lootlinks.co/ HTTP 301
    https://lootlabs.gg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

4578 kB
Transfer

5792 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lootlinks.co/ HTTP 301
    https://lootlinks.co/ HTTP 301
    https://lootlabs.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lootlabs.gg/
Redirect Chain
  • http://lootlinks.co/
  • https://lootlinks.co/
  • https://lootlabs.gg/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5ebc1aa33a4eda2a7f1d9c363df749473eb36a8f61db60ac595def0bd31132

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
826c27abbce56fdf-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 02:02:59 GMT
link
<https://lootlabs.gg/wp-json/>; rel="https://api.w.org/", <https://lootlabs.gg/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://lootlabs.gg/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkHfU0ysnXPYt5PlR45pvw1%2BJ6II85oi9nvxew1o6QRaL6RPjkvc9utr3XEa0SCHP6RyMdNMFlzdnwFTF%2F%2F1Cfc2HG2Al6qNlSr92DHyFtJWooMW0oTdCu%2F3uQQ9a7MSfnYINgwl%2FI1XlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
826c27a96a2982c3-IAD
content-type
text/html
date
Thu, 16 Nov 2023 02:02:59 GMT
location
https://lootlabs.gg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A06sQ%2BBpINbEhkikqjh3mxdMZjwSE9rzoMEiH9PF06mT5w1yLtoM3IzrnUvRxI%2FHMQaRGIuN98Fm8x54aGVOxTRadAcUQvsmPGkCpgMS8ZVfVOxLCmz9bD43VDaNjKU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
main.1c5b39f9.css
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/ 		251 KB
124 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a76b761968368197c2550a4e72d063c235f993af981e91bed90385fe03af70d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:02:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 09:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3ebbe-60927d2fc3999-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER8qxRf7tEXgjuDVxMZoLpiWKyNLbhNioWJiBp8cX4za3171Ao7xriyZAXr%2FXz4AgyVeHpJUzy98ubx0KS115KOnTNnqRYrmCGccfpXRW4k4z94r5xTx3%2BFnbKE1FDO22pG9jaHOD7YLOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
826c27accdf76fdf-IAD
alt-svc
h3=":443"; ma=86400
main.55396207.js
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/js/ 		282 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/js/main.55396207.js
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40fe787423991eb6a536369000972ae79f9def8e1336958afc5dea447cd228d

