urlscan.io logo urlscan.io
SecurityTrails logo

loot-link.com Open in urlscan Pro
172.67.134.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Submission: On September 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 15 HTTP transactions. The main IP is 172.67.134.201, located in United States and belongs to CLOUDFLARENET, US. The main domain is loot-link.com. The Cisco Umbrella rank of the primary domain is 400842.
TLS certificate: Issued by WE1 on September 6th 2024. Valid for: 3 months.
This is the only time loot-link.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.134.201 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
2 104.21.76.222 13335 (CLOUDFLAR...)
15 10
4    172.67.134.201 (United States)

ASN13335 (CLOUDFLARENET, US)
loot-link.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223f:3800:d:547c:9480:21 (United States)

ASN16509 (AMAZON-02, US)
d2w9cdu84xc4eq.cloudfront.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.taboola.com
2    104.21.76.222 (None, )

ASN13335 (CLOUDFLARENET, US)
eiwouldlikuk.com
Apex Domain
Subdomains		 Transfer
4 loot-link.com
loot-link.com — Cisco Umbrella Rank: 400842
214 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
13 KB
2 eiwouldlikuk.com
eiwouldlikuk.com — Cisco Umbrella Rank: 386045
599 B
2 gstatic.com
fonts.gstatic.com
36 KB
1 taboola.com
api.taboola.com — Cisco Umbrella Rank: 4489
750 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
51 KB
1 cloudfront.net
d2w9cdu84xc4eq.cloudfront.net
803 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
7 KB
15 9
Domain Requested by
4 loot-link.com loot-link.com
3 unpkg.com 1 redirects loot-link.com
unpkg.com
2 eiwouldlikuk.com loot-link.com
2 fonts.gstatic.com fonts.googleapis.com
1 api.taboola.com loot-link.com
1 pagead2.googlesyndication.com loot-link.com
1 d2w9cdu84xc4eq.cloudfront.net loot-link.com
1 fonts.googleapis.com loot-link.com
1 cdn.jsdelivr.net loot-link.com
15 9

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
loot-link.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
eiwouldlikuk.com
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Frame ID: 580F674FFEEA45BE98ACE91EB46BBB19
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox Condo Game

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

323 kB
Transfer

604 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.48/dist/detect-gpu.umd.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
loot-link.com/ 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff351694fdae1421d6e2e7c5180c5d0884ea701a80971eef212135cc9ea5f1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4c7a209f338813-SIN
content-encoding
br
content-type
text/html
date
Tue, 17 Sep 2024 22:19:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqfN2R17%2FTpQ7Ac5PwgR4ciaOw6U38g1ZTTPwQ%2BEU7RyP%2FI7nKKBrZ%2F7UnIPLm2bdE8cglXbFsGaZ8ytJ2PbZKKIFH8uoc8tcewfnqhAzYscJV0A6fcD7%2BUBWKRkt0DE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
loot-link.com/cdn-cgi/ 		128 B
549 B 		Other
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

Referer
https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Origin
https://loot-link.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slnpGJpCNILaMFDNlvf7r0ZcwhGcMdUAcfOAuw7h%2Bi7zlRpKT7MnFxYorWwznaE1NfAK1GAc2jBpc03mwixdTfMYTOG%2BwdIR5nTewrinVfKNpo1hsvcT0v%2BP7P6xU9wU"}],"group":"cf-nel","max_age":604800}
content-type
application/speculationrules+json
access-control-allow-origin
https://loot-link.com
cf-ray
8c4c7a24e9758813-SIN
alt-svc
h3=":443"; ma=86400
content-length
128
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Sep 2024 22:19:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
1028634
x-jsd-version
6.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6589
x-served-by
cache-fra-etou8220141-FRA
x-jsd-version-type
version
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.48/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.48/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.48/dist/detect-gpu.umd.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e038028e66d82979b59204cc0a81b1f6119786d783ccda30e11631da5c0500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:19 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
248735
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J7SKWBPJP4QY77VK0P3NWB0N-fra
server
cloudflare
etag
"25c3-a7UTMSpmECkzJPyZlQinyzBR2yM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c4c7a24dea61d88-FRA

Redirect headers

date
Tue, 17 Sep 2024 22:19:19 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J810PW9Q9N2ZWBM7V0B60JBH-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
402
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/detect-gpu@5.0.48/dist/detect-gpu.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8c4c7a24ae821d88-FRA
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Sep 2024 22:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Sep 2024 22:10:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Sep 2024 22:19:19 GMT
1.js
loot-link.com/ 		317 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/1.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360afa7639c332b238671f91aa50262f428fa764312bbac02b8dedd691f7cdc5

Request headers

Referer
https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2024 21:21:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1183
etag
W/"66e9f2d0-4f260"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9NvufHb6h5bqlu6Ew0n%2FAIQvKLD4%2FDsM%2F75raKNb6ht7pIxGDtzgvvY3XACHTOEFkM7e%2B%2BjGaNT0jhCgqnAn9EP%2Fj2DIMs0HOMRxIWri9Ofp6W5zVpzYtG%2FKRaVh6j8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8c4c7a27cade8813-SIN
alt-svc
h3=":443"; ma=86400
/
d2w9cdu84xc4eq.cloudfront.net/ 		697 B
803 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2w9cdu84xc4eq.cloudfront.net/?tid=1038222&params_only=1
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3800:d:547c:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dc6cde0f4d94804834585aac56b610c24bf9bd9db5cab21b7d1f5964688911a6

