app1.dev.lootibox.com Open in urlscan Pro
54.36.25.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app1.dev.lootibox.com/
Effective URL:
https://app1.dev.lootibox.com/login
Submission Tags: @phishunt_io
Submission: On December 10 via api (December 10th 2023, 3:22:59 pm UTC) from DE — Scanned from FR

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 54.36.25.241, located in France and belongs to OVH, FR. The main domain is app1.dev.lootibox.com.
TLS certificate: Issued by R3 on October 11th 2023. Valid for: 3 months.

This is the only time app1.dev.lootibox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	54.36.25.241 54.36.25.241	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:335d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
36	7

19 54.36.25.241 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip241.ip-54-36-25.eu

app1.dev.lootibox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:335d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	lootibox.com 1 redirects app1.dev.lootibox.com	207 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	298 KB
4	gstatic.com fonts.gstatic.com	163 KB
3	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 5068	33 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	10 KB
36	6

	Domain	Requested by
19	app1.dev.lootibox.com	1 redirects app1.dev.lootibox.com
6	cdn.jsdelivr.net	app1.dev.lootibox.com
4	fonts.gstatic.com	fonts.googleapis.com
3	cdn.datatables.net	app1.dev.lootibox.com
2	cdnjs.cloudflare.com	app1.dev.lootibox.com
2	fonts.googleapis.com	app1.dev.lootibox.com ajax.googleapis.com
1	ajax.googleapis.com	app1.dev.lootibox.com
36	7

This site contains no links.

Subject Issuer	Validity	Valid
app1.dev.lootibox.com R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app1.dev.lootibox.com/login
Frame ID: 850CF0F53B2B01A7CFF89733C3022F8B
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identification - Lootibox

Page URL History Show full URLs

https://app1.dev.lootibox.com/ HTTP 302
https://app1.dev.lootibox.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

36
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

730 kB
Transfer

2670 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app1.dev.lootibox.com/ HTTP 302
https://app1.dev.lootibox.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
app1.dev.lootibox.com/
Redirect Chain

https://app1.dev.lootibox.com/
https://app1.dev.lootibox.com/login

10 KB
4 KB

28ms
27ms

Document
text/html

54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

e7220af670d6e70f457d913af20ca5975ef886bc57932634ede103bce755975d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Dec 2023 15:22:55 GMT
Keep-Alive: timeout=15, max=99
Server: Apache
Strict-Tansport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Dec 2023 15:22:55 GMT
Keep-Alive: timeout=15, max=100
Location: https://app1.dev.lootibox.com/login
Server: Apache
Strict-Tansport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK normalize.min.css
app1.dev.lootibox.com/packages/webflow/css/ 2 KB
1 KB 19ms
18ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/webflow/css/normalize.min.css?ts=2019-04-29

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

eb404482e83cbc290115f3d02632854cffad2773e49b9a52982cf2a85e7d7416

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "747-60a32cbbafd7d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 882

GET
H/1.1 200
OK lootibox.min.css
app1.dev.lootibox.com/packages/webflow/css/ 98 KB
9 KB 39ms
19ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/webflow/css/lootibox.min.css?ts=2019-06-13

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

6f22da3fd72f9065ec21c3ee7adc75001a452a7843d59c1218b3edfa45b58f84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "188a2-60a32cbbafd7d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 8976

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
app1.dev.lootibox.com/packages/jquery-3.6.0/ 87 KB
31 KB 60ms
33ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/jquery-3.6.0/jquery-3.6.0.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "15d9e-60a32cbba9fbe-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 30904

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 17 KB
18 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app1.dev.lootibox.com/
Origin: https://app1.dev.lootibox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:13:20 GMT
x-content-type-options: nosniff
age: 162575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17698
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:13:20 GMT

GET
H/1.1 200
OK Logo-lootibox-blue-p-500.png
app1.dev.lootibox.com/packages/webflow/img/ 8 KB
9 KB 51ms
25ms Image
image/png 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.dev.lootibox.com/packages/webflow/img/Logo-lootibox-blue-p-500.png

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

80b1fcccd42ba31e0f02e9a50091e5991f8966a0b9d5cf5ceef0bd9817507e04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "21c1-60a32cbbafd7d-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 8391

GET
H/1.1 200
OK font-awesome.min.css
app1.dev.lootibox.com/packages/font-awesome-4.7.0/css/ 30 KB
7 KB 55ms
29ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "7918-60a32cbba901e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7053