Request headers

Referer
https://lootlabs.gg/
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:02:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"466a7-609276fa64c97-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jpb59uziWXhxT7aAy4VaCzBO3YByrKeVt4%2FwJNfmiisohgFmSASKpxiVd35Ee6RHv29iILI6tEjDm3IQ2kpcIh%2FDHpTxd8In2bTZ1wtGhG6QWvktyirlre2ArPnQwlBBQshoigf6Oc6iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
826c27accdfa6fdf-IAD
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		119 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Noto+Sans+JP&family=Poppins:ital,wght@0,700;1,300&family=Space+Grotesk:wght@300&display=swap
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c0f8bd53489b838e32b717540263faac11d98288fc076dca7fb6c0a19c808e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 02:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 02:03:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 02:03:00 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700|Nunito+Sans:300,400,500,700,800,900&display=swap
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89b1db306f91a792a77d2cfff06d974764257bd44f622eab80d6aebb336c0bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 02:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 02:03:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 02:03:00 GMT
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a8eaa4a1fa94db2fa2673ace4587e89d5e1dcf396813c0c3585aa8fafe9a348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
icon5.32a33fa013c42a62974f.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/icon5.32a33fa013c42a62974f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fa1438b5c1111d494d3e9816bfd798723218733cddaf583f99b66b9a64c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"aef9-609276fa66bd7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG4PeUOGLqXB%2FKvDUutFaKMFko2lUPHDalui36C%2FTLIaDdG4Rgc4mtH6Jmy%2FbzttgIX%2BtYEREpaZwDpL8cWbt2mARwbzwZSFX5Rwe7FsMEWPeDBMKpjlqqG9ZINMbIq7AhjRFsvSdgcp9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde3c6685-AMS
alt-svc
h3=":443"; ma=86400
content-length
44793
icon4.53fbfba7243ae44adcb9.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/icon4.53fbfba7243ae44adcb9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a711585f57d2f75a770f1396f07ca7c1f70885e431ddc06abed6d5069b1b03d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b063-609276fa65c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HMDfKQZabbR1zNkGVlqjqufzjUQlKIL8DsK%2BA4V6TqiV2bqOF%2FfMoDFx5xFDPGGfVB9TQNkyR4wIhMLqWqLhHcqkn1zGD%2FP9YzG69dPQDWH8UV%2BqzHuNGmUaltPAyQ2zebmxQ0EzRpCqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde3e6685-AMS
alt-svc
h3=":443"; ma=86400
content-length
45155
icon2.df81f491ec00d92e9139.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/icon2.df81f491ec00d92e9139.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebfd04814fad893a065eb004bab66dc9ae6f41e04b523e4beb17573989adf5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d7c6-609276fa65c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdnUvspI%2B1LdwKTeJ0TvmJwtvT5Ua8O%2B9XJYk3o3JmJozkXQ%2BiIw1LqNAr0%2B%2FhWtODm0scvECaSAgWOTipAzapCTgAvA1QUv47RwwJ98yIpo84E4rlFdou6CkZSVRLEZ7uu7GD4h3fY7wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde3f6685-AMS
alt-svc
h3=":443"; ma=86400
content-length
55238
icon1.f4b1f7bad5c372011ce7.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/icon1.f4b1f7bad5c372011ce7.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7095ae3d19feccf6704886bd7e8a06d9e1dde69a02df0d8501cf09a0711b3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7512-609276fa65c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcDlKOsrdmMMIyOA2olcCM8As5MS5T67rge3Pay95f0MkrxJy2q5zzcIRVXbPPNUY8LCcTlpY2shbeVHSY4zeb3lGjIY%2B5UPDo2JjZOpSp%2Bkvsg1jWHQecg99Q%2BR%2Fv6UIGktD06vKU%2B6LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde406685-AMS
alt-svc
h3=":443"; ma=86400
content-length
29970
icon3.973991b720623e0196a9.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/icon3.973991b720623e0196a9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddc05842d26f4c20f8e9b712947c9c3c0562344911d8f4a27b751ed9cf2a460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6fe6-609276fa65c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRDunsDFHFMFztb1rBX34hCaOSL%2BlryyiDbY0HIAqCIHqXeKjK%2FyDLMXzn2Q%2BJUfmhM%2Faz2yOGgzcV8kcWHo5xdqF6VdzCYQfbg2Dxu%2B28C8GEvAzElA9L8ruERHKXSYJpvH8YyxCn3%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde416685-AMS
alt-svc
h3=":443"; ma=86400
content-length
28646
LogoY.da88d9447baa69a01114649820d1589c.svg
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/LogoY.da88d9447baa69a01114649820d1589c.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9855bdea730df40a17417bbe25f9606fd7451de17be58ca4c3c4cf744a4f7b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jun 2023 12:29:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2dfa-5fd9d6680d1f6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSCgQIpkhMkXG880k3%2Blj2ghhNx1X0vaqZWqa3i5DZIZ7xuT%2FfHDB7Wl6%2BnxaI6aDM16yEw2uWhC4vYslgjamcF0sOyNdXpx1Q0%2F%2B8ypPwEiOI3DZcLdT3n%2F3YYRSDXSsV%2B0inK6lwwXgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
826c27afde436685-AMS
alt-svc
h3=":443"; ma=86400
truncated
/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7dbe2da00030c05d398440d9f1b92336de3e01546daa36a84e2bbc6084ba826

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
newBg.54d00571135891a04feb.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/newBg.54d00571135891a04feb.png
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c871e64b417613bb0315313d86d0ce9db5157f5f96da3b20cd6d4231a4ebcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Nov 2023 08:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24d593-609276fa67b77"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks%2BeSyzxjsLvGDng%2Bdbt9pVVnxnw9uQ250Xzt9GUN%2FqufGCZZEDr%2F%2BLJ2zW18VGVAdW9vGh1LEA3HwBqDwuiLJ0g6iUVyJJS%2FjA1Y1hv15Y5qlXSgpNWbG3Hx%2FvN2y%2BN2ZrnWPdrmPthPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde456685-AMS
alt-svc
h3=":443"; ma=86400
content-length
2413971
yellow.ca484bef61c10799ac48.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		510 KB
511 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/yellow.ca484bef61c10799ac48.png
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268e1333227b3c3b5298fe38fcdebad8bc65c90f340aef3bd11da967e4ecb9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jun 2023 12:29:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7f853-5fd9d6680f136"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfuRJIjXwLjzTjwGIz8Zhe%2Fw9cOzwK6kzNz9zLrsxXVqlpC2N%2BptYhlFTna1DUQ%2FjomtNe2pLEFKWHyWBEkMPSuGHRuvkMCASs6n%2BkzmrcGZpVWIfnTzac3Q4PrLRPuQTFtGGoQphkwZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde466685-AMS
alt-svc
h3=":443"; ma=86400
content-length
522323
purple.3804f68c94733038bbc0.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		510 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/purple.3804f68c94733038bbc0.png
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a18a8f7fac3a7aab39cbb86264ff8eec24ceb5f270525b38465b66631b20b50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jun 2023 12:29:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7f6ef-5fd9d6680e196"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYROeGjaZowExtzbeRGqb57y3sPql88zpilIFMwwCfyrGWwH7iLL6X6bjyZPZRhhogh6MvQbPsnN8Nor1dcfZHheBQ2AwqMYC8ZPC1Ce7s1v0Ljk3u31CxggabLS2cWbtK9ghdqmnn8%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde476685-AMS
alt-svc
h3=":443"; ma=86400
content-length
521967
red.7fb2182bc7725c0aebc9.png
lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/media/red.7fb2182bc7725c0aebc9.png
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a07a8fac3afa7f57ad430b29aca1019087840a13c6e028129a788e50e95d00f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/css/main.1c5b39f9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:00 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jun 2023 12:29:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"34fb5-5fd9d6680e196"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7g7OBlQ3pf1jsky5ecH0wHgJXWMp4icIPnhwCJuPxmP3%2Bb%2BS%2Bai748CnsYzPOMha%2BiDfBfZg3xVqKb5LwYzKakT%2B%2Be2n0pltM5K%2FINbffGHhKB3i10ziqjT0qA5V9Qy75TA2orvoH%2B6QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
826c27afde486685-AMS
alt-svc
h3=":443"; ma=86400
content-length
217013
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4TbMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4TbMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Noto+Sans+JP&family=Poppins:ital,wght@0,700;1,300&family=Space+Grotesk:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926aa0e47ef4e61ff82fd610113ff104a753ba490e3be94f0f83fafeb4fe770f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
age
465681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13280
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 16:41:39 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae166251db1350a6a21bbe90fdfc17122e7b59ce69e11bccb35bc3692f1567e0

