urlscan.io logo urlscan.io
SecurityTrails logo

lootdest.org Open in urlscan Pro
104.21.7.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Submission: On January 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 17 HTTP transactions. The main IP is 104.21.7.82, located in and belongs to CLOUDFLARENET, US. The main domain is lootdest.org. The Cisco Umbrella rank of the primary domain is 727962.
TLS certificate: Issued by WE1 on January 2nd 2025. Valid for: 3 months.
This is the only time lootdest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.7.82 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 142.250.184.227 15169 (GOOGLE)
1 54.231.192.202 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 2600:9000:275... 16509 (AMAZON-02)
17 11
3    104.21.7.82 (None, )

ASN13335 (CLOUDFLARENET, US)
lootdest.org
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2057:4000:5:c8d3:2080:21 (United States)

ASN16509 (AMAZON-02, US)
d9r4lqt28t1fm.cloudfront.net
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
1    54.231.192.202 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.taboola.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
nerventualken.com
2    2600:9000:275d:5800:a:3cd2:30c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 729
130 KB
3 cloudfront.net
d9r4lqt28t1fm.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
368 KB
3 lootdest.org
lootdest.org — Cisco Umbrella Rank: 727962
33 KB
2 nerventualken.com
nerventualken.com — Cisco Umbrella Rank: 248306
1 KB
2 gstatic.com
fonts.gstatic.com
35 KB
1 taboola.com
api.taboola.com — Cisco Umbrella Rank: 4856
747 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
52 KB
1 amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 306240
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 301
7 KB
17 10
Domain Requested by
4 unpkg.com 2 redirects lootdest.org
3 lootdest.org lootdest.org
2 d1wzdj81h1hubn.cloudfront.net
2 nerventualken.com lootdest.org
2 fonts.gstatic.com fonts.googleapis.com
1 api.taboola.com lootdest.org
1 pagead2.googlesyndication.com lootdest.org
1 fingerprinting36542.s3.us-east-1.amazonaws.com lootdest.org
1 d9r4lqt28t1fm.cloudfront.net lootdest.org
1 fonts.googleapis.com lootdest.org
1 cdn.jsdelivr.net lootdest.org
17 11

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
lootdest.org
WE1		 2025-01-02 -
2025-04-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-11-18 -
2025-11-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
nerventualken.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Frame ID: 5DDCDB2830BB47D96DFDA735AC02EFBB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