GET
H2 200 tabler.min.css
cdn.jsdelivr.net/npm/@tabler/core@latest/dist/css/ 535 KB
70 KB 99ms
52ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@tabler/core@latest/dist/css/tabler.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952de72b130c6622884491bb5205289ce1d8baf1e05b979c9048ef1cc6316fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 1.0.0-beta20
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220029-FRA, cache-mrs10562-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"85da9-pBnIq7FXtx0YfcWYI9KJtHbOBmQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIoh89bol7X77NC5%2FY1lu2TkejbYC19obx8ip7rVWOuVy9OELwY2R4eLdYnh7uA8uMzs2Ww6rglumJmRsvdrowoMUb2yDLf2VqAqg5Bf3xEaUXryMulbETKDyqsxcFhzqzfdCdkriiyqC6V8OS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83367c711d68d410-CDG

GET
H2 200 tabler-icons.min.css
cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/ 196 KB
34 KB 76ms
33ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/tabler-icons.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268b95045433abb4c53dae17f25d3b55a4074213495b3e415958ffb56d1bfd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1448
x-jsd-version: 2.43.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220071-FRA, cache-mrs10532-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"30f67-49inLMaxsfVnubMMnJGERvUUAqs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuoOJKk3BdzpBi8SPC2fPiv2dx3IKb51oFaAcWBOgQT8uQ9wSNwk%2FwxwWs4fINqRjWli2zN%2BgKpy6mYP1NnGUQVLQDHEOHhBqkdB9oSBYP3nAquKvWgAYZak5hQtfoxs%2B0%2FY%2BlxvK1s%2BFAq4rXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83367c711d69d410-CDG

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
3 KB 33ms
27ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 978199
x-jsd-version: 4.1.0-rc.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220046-FRA, cache-ams21050-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNiTtD1fiEMCnqZD2fAYH2rymh5Va44WvD1mwjXVUC4ZccZ5OerYg7tpWJxygQ1Zpsq6lz8%2BS7VjJkL1VFv6z4VIyP4LNlbQgTobcDVwplM%2FfPcgmoEqcB7ENdZQXFIDDgfXW2i9KiwIbPMBRDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83367c711d6ad410-CDG

GET
H/1.1 200
OK override-bootstrap.min.css
app1.dev.lootibox.com/css/ 11 KB
3 KB 38ms
36ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/css/override-bootstrap.min.css?ts=2023-10-03

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

8220718b6211e0dad8306dca3ee57cc2418f125d593a5fff67cc8ceb55d4c405

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:41 GMT
Server: Apache
ETag: "2a29-60a32cba199a1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2791

GET
H/1.1 200
OK messages.css
app1.dev.lootibox.com/css/ 578 B
718 B 34ms
32ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/css/messages.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

8cef6ddb53f3cc65a9d14fe1f529049e74405bfcba19320fe6d4666151ea65cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:41 GMT
Server: Apache
ETag: "242-60a32cba199a1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 271

GET
H/1.1 200
OK jquery-ui.css
app1.dev.lootibox.com/packages/jquery-ui-1.12.0.custom/ 36 KB
9 KB 35ms
33ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/jquery-ui-1.12.0.custom/jquery-ui.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

540fc69e6abbe69104eff5d47e93f989f3ed22c99567b6098266d4505f2fcfd7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "8ef2-60a32cbbaaf5e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 8490

GET
H2 200 css
fonts.googleapis.com/ 1 KB
869 B 91ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:bold

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d761ce34deab21949a3d833d5d1a746de08846f854859818f9a1728707dc08f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 15:22:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 15:22:55 GMT

GET
H/1.1 200
OK bootstrap-datepicker3.min.css
app1.dev.lootibox.com/packages/bootstrap-datepicker-1.9.0-dist/css/ 21 KB
3 KB 29ms
28ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/bootstrap-datepicker-1.9.0-dist/css/bootstrap-datepicker3.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

14039a5d3a65f74fcaf1c5e649db2c91b40dde7298ba5842a4f6dc17319358a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "526c-60a32cbba519e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 2393

GET
H/1.1 200
OK navbar.css
app1.dev.lootibox.com/css/ 1 KB
852 B 31ms
29ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/css/navbar.css?ts=2023-10-03

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

8cba51c954f19290c8a391572ff51db11d9ae0e1b79f10b1f8a1d4361709029a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:41 GMT
Server: Apache
ETag: "491-60a32cba199a1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 404

GET
H/1.1 200
OK common.css
app1.dev.lootibox.com/css/ 657 B
748 B 44ms
18ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/css/common.css?ts=2023-11-02