Request headers

Referer
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/octet-stream
v2.js
js.hsforms.net/forms/embed/ 		559 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/embed/v2.js
Requested by
Host: lootlabs.gg
URL: https://lootlabs.gg/wp-content/reactpress/apps/lootlabs/build/static/js/main.55396207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3e0483991ab0655a286b9cd8f0669182bfde3aa16570f7191e34e33103f522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4130/bundles/project-v2.js&cfRay=826c27b05ac19bbc-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"c44c95c40fb373a441fd2f03d32cf9ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.4130/bundles/project-v2.js
date
Thu, 16 Nov 2023 02:03:00 GMT
x-amz-version-id
g3Au.aMyuFT2rnWc2oBbvqYU5bT82sv1
via
1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
885d903d-163d-4b11-8270-8c011113358f
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
885d903d-163d-4b11-8270-8c011113358f
last-modified
Mon, 13 Nov 2023 11:47:18 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRqvpZhUt4dPcb6tRKBq%2F9gqBMd4x%2FkcL%2BQ%2BClEM22ynAZU4e6S6GuppvNliK22ashQZ%2Fk4lyZIgs1n2%2Fuin0Keby7zwVM9RY1VjXEPs9bRY0cfa2lQ6KzGttYBBrVwT1S7e2UGRJmjtmgZr"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7b7f9459cc-kfchq
cf-ray
826c27b05ac19bbc-FRA
x-amz-cf-id
EyXiTnuqCp3lxtXYT3vO9bVLuY7O-ngOOuX9oEqaptYGmi3ipemf3A==
json
forms.hsforms.com/embed/v3/form/5152848/5b2f6ca7-c290-46b8-b9f8-197d67ef68e1/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/5152848/5b2f6ca7-c290-46b8-b9f8-197d67ef68e1/json?hs_static_app=forms-embed&hs_static_app_version=1.4130&X-HubSpot-Static-App-Info=forms-embed-1.4130
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9af1242a68090de9b616e776b09fe7bd8e3b576864c5c66316c1de95da7fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Thu, 16 Nov 2023 02:03:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
cb8beb21-5966-4854-864a-ee694f4b522e
Transfer-Encoding
chunked
x-envoy-upstream-service-time
15
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
cb8beb21-5966-4854-864a-ee694f4b522e
Server
cloudflare
X-Trace
2B167DA406BFC1C96C70F79E94E35F625EEC3BDBEC000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://lootlabs.gg
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
826c27b22b529b8e-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-q6gzk
v2.js
js.hsforms.net/forms/embed/ Frame 4813 		559 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/embed/v2.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3e0483991ab0655a286b9cd8f0669182bfde3aa16570f7191e34e33103f522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding
br
age
1
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4130/bundles/project-v2.js&cfRay=826c27b05ac19bbc-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"c44c95c40fb373a441fd2f03d32cf9ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.4130/bundles/project-v2.js
date
Thu, 16 Nov 2023 02:03:01 GMT
x-amz-version-id
g3Au.aMyuFT2rnWc2oBbvqYU5bT82sv1
via
1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
885d903d-163d-4b11-8270-8c011113358f
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
885d903d-163d-4b11-8270-8c011113358f
last-modified
Mon, 13 Nov 2023 11:47:18 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7pPBuEqi62pgWsBTOTrSfNKTZQ64dJHG5x5SjDpHwMwj%2BSUiwZLO98lRqctWhZmn%2Fw0xGieLbEJwa3%2FSRWMcdLBNZ%2BTrcrV1JuLKzpcgDFxHtcbLT7Jlp0gAaUkaB4yTmlvrLuugPHz5i9G"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7b7f9459cc-kfchq
cf-ray
826c27b35c209bbc-FRA
x-amz-cf-id
EyXiTnuqCp3lxtXYT3vO9bVLuY7O-ngOOuX9oEqaptYGmi3ipemf3A==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2adcd3bd-d564-44ab-af59-696ae14f2bc3
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2adcd3bd-d564-44ab-af59-696ae14f2bc3
server
cloudflare
x-trace
2BCD2FC041F0496CEF4FA2D6FE88E928389FC8D5FE000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-jg7jb
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
826c27b3ffb95be5-FRA
css2
fonts.googleapis.com/ Frame 4813 		7 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69ce62f9111f1938d84c53daca1a7448a1de4017ef6d6de5b4c55c0ec19b8577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 02:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 02:03:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 02:03:01 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 02:03:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
1a094f5e-07e5-4f04-94a0-5148b719cfb0
x-envoy-upstream-service-time
7
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1a094f5e-07e5-4f04-94a0-5148b719cfb0
Server
cloudflare
X-Trace
2B6E9B88B53010A0BDF85D3262C2F5058D07F80D7E000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-rgq6x
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
826c27b48a22bbef-FRA
1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 4813 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def10bc23a3e7b06586d1ac6451dea370c1011622cc0d0a000f88a2f61158078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 22:55:21 GMT
x-content-type-options
nosniff
age
443260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22804
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 22:55:21 GMT
1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 4813 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def10bc23a3e7b06586d1ac6451dea370c1011622cc0d0a000f88a2f61158078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 22:55:21 GMT
x-content-type-options
nosniff
age
443260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22804
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 22:55:21 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| reactPress object| webpackChunklinklocker_landing object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| _hsq

