urlscan.io logo urlscan.io
SecurityTrails logo

lootdest.org Open in urlscan Pro
172.67.135.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Submission: On January 10 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 17 HTTP transactions. The main IP is 172.67.135.229, located in United States and belongs to CLOUDFLARENET, US. The main domain is lootdest.org.
TLS certificate: Issued by WE1 on January 2nd 2025. Valid for: 3 months.
This is the only time lootdest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.135.229 13335 (CLOUDFLAR...)
1 151.101.193.229 54113 (FASTLY)
2 4 104.17.246.203 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
1 18.66.92.84 16509 (AMAZON-02)
2 142.250.184.195 15169 (GOOGLE)
1 54.231.133.18 16509 (AMAZON-02)
1 142.250.186.34 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
2 188.114.96.3 13335 (CLOUDFLAR...)
2 18.244.20.13 16509 (AMAZON-02)
17 11
3    172.67.135.229 (United States)

ASN13335 (CLOUDFLARENET, US)
lootdest.org
1    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    104.17.246.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    18.66.92.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-84.fra56.r.cloudfront.net
d3eksfxlf7bv9h.cloudfront.net
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
1    54.231.133.18 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.taboola.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
nerventualken.com
2    18.244.20.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-13.fra56.r.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
128 KB
3 cloudfront.net
d3eksfxlf7bv9h.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
368 KB
3 lootdest.org
lootdest.org
33 KB
2 nerventualken.com
nerventualken.com — Cisco Umbrella Rank: 329759
1 KB
2 gstatic.com
fonts.gstatic.com
35 KB
1 taboola.com
api.taboola.com — Cisco Umbrella Rank: 4948
745 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
7 KB
17 10
Domain Requested by
4 unpkg.com 2 redirects lootdest.org
3 lootdest.org lootdest.org
2 d1wzdj81h1hubn.cloudfront.net
2 nerventualken.com lootdest.org
2 fonts.gstatic.com fonts.googleapis.com
1 api.taboola.com lootdest.org
1 pagead2.googlesyndication.com lootdest.org
1 fingerprinting36542.s3.us-east-1.amazonaws.com lootdest.org
1 d3eksfxlf7bv9h.cloudfront.net lootdest.org
1 fonts.googleapis.com lootdest.org
1 cdn.jsdelivr.net lootdest.org
17 11

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
lootdest.org
WE1		 2025-01-02 -
2025-04-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-11-18 -
2025-11-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
nerventualken.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Frame ID: 84C0FD19D1BCFE1926BA3A54FD90612F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

roblox condos

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

664 kB
Transfer

1106 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.63/dist/detect-gpu.umd.js
Request Chain 13
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
lootdest.org/ 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d261cbf956ec76807d549fe695e29f7c07ebb7cb949bba6af1a624f851f266a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fff6db8daad06c0-AMS
content-encoding
zstd
content-type
text/html
date
Fri, 10 Jan 2025 20:31:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MhvvbKd0AhnARBPAxYbv6%2FQ8jJYk8Aj0JCLOOFAIIOlR00CVVzyZNkilUXWCZrBGyGq45z2W3Q0TDhIo6EKDBAUiJPA9BHwLZ5JbyN7I9Un4T1Z9M25tMD5XGgNoX0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=12103&min_rtt=12034&rtt_var=1954&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4017&recv_bytes=2416&delivery_rate=318155&cwnd=246&unsent_bytes=0&cid=78fd811dfe0e373e&ts=218&x=0"
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
age
3256575
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230078-FRA, cache-ams2100124-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6589
x-jsd-version
6.5.0
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.63/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.63/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.63/dist/detect-gpu.umd.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Protocol
H2
Server
104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22be7e8aeea6c97526873b1e8bef7b98dfb61f42eb7d68c7cf897e090a922ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"25c3-3ikRQrdEATwchy/sTw5VBJnDXoI"
age
1105927
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JG7ZXCX1HP7BBMG5CSDQV8G5-ams
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8fff6dbb1f6e0bba-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/detect-gpu@5.0.63/dist/detect-gpu.umd.js
content-encoding
br
cf-cache-status
HIT
age
196
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8fff6dbaef230bba-AMS
access-control-allow-origin
*
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JH8YDMJ0RRV5H03DR9D9QADP-ams
server
cloudflare
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 20:31:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 18:39:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
1.js
lootdest.org/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/1.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53ab5bd30c8d43966b0f16d02a47adb5c5d23bc2a33bc29fae293aa7c0cfc6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67810bc0-13415"
age
5485
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMMgTpXEng9YEwDuY2WneUT3M%2Bc724iiVGJ30jwzhSp4bMtZhnG5t5DxcGR0cSX8I3ebQQQ2fa%2Bq8OwCAE4rQzNAR%2BpdrKFb16X4iE%2F%2BCB%2F8CDA51w7C0AoEygO4Mzs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fff6dbabd7606c0-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12647&min_rtt=11967&rtt_var=1212&sent=22&recv=18&lost=0&retrans=0&sent_bytes=14230&recv_bytes=2618&delivery_rate=617597&cwnd=250&unsent_bytes=0&cid=78fd811dfe0e373e&ts=336&x=0"
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
application/javascript
last-modified
Fri, 10 Jan 2025 12:00:00 GMT
vary
Accept-Encoding
server
cloudflare
/
d3eksfxlf7bv9h.cloudfront.net/ 		598 B
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3eksfxlf7bv9h.cloudfront.net/?tid=1063670&params_only=1
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-84.fra56.r.cloudfront.net
Software
/
Resource Hash
231b05d6475c5a0172642723edc41ca3f3619291808465ec6fb644d27343d2ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
access-control-allow-origin
https://lootdest.org
x-cache
Miss from cloudfront
content-length
353
x-amz-cf-id
SgVbJ5YqGymy3fHe3I4GuuP0nqENAwT8X_GZ1huXZi3Rc9gQRDYYGg==
date
Fri, 10 Jan 2025 20:31:05 GMT
x