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

4973796e40158b7f2938c1d62eed82197ab3bb8e19f8156a9a3b772374e9d384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:41 GMT
Server: Apache
ETag: "291-60a32cba18a01-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 300

GET
H2 200 dataTables.bootstrap5.min.css
cdn.datatables.net/1.13.2/css/ 11 KB
2 KB 83ms
31ms Stylesheet
text/css 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.2/css/dataTables.bootstrap5.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e15edde936bef7946e52e180bf16f073535c93e953d3a396dbcb7d0ab76ea503

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2454457
content-length: 2097
last-modified: Mon, 06 Nov 2023 12:01:12 GMT
server: cloudflare
etag: "1240322-2daa-6097a9c47bc38-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83367c718cb222ab-CDG
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 11 Nov 2024 05:35:18 GMT

GET
H2 200 jquery-confirm.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 22 KB
3 KB 66ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 928508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2884
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-580a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu0knsfua6KLYT42no0iHROtwDO1cc4pAVXUOBr0jAdhp3UO0micngH0z%2F4B%2FZbPnLkAikYKY%2F5WxgUIx7oX9kKn4ucT8J7MWBMX0fe34xFkWDDk7pyWB8fCtV0mlE1BWJipD1jDyztFkThmndhpysHc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83367c717ebb6ec6-CDG
expires: Fri, 29 Nov 2024 15:22:55 GMT

GET
H/1.1 200
OK override-theme.css
app1.dev.lootibox.com/css/ 1 KB
998 B 17ms
17ms Stylesheet
text/css 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/css/override-theme.css?ts=2023-10-03

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

a9092530ce63319e0c34f604cd20e30d162a6e11efa12b79a131357fdb1851d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:41 GMT
Server: Apache
ETag: "4cc-60a32cba199a1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 551

GET
H2 200 tabler.min.js Show response
cdn.jsdelivr.net/npm/@tabler/core@latest/dist/js/ 133 KB
39 KB 156ms
153ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@tabler/core@latest/dist/js/tabler.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca03b9393454b58c430e41114700427eaf9f99a92133ac9bc1f97a80208f9404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 1.0.0-beta20
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230051-FRA, cache-mrs10579-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"21540-wpPXHjCjF2psRAQhK4Eu26gjSIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mV8rv7NY5aUNleR8hYuQL5twRD1Me0kFoTuG86m4JuIr%2Byv7wE%2B2iy7nRT9xE%2Bw73kOdbG8GLGekKzuImoXUxUQxpYv%2FjpT6Q4HVWIo0Rvhh46OtJfg3iUYEm%2B1KNo8fJoQitkLnps7WTcm6kgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83367c714d87d410-CDG

GET
H2 200 apexcharts Show response
cdn.jsdelivr.net/npm/ 509 KB
133 KB 46ms
44ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/apexcharts

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf403b030a9a533b8b509747abe67359e0b69f4d672bdbba5e7b0a69b17ee180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40444
x-jsd-version: 3.44.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230033-FRA, cache-ams21041-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"7f45d-1hoSyroDwruoafAdnEptqmHv8l0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoOpdZB1LDTxzBQHB1XYn154phqi4n6VhSeWFvich%2Bj32Ty1Qdgwpf71Eea%2F0T%2BYO2B%2BGhPQXszz3Z6sgHvvJ4KhBez5xNOrQSXbpl74xIpS2u%2BXtjC07TJhrHjdvmBc%2B28exZLTOQfwDxZ%2F6Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83367c714d89d410-CDG

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
20 KB 45ms
42ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1072043
x-jsd-version: 4.1.0-rc.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220101-FRA, cache-lcy-eglc8600051-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVUhXaZDzQ3BDJ2%2FKQ2IO3ZR6qe9xig%2BD3wNkTx%2Bgci1rTNNKX0iWVHIKIQtzI35y0JSiDL6VsLRMewchSLrIELZt%2FXyO%2FoadFZLhn6QN8FcsSs73UxhD5tPaFJhfqRp0ZbbD96%2FzqVz9GR7OiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83367c714d8bd410-CDG

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.13.2/js/ 85 KB
29 KB 80ms
32ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.2/js/jquery.dataTables.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e734a0ba35fb264790a547a4a476ea3764634caf02f5d59111d15182e2a0a4d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1079257
content-length: 29606
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
server: cloudflare
etag: "12400a6-15217-6097a9c49c3c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83367c718cb422ab-CDG
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 27 Nov 2024 03:35:18 GMT