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hsforms.net
lootlabs.gg
lootlinks.co
104.21.60.73
172.67.193.217
2606:4700::6810:89ce
2606:4700::6811:cff9
2606:4700::6812:c07d
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a06:98c1:3121::3
0ddc05842d26f4c20f8e9b712947c9c3c0562344911d8f4a27b751ed9cf2a460
0ebfd04814fad893a065eb004bab66dc9ae6f41e04b523e4beb17573989adf5e
268e1333227b3c3b5298fe38fcdebad8bc65c90f340aef3bd11da967e4ecb9d0
2d7095ae3d19feccf6704886bd7e8a06d9e1dde69a02df0d8501cf09a0711b3b
3a8eaa4a1fa94db2fa2673ace4587e89d5e1dcf396813c0c3585aa8fafe9a348
4a18a8f7fac3a7aab39cbb86264ff8eec24ceb5f270525b38465b66631b20b50
4f9af1242a68090de9b616e776b09fe7bd8e3b576864c5c66316c1de95da7fc7
69ce62f9111f1938d84c53daca1a7448a1de4017ef6d6de5b4c55c0ec19b8577
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7c871e64b417613bb0315313d86d0ce9db5157f5f96da3b20cd6d4231a4ebcfd
7d5ebc1aa33a4eda2a7f1d9c363df749473eb36a8f61db60ac595def0bd31132
80c3fa1438b5c1111d494d3e9816bfd798723218733cddaf583f99b66b9a64c4
89b1db306f91a792a77d2cfff06d974764257bd44f622eab80d6aebb336c0bf3
926aa0e47ef4e61ff82fd610113ff104a753ba490e3be94f0f83fafeb4fe770f
9c0f8bd53489b838e32b717540263faac11d98288fc076dca7fb6c0a19c808e3
a07a8fac3afa7f57ad430b29aca1019087840a13c6e028129a788e50e95d00f2
a711585f57d2f75a770f1396f07ca7c1f70885e431ddc06abed6d5069b1b03d7
a76b761968368197c2550a4e72d063c235f993af981e91bed90385fe03af70d0
a9855bdea730df40a17417bbe25f9606fd7451de17be58ca4c3c4cf744a4f7b7
ae166251db1350a6a21bbe90fdfc17122e7b59ce69e11bccb35bc3692f1567e0
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
def10bc23a3e7b06586d1ac6451dea370c1011622cc0d0a000f88a2f61158078
ea3e0483991ab0655a286b9cd8f0669182bfde3aa16570f7191e34e33103f522
f40fe787423991eb6a536369000972ae79f9def8e1336958afc5dea447cd228d
f7dbe2da00030c05d398440d9f1b92336de3e01546daa36a84e2bbc6084ba826