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:19:20 GMT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
https://loot-link.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
427
x-amz-cf-id
JUpkaX3AmBsX97Y5DYc0YCGPTS4RIXaA2PC22V1YWLK60BnZSiTJ0w==
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 11:59:30 GMT
x-content-type-options
nosniff
age
37190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18100
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Sep 2025 11:59:30 GMT
favicon.ico
loot-link.com/ 		561 B
593 B 		Other
General
Check archive.org
Download Go to
Full URL
https://loot-link.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

Referer
https://loot-link.com/s?x9O2&data=U8H3gtjzhw5vTmjDN1QgXAgTU2xOrJ2NULXOwkIq2OJu7fngJbQLTW1IPi7of3CD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
server
cloudflare
age
58
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNPxcNS3Ejg2%2BWMrq1P544GXKz57AKk%2FzP6p8Pt3s99oqK4iLzzQ73oi7pzdLrEpXyjaa54NPsaLgr%2FRHRbDEqIh0IIAJw4o1Mm3Eo4vHo4vs9LdY9O77ANBflKz4wJR"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8c4c7a2eae988813-SIN
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6900900197d05d5805ff04329b081a54403423de87b049dfb320f2c759dc3cf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52269
x-xss-protection
0
server
cafe
etag
17885693440992597614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 17 Sep 2024 22:19:20 GMT
user.sync
api.taboola.com/2.0/json/lootlabs-roblox/ 		83 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c75cc716e75f3d0d4971fbc8c83313c66c5ae2ee5a740ae6295fff26861153c

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 17 Sep 2024 22:19:20 GMT
content-encoding
gzip
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220067-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1726611561.928979,VS0,VE9
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://loot-link.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
d-intel.json
unpkg.com/detect-gpu@5.0.48/dist/benchmarks/ 		44 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.48/dist/benchmarks/d-intel.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413890fc6f0596bdf2e5a6bffd345f819cd25921bc9563431da3cea5bb5763a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:19:21 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
248535
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J7SM2HEYXQX07ZTRYPRWEQFW-fra
server
cloudflare
etag
"b05d-slZFupDC1EcN3G8y2g9lhwSzKYg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c4c7a307d013a3d-FRA
tc
eiwouldlikuk.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eiwouldlikuk.com/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loot-link.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://loot-link.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4c7a337e819f85-SIN
date
Tue, 17 Sep 2024 22:19:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0mQzE5S7d7rokEHW2tUVn5Clr6XZR59OD39SZW5azuwo8UgKh0QcKvov3sXkEf7PlKXDIN9KyMKWkyVAg3E8HNQ99UrdBE%2FyGzewmo9d9vtgQAz%2Bdmm8EdQVi2cjYSD%2FkJCw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tc
eiwouldlikuk.com/ 		2 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eiwouldlikuk.com/tc
Requested by
Host: loot-link.com
URL: https://loot-link.com/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://loot-link.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Sep 2024 22:19:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
POST, GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
https://loot-link.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqMlatfYgQoxL%2BozzzAWYsi%2FIlyIm4b7%2BEM0yTBPxT8pmzio%2BSUf%2B%2Fgdyg6aaPSlvdZyAf%2FPGSjUFxDd8VSmoT4ivme4aUZvencHZX5NAzOPmL8Twgz9T9sYBWjvEpSzyCxY"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8c4c7a374b343626-FRA
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9a86d96311410e1dd1ae1aea03f55f3ca77a28fe59ffbb7a055d4f60319ad08

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loot-link.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 11:54:39 GMT
x-content-type-options
nosniff
age
37483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Sep 2025 11:54:39 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x449d40 function| sendRequest function| a0_0x1095 function| a0_0x4b9c object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line

1 Cookies

Domain/Path Name / Value
eiwouldlikuk.com/ Name: ci
Value: 1346327902462808

1 Console Messages

Source Level URL
Text
network error URL: https://loot-link.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d2w9cdu84xc4eq.cloudfront.net
eiwouldlikuk.com
fonts.googleapis.com
fonts.gstatic.com
loot-link.com
pagead2.googlesyndication.com
unpkg.com
104.21.76.222
142.250.185.226
151.101.193.44
172.67.134.201
2600:9000:223f:3800:d:547c:9480:21
2606:4700::6811:f5cb
2a00:1450:4001:800::2003
2a00:1450:4001:82f::200a
2a04:4e42::485
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13e038028e66d82979b59204cc0a81b1f6119786d783ccda30e11631da5c0500
360afa7639c332b238671f91aa50262f428fa764312bbac02b8dedd691f7cdc5
3ff351694fdae1421d6e2e7c5180c5d0884ea701a80971eef212135cc9ea5f1e
413890fc6f0596bdf2e5a6bffd345f819cd25921bc9563431da3cea5bb5763a7
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b6738147d189f5dd0fe825daab5e7690ad4c2ecba054a368a1e235867d37ceb
6900900197d05d5805ff04329b081a54403423de87b049dfb320f2c759dc3cf4
8c75cc716e75f3d0d4971fbc8c83313c66c5ae2ee5a740ae6295fff26861153c
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
dc6cde0f4d94804834585aac56b610c24bf9bd9db5cab21b7d1f5964688911a6
e9a86d96311410e1dd1ae1aea03f55f3ca77a28fe59ffbb7a055d4f60319ad08