GET
H2 200 dataTables.bootstrap5.min.js Show response
cdn.datatables.net/1.13.2/js/ 2 KB
1 KB 78ms
30ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.2/js/dataTables.bootstrap5.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6951906ec661b3e64d6ba5f0becde7c81c30e843a5d12668922e0925ad48a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1078832
content-length: 1164
last-modified: Mon, 06 Nov 2023 12:01:12 GMT
server: cloudflare
etag: "1240086-8ed-6097a9c47c7f0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83367c718cb122ab-CDG
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 27 Nov 2024 03:42:23 GMT

GET
H2 200 jquery-confirm.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 27 KB
7 KB 59ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 161242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6362
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-6cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s4QNPcOTztmN7hfmC7eNJVjYUGWupvjF971WVMfsIcRJ0wouHg57q%2FWARiX4UgTPMMw%2F3loZ5B7e0pZHLplzprYveBRtRudpzfLluPgiUrIX8lABBFEKI27RtQ7u1yQj7sLfTC%2B1Oc15BNB%2FsvQpMS6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83367c717ebc6ec6-CDG
expires: Fri, 29 Nov 2024 15:22:55 GMT

GET
H/1.1 200
OK jquery-ui.js Show response
app1.dev.lootibox.com/packages/jquery-ui-1.12.0.custom/ 508 KB
122 KB 44ms
44ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/packages/jquery-ui-1.12.0.custom/jquery-ui.js

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

0e15dbc415e3b4e49328d299da83648c5ea70526cec24a881d69ed981816f17e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "7efa2-60a32cbbabefe-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK functions.js Show response
app1.dev.lootibox.com/js/ 5 KB
2 KB 18ms
18ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/js/functions.js?ts=2023-10-03

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

c5a554d763bdf402ec821b1ecb990e20f4282b701bc814af45e45fcbc46fbbfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "154c-60a32cbba325e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1705

GET
H/1.1 200
OK common.js Show response
app1.dev.lootibox.com/js/ 190 B
613 B 18ms
17ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/js/common.js?ts=2023-11-02

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

7d420d6ec50aef6ad349cae32942df39f9ffd2627828f634e005cdfd9f85c26d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "be-60a32cbba325e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 153

GET
H/1.1 200
OK datatables.js Show response
app1.dev.lootibox.com/js/ 4 KB
1 KB 17ms
17ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/js/datatables.js?ts=2023-10-11

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

27ed875da26508aebb9ba5b3c621d0e19825347a9f1e70a8578fbf61b7efbbe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "e42-60a32cbba325e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 991

GET
H/1.1 200
OK datatable_filters.js Show response
app1.dev.lootibox.com/js/ 825 B
762 B 18ms
18ms Script
application/javascript 54.36.25.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.dev.lootibox.com/js/datatable_filters.js?ts=2023-10-03

Requested by

Host: app1.dev.lootibox.com
URL: https://app1.dev.lootibox.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

54.36.25.241 , France, ASN16276 (OVH, FR),

Reverse DNS

ip241.ip-54-36-25.eu

Software

Apache /

Resource Hash

865c3e960bda22052b2dae0c9b7b67b8a6ea4b282a1efa4d7a3d06e880298532

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 15:22:55 GMT
Content-Security-Policy: frame-ancestors 'self' https://prod.thingworx.nextiim.fr
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:45:42 GMT
Server: Apache
ETag: "339-60a32cbba325e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Tansport-Security: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 301