roblox condos

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

88 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

666 kB
Transfer

1108 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.65/dist/detect-gpu.umd.js
Request Chain 13
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
lootdest.org/ 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de73894516a86ea39c151092f64ecd51503a726c5ef8c54b4bdd8a3b8deb08bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
904cbd057f01dc80-FRA
content-encoding
zstd
content-type
text/html
date
Mon, 20 Jan 2025 05:41:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vs2Xy5uLXftFlDpS%2FlMNCosYbAwZccMNnZuISXfnUacplifULR5jaLIYgMHrwxlPLBmtPvqreFt3e3Zu2iCE6OqkiQ69u5daNvBpil6QxC7koa6WOW%2FXBszZjTapzUI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=42634&min_rtt=38519&rtt_var=11811&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4181&recv_bytes=4554&delivery_rate=419&cwnd=12000&unsent_bytes=0&cid=304c632c4ff93d40&ts=223&x=1" cfExtPri cfHdrFlush;dur=0
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
age
1661083
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230078-FRA, cache-mad22052-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6589
x-jsd-version
6.5.0
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.65/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.65/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.65/dist/detect-gpu.umd.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78f31b491843cfa29163356603b27d32fcc0a9872f3ae8c2e15e88d084a09cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"25c3-S9hiDYlZdmqKTK0jqTpUroBiyqE"
age
102311
x-content-type-options
nosniff
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JHY24F2T4MZNDC7615RD9RJF-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
904cbd088dfe365c-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/detect-gpu@5.0.65/dist/detect-gpu.umd.js
content-encoding
br
cf-cache-status
HIT
age
600
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
904cbd084ddc365c-FRA
access-control-allow-origin
*
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JJ134ES1SMW88HAD49HPBS5B-fra
server
cloudflare
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 20 Jan 2025 05:41:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 20 Jan 2025 05:17:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
7.js
lootdest.org/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/7.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63c10d8ef0488bec34b7e60431203054988b750004eaa39c7c0ece7602b9bf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"678ca2f0-14448"
age
1339
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aQvXxik2pEBAW3vubk65ei5SRRW839%2Bw0MVBjDx2ZwYn5mUMfNJjTmg1tRDurMHOwH0S30tpzv%2B5p%2B%2FEmT2OUmHtUh5WGQmT1u4%2FFwvUavPlJ2lVqtZt%2F1c8RUI5Ac%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60975&min_rtt=38519&rtt_var=23631&sent=24&recv=17&lost=0&retrans=0&sent_bytes=14460&recv_bytes=5190&delivery_rate=53621&cwnd=12000&unsent_bytes=0&cid=304c632c4ff93d40&ts=401&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
application/javascript
last-modified
Sun, 19 Jan 2025 07:00:00 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
904cbd07a9dcdc80-FRA
server
cloudflare
/
d9r4lqt28t1fm.cloudfront.net/ 		597 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d9r4lqt28t1fm.cloudfront.net/?tid=1063670&params_only=1
Requested by
Host: lootdest.org
URL: https://lootdest.org/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4000:5:c8d3:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a5b26b17f0686a07c24f8cc7741a70a1474c9b43d85fd0797d6b3f2e1c51db1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
access-control-allow-origin
https://lootdest.org
x-cache
Miss from cloudfront
content-length
354
x-amz-cf-id
xLQ4paOHJkx7oDg8NJri0oGDyjKYZwYkuSll64IYerKEgH-_uP-RqA==
date
Mon, 20 Jan 2025 05:41:57 GMT
x-amz-cf-pop
FRA6-C1
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
504754
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 14 Jan 2026 09:29:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Jan 2025 09:29:23 GMT
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18100
x-xss-protection
0
server
sffe
favicon.ico
lootdest.org/ 		561 B
818 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
95
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5JonHKcMYHGCH1Lxv0h4%2Bzik%2FDOqgOR6lsF%2Bj%2FT6gQT%2FigtMB%2FVV0vu6FsJott3EEo32iOfu7FdMm%2Fw9lrRHiH%2F5qzgu6cH5iSfWuPp%2FcAYZmkwcFFwfWbVE7KlH4w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
904cbd092bc5dc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49118&min_rtt=36903&rtt_var=13853&sent=47&recv=30&lost=0&retrans=0&sent_bytes=38467&recv_bytes=6147&delivery_rate=284583&cwnd=18000&unsent_bytes=0&cid=304c632c4ff93d40&ts=636&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
fingerprint.js
fingerprinting36542.s3.us-east-1.amazonaws.com/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.202 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://lootdest.org/

Response headers

x-amz-server-side-encryption
AES256
ETag
"9ac06ba71cc5803c7515b3e8c3a2854d"
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
x-amz-request-id
G574NEFQ09E4BDN5
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
38143
Date
Mon, 20 Jan 2025 05:41:58 GMT
Last-Modified
Mon, 09 Dec 2024 12:08:59 GMT
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server
AmazonS3
Content-Type
application/javascript
x-amz-id-2
NPhgSjq/pCrPZHJDZ1VqC3z6EzAHkn3eqXzGDBFogjUPqCN6MHZ4hAP9ErR8Oz/CaymGAM2YckY=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bdfe2635c1455c647d783a5f7ac6206e9223db38fbc79ca8cebd14b3ad1f1561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
etag
2545097023341812733
x-content-type-options
nosniff
expires
Mon, 20 Jan 2025 05:41:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53505
x-xss-protection
0
server
cafe
user.sync
api.taboola.com/2.0/json/lootlabs-roblox/ 		83 B
747 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by
Host: lootdest.org
URL: https://lootdest.org/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
133b6ad58e405c16c0109fa74954f4b0479a8129345e09157ca6dd2be7991ca2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Mon, 20 Jan 2025 05:41:57 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
x-cache-hits
0
x-served-by
cache-mad22082-MAD
x-timer
S1737351718.566730,VS0,VE30
x-vcl-time-ms
30
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://lootdest.org
x-service-version
v1
server
nginx
tc
nerventualken.com/ 		480 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Requested by
Host: lootdest.org
URL: https://lootdest.org/7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8b2528430f506c824a6615e4d2c567ee6490ed739697ffda752f8e1e3bbac5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://lootdest.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, HEAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkeNBXoavX1Hr494HuHKTxkkz2L5VC6LCgl%2FynYgvby8cwv%2BwcST5cmNYThvSO4r2St7in43mC9T47Nongcz8lVaWpMNt05ugt0h2YuqtY5wVq4wGULmG00UIUMdnkTFcff%2Fcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
904cbd0ccdb22c43-FRA
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35822&min_rtt=12975&rtt_var=18415&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2207&recv_bytes=4577&delivery_rate=377&cwnd=12000&unsent_bytes=0&cid=e84f6ca009279ef8&ts=522&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 20 Jan 2025 05:41:58 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
tc
nerventualken.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lootdest.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
904cbd0b4b655d9a-FRA
content-length
0
content-type
application/json
date
Mon, 20 Jan 2025 05:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sL76Q9JeqaDrUsnGUToRYTVS9FwxfBSxtfZVJUOyNgcB%2FKO5f7ScLZYT87O4YQKpwigJVTTOi3WJOfZtt2cURJ4CLZYayRTI0oBVHVuQosBKRU8HahDXuwFQHCTN07ukB88Wwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8221&min_rtt=6716&rtt_var=3421&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4456&delivery_rate=1516&cwnd=12000&unsent_bytes=0&cid=0bbdad7f2af386ea&ts=198&x=1" cfExtPri cfHdrFlush;dur=0
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
506704
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 14 Jan 2026 08:56:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Jan 2025 08:56:54 GMT
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18088
x-xss-protection
0
server
sffe
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
age
2238604
x-content-type-options
nosniff
date
Mon, 20 Jan 2025 05:41:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JFYCT03H26FEA70RVQV7KN2N-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
904cbd100985365c-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
content-encoding
br
cf-cache-status
HIT
age
48
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
904cbd0fe97d365c-FRA
access-control-allow-origin
*
date
Mon, 20 Jan 2025 05:41:58 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JJ13NA8XEQFDXY1B6MZ0R15W-fra
server
cloudflare
051203bf224f8e9e.png
d1wzdj81h1hubn.cloudfront.net/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/051203bf224f8e9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:5800:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

