loot-gh.vercel.app Open in urlscan Pro
76.76.21.142  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response loot-gh.vercel.app/	6 MB 4 MB	44ms 29ms	Document text/html	76.76.21.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://loot-gh.vercel.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 8e3b79da84d6d609d8d7e12643ddd2e0ab376cf88bf7f3ade0509eaad82508d3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * age 1205047 cache-control public, max-age=0, must-revalidate content-disposition inline content-encoding br content-type text/html; charset=utf-8 date Thu, 21 Nov 2024 12:34:59 GMT etag W/"c7662fb9828aca99ad70e4029dd8b8e5" last-modified Thu, 07 Nov 2024 13:50:51 GMT server Vercel strict-transport-security max-age=63072000; includeSubDomains; preload x-vercel-cache HIT x-vercel-id hnd1::xn5kb-1732192499448-39fd3a320c1d
GET H2	200	ethers.js Show response loot-gh.vercel.app/assets/web3-provider/	742 KB 174 KB	14ms 14ms	Script application/javascript	76.76.21.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://loot-gh.vercel.app/assets/web3-provider/ethers.js Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://loot-gh.vercel.app/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=0, must-revalidate content-encoding br x-vercel-cache HIT etag W/"71f8c498e792c6179d4e2840228f777a" age 1205047 access-control-allow-origin * date Thu, 21 Nov 2024 12:34:59 GMT content-disposition inline; filename="ethers.js" content-type application/javascript; charset=utf-8 server Vercel last-modified Thu, 07 Nov 2024 13:50:52 GMT x-vercel-id hnd1::gvm49-1732192499483-8a6d527752fe
GET H2	200	ethereum-tx.js Show response loot-gh.vercel.app/assets/web3-provider/	317 KB 95 KB	34ms 33ms	Script application/javascript	76.76.21.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://loot-gh.vercel.app/assets/web3-provider/ethereum-tx.js Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 2a37a8cdb378bb86cd9e9056658b967d3123a405ef3a474e24b02bf63241445d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://loot-gh.vercel.app/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=0, must-revalidate content-encoding br x-vercel-cache HIT etag W/"6d23ff59cdf9bc236cd630a94471f086" age 1205047 access-control-allow-origin * date Thu, 21 Nov 2024 12:34:59 GMT content-disposition inline; filename="ethereum-tx.js" content-type application/javascript; charset=utf-8 server Vercel last-modified Thu, 07 Nov 2024 13:50:52 GMT x-vercel-id hnd1::2sjd7-1732192499483-a88973b9050f
GET H2	200	vrtx2.0.0.js Show response loot-gh.vercel.app/	5 MB 2 MB	10ms 9ms	Script application/javascript	76.76.21.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://loot-gh.vercel.app/vrtx2.0.0.js Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash f4c75a93ff255d8bc3cbec39c970df43ba9f58398d8af654a39b7647dc292222 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://loot-gh.vercel.app/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=0, must-revalidate content-encoding br x-vercel-cache HIT etag W/"2c5ea50699da7c0b733e968919f910c7" age 1205043 access-control-allow-origin * date Thu, 21 Nov 2024 12:34:59 GMT content-disposition inline; filename="vrtx2.0.0.js" content-type application/javascript; charset=utf-8 server Vercel last-modified Thu, 07 Nov 2024 13:50:55 GMT x-vercel-id hnd1::xn5kb-1732192499548-e76c47baf0ad
GET H2	200	vrtxscript.js Show response loot-gh.vercel.app/	154 KB 40 KB	9ms 9ms	Script application/javascript	76.76.21.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://loot-gh.vercel.app/vrtxscript.js Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash ce247b1399d7487b8b9a1799a5094f09da4b03e1faf8b0ee29e8f8af4c53a7a3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://loot-gh.vercel.app/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=0, must-revalidate content-encoding br x-vercel-cache HIT etag W/"698b03ff087ba4d69d916ffcb8974520" age 1205043 access-control-allow-origin * date Thu, 21 Nov 2024 12:34:59 GMT content-disposition inline; filename="vrtxscript.js" content-type application/javascript; charset=utf-8 server Vercel last-modified Thu, 07 Nov 2024 13:50:55 GMT x-vercel-id hnd1::2sjd7-1732192499549-f53fae76ddcb
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 704472ed414242277aefabe6c8df13f8a929a01f4ac44c0a008bee3f91263dde Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	22 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c652776c45d7a32737a3112a695ee7f491d6627dbe7c4ed3f1098a81e4e9096 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	pricemulti Show response min-api.cryptocompare.com/data/	149 B 729 B	755ms 300ms	Fetch application/json	20.4.130.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://min-api.cryptocompare.com/data/pricemulti?fsyms=ETH,BNB,MATIC,AVAX,ARB,FTM,OP&tsyms=USD Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/vrtxscript.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.4.130.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 4a5e1fb5c7b42ac3a75f84f584bb8145eb47df2fe9fe53045c49a984b16d9af7 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json Referer https://loot-gh.vercel.app/ Response headers Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'none' Cache-Control public, max-age=10 Content-Encoding gzip X-CryptoCompare-Server-Id cc-api-min-v2-09 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS X-CryptoCompare-Cache-HIT false Access-Control-Allow-Origin https://loot-gh.vercel.app Date Thu, 21 Nov 2024 12:35:01 GMT Content-Type application/json; charset=UTF-8 Vary Accept-Encoding Server nginx Access-Control-Allow-Headers Content-Type, Cookie, Set-Cookie, Authorization