GET
H2 200 css
fonts.googleapis.com/ 57 KB
2 KB 119ms
61ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95d9a6679957ff78d9793157076b0fd89370e54ba6e733565015faac2cd95d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app1.dev.lootibox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 15:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 15:22:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 15:22:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 81ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app1.dev.lootibox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:08:30 GMT
x-content-type-options: nosniff
age: 180865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 13:08:30 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 143ms
86ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app1.dev.lootibox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:40:31 GMT
x-content-type-options: nosniff
age: 153744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:40:31 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 115ms
60ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app1.dev.lootibox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 115446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:18:49 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 130ms
75ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app1.dev.lootibox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:44 GMT
x-content-type-options: nosniff
age: 230171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:44 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app1.dev.lootibox.com/	1970-01-20 16:50:36	Name: XSRF-TOKEN Value: eyJpdiI6IkdXdENCVEFxV2FCK2YvZmFpNnYrK1E9PSIsInZhbHVlIjoiRG9qamJJZUd2SVBmVll0MXF4RSt1QmNDQWIrVkl2MktqUWpDUzdZa29LaDRZNGR4V3Vvb095eGsvZlo5N3pTcFZTR1k4NlY5SHg2QVpVaFZteElyU3d6a0hsNkYwTnBYZlFvZVQvSFZ4RTZ1d05hYXZXUnBZTGEwWTF5NE1RNGIiLCJtYWMiOiJhNWM2MTFlZjNiZjg4NGVkNTdkMjdhMGU1NTBmY2EwYzc4ZThmZTFhMmU1NTA5YTczYTNmYTFkM2Y3ZjQ4ODI0IiwidGFnIjoiIn0%3D
			app1.dev.lootibox.com/	1970-01-20 16:50:36	Name: lootibox_dev1_session Value: eyJpdiI6IkwvR2p1cmN6UzI4U3BWWGk1cXpYa3c9PSIsInZhbHVlIjoiTzQ5a2xZdHIvWnV1THFkV3V5S3IybHlxRW5wL09FZ3BFMjY5V1NvOW15eno2VHg1SENFWi92UXVzTzdlTWpjeWl5Z1V5UmhiSXF1UjU4emY1aFoyWUFtcEt6RE5pRHdNbzh5UitLWnpsNkNtVi9kWEYvR3BieGJWQ2hOOTJmN0EiLCJtYWMiOiJjMjBjODBlZGQ0ODRiNDhmMTFkYTRjN2JlNjc5NmM4NDFlZDI4Y2IzZDI3NmJhOTlhMzZkNDRjMDU3YjJhZTA2IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.thingworx.nextiim.fr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app1.dev.lootibox.com
cdn.datatables.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700:10::6816:335d
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:802::200a
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
54.36.25.241
0e15dbc415e3b4e49328d299da83648c5ea70526cec24a881d69ed981816f17e
14039a5d3a65f74fcaf1c5e649db2c91b40dde7298ba5842a4f6dc17319358a2
268b95045433abb4c53dae17f25d3b55a4074213495b3e415958ffb56d1bfd30
27ed875da26508aebb9ba5b3c621d0e19825347a9f1e70a8578fbf61b7efbbe0
4973796e40158b7f2938c1d62eed82197ab3bb8e19f8156a9a3b772374e9d384
540fc69e6abbe69104eff5d47e93f989f3ed22c99567b6098266d4505f2fcfd7
6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15
6e6951906ec661b3e64d6ba5f0becde7c81c30e843a5d12668922e0925ad48a5
6f22da3fd72f9065ec21c3ee7adc75001a452a7843d59c1218b3edfa45b58f84
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d420d6ec50aef6ad349cae32942df39f9ffd2627828f634e005cdfd9f85c26d
80b1fcccd42ba31e0f02e9a50091e5991f8966a0b9d5cf5ceef0bd9817507e04
8220718b6211e0dad8306dca3ee57cc2418f125d593a5fff67cc8ceb55d4c405
865c3e960bda22052b2dae0c9b7b67b8a6ea4b282a1efa4d7a3d06e880298532
8cba51c954f19290c8a391572ff51db11d9ae0e1b79f10b1f8a1d4361709029a
8cef6ddb53f3cc65a9d14fe1f529049e74405bfcba19320fe6d4666151ea65cb
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
952de72b130c6622884491bb5205289ce1d8baf1e05b979c9048ef1cc6316fd4
95d9a6679957ff78d9793157076b0fd89370e54ba6e733565015faac2cd95d04
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a9092530ce63319e0c34f604cd20e30d162a6e11efa12b79a131357fdb1851d0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5a554d763bdf402ec821b1ecb990e20f4282b701bc814af45e45fcbc46fbbfe
ca03b9393454b58c430e41114700427eaf9f99a92133ac9bc1f97a80208f9404
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cf403b030a9a533b8b509747abe67359e0b69f4d672bdbba5e7b0a69b17ee180
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d761ce34deab21949a3d833d5d1a746de08846f854859818f9a1728707dc08f7
e15edde936bef7946e52e180bf16f073535c93e953d3a396dbcb7d0ab76ea503
e7220af670d6e70f457d913af20ca5975ef886bc57932634ede103bce755975d
e734a0ba35fb264790a547a4a476ea3764634caf02f5d59111d15182e2a0a4d2
eb404482e83cbc290115f3d02632854cffad2773e49b9a52982cf2a85e7d7416
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

app1.dev.lootibox.com Open in urlscan Pro 54.36.25.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

730 kBTransfer

2670 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app1.dev.lootibox.com Open in urlscan Pro
54.36.25.241 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

730 kB
Transfer

2670 kB
Size

2
Cookies

36 HTTP transactions
0 data transactions