vary
accept-encoding
etag
"f0d9ad883a3d4f969f3b85fec3ee2720"
age
85482
via
1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
x-amz-meta-timestamp
2024-07-12T13:49:36.316144
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
371675
x-amz-cf-id
3A9XrxC9KHz31RN6eV5QMUWgtaDogxz0GklILQCBDOoEhnBQyO9vfQ==
date
Sun, 19 Jan 2025 05:57:17 GMT
content-type
image/png
last-modified
Fri, 12 Jul 2024 22:35:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:5800:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

etag
"fe92fe3dee69ba5c6dc9ab4b1785c556"
age
80733
via
1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3115
x-amz-cf-id
Q5f5qmxZwd_NoZeHqSry_EInuUe6s8vFnlT4drMKpsb7Xx2--it2Jg==
date
Sun, 19 Jan 2025 07:16:26 GMT
content-type
image/png
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x2c66d7 function| a0_0x50ff6b function| a0_0x59783c function| a0_0x25f2 function| sendRequest function| a0_0x54d1 object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line boolean| ALLOW_UNLOCKER object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

2 Cookies

Domain/Path Name / Value
lootdest.org/ Name: uid
Value: ujndJcJXyKpvfbHaDqtBd3mT5M7GyHaX
nerventualken.com/ Name: ci
Value: 403082515348849

2 Console Messages

Source Level URL
Text
network error URL: https://lootdest.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiBLVunTwLHkDe6DNUUzEclVgEx6erZMYDRhZTzg%2FT7Ed
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060C20CEC370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d1wzdj81h1hubn.cloudfront.net
d9r4lqt28t1fm.cloudfront.net
fingerprinting36542.s3.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
lootdest.org
nerventualken.com
pagead2.googlesyndication.com
unpkg.com
104.21.7.82
142.250.184.227
142.250.186.66
151.101.193.44
188.114.97.3
2600:9000:2057:4000:5:c8d3:2080:21
2600:9000:275d:5800:a:3cd2:30c0:21
2606:4700::6811:f7cb
2a00:1450:4001:831::200a
2a04:4e42:600::485
54.231.192.202
133b6ad58e405c16c0109fa74954f4b0479a8129345e09157ca6dd2be7991ca2
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd
7a5b26b17f0686a07c24f8cc7741a70a1474c9b43d85fd0797d6b3f2e1c51db1
8a8b2528430f506c824a6615e4d2c567ee6490ed739697ffda752f8e1e3bbac5
a63c10d8ef0488bec34b7e60431203054988b750004eaa39c7c0ece7602b9bf2
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
bdfe2635c1455c647d783a5f7ac6206e9223db38fbc79ca8cebd14b3ad1f1561
c78f31b491843cfa29163356603b27d32fcc0a9872f3ae8c2e15e88d084a09cf
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
de73894516a86ea39c151092f64ecd51503a726c5ef8c54b4bdd8a3b8deb08bb