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	80ms 41ms	Stylesheet text/css	2404:6800:4004:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c79e152335a309e8ba0284f9c143d9bf8890e5d4f8f71f804f3cedfd0e0958a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://loot-gh.vercel.app/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 21 Nov 2024 12:35:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 21 Nov 2024 12:35:00 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 21 Nov 2024 12:35:00 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
POST H2	200	/ Show response stayworld.site/	80 B 683 B	705ms 672ms	Fetch text/html	2606:4700:3037::6815:348a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stayworld.site/ Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/vrtxscript.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:348a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 34a60f4d8a544f76ff2c6d3c1d02dc5e28dfc62929deafb53754bc260b39adb0 Request headers Referer https://loot-gh.vercel.app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept text/plain Content-Type application/x-www-form-urlencoded Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJslz3gAP%2BNODoi%2BvKkeLSYBH165jYYqNLgcYIh4FC9TnsYsOgiyShlCJFq9AKtOP3ktkOtI%2B%2Fc0rR8xLwwuTMbg2Dtt%2FGjt8alwZ%2BQ2u7qYOAY26gqMVAqRGbJFfKQrjxba0YcsbLr1m1rtXQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e60b799ce5a3475-NRT access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1196&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3992&recv_bytes=4216&delivery_rate=3056559&cwnd=254&unsent_bytes=0&cid=f57569fe60bd68ab&ts=682&x=0" date Thu, 21 Nov 2024 12:35:01 GMT content-type text/html; charset=utf-8 x-powered-by Express server cloudflare
GET DATA	200 OK	truncated /	318 KB 318 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	405 KB 405 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ed873f1d0b7d0f1381374f7d9ad6908b84a148a04728cc4b2e3164ec295ad02 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	388 KB 388 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	31 KB 31 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8622e42bc0d8bd71dccd9572557c7556eaaeffe48918dda4bbeef2981d53eb02 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	420 KB 420 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 64dd5243b3ec5568134c9c4ecbf37d4db65cb3d6a833e57b7971b2ec987f0459 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	106 KB 106 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://loot-gh.vercel.app Referer Response headers Content-Type font/woff2
POST H2	200	/ stayworld.site/	35 KB 0	893ms 891ms	Fetch text/html	2606:4700:3037::6815:348a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stayworld.site/ Requested by Host: loot-gh.vercel.app URL: https://loot-gh.vercel.app/vrtxscript.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:348a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Referer https://loot-gh.vercel.app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept text/plain Content-Type application/x-www-form-urlencoded Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzdAWkVcYTcVpHGWVx5l9XGa4%2BfmBTK6Gb%2FHKPmuoEmIJzQCCJCUxqiy%2BZuHxEYUEhvnHIngKjnbE%2B6nf9TjB6QuAiXHGGXIZN23iwf9ltLtE4mAGtgp6cCRpFgTRMir4%2FDr%2FMFZJHFsjEcjPg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e60b79e298d3475-NRT access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1190&sent=14&recv=20&lost=0&retrans=0&sent_bytes=4741&recv_bytes=6184&delivery_rate=3056559&cwnd=257&unsent_bytes=0&cid=f57569fe60bd68ab&ts=1611&x=0" date Thu, 21 Nov 2024 12:35:02 GMT content-type text/html; charset=utf-8 x-powered-by Express server cloudflare

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x4cd6 function| addClassesToElements function| _0x1a16 function| savepage_ShadowLoader object| _ethers object| ethers object| ethereumjs function| _0x15a3 function| _0x3479 object| @walletconnect/ethereum-provider function| Buffer object| global object| process object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| setImmediate function| clearImmediate object| WalletConnectProvider object| regeneratorRuntime function| Web3 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| seaport object| MS_MetaMask_ChainData function| a0b function| a0a function| addWorkerWalletAddress

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://loot-gh.vercel.app/(Line 16) Message: <link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
loot-gh.vercel.app
min-api.cryptocompare.com
stayworld.site
20.4.130.154
2404:6800:4004:820::200a
2606:4700:3037::6815:348a
76.76.21.142
1ed873f1d0b7d0f1381374f7d9ad6908b84a148a04728cc4b2e3164ec295ad02
2a37a8cdb378bb86cd9e9056658b967d3123a405ef3a474e24b02bf63241445d
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
34a60f4d8a544f76ff2c6d3c1d02dc5e28dfc62929deafb53754bc260b39adb0
3c652776c45d7a32737a3112a695ee7f491d6627dbe7c4ed3f1098a81e4e9096
465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084
4a5e1fb5c7b42ac3a75f84f584bb8145eb47df2fe9fe53045c49a984b16d9af7
64dd5243b3ec5568134c9c4ecbf37d4db65cb3d6a833e57b7971b2ec987f0459
704472ed414242277aefabe6c8df13f8a929a01f4ac44c0a008bee3f91263dde
8622e42bc0d8bd71dccd9572557c7556eaaeffe48918dda4bbeef2981d53eb02
8c79e152335a309e8ba0284f9c143d9bf8890e5d4f8f71f804f3cedfd0e0958a
8e3b79da84d6d609d8d7e12643ddd2e0ab376cf88bf7f3ade0509eaad82508d3
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73
ce247b1399d7487b8b9a1799a5094f09da4b03e1faf8b0ee29e8f8af4c53a7a3
f4c75a93ff255d8bc3cbec39c970df43ba9f58398d8af654a39b7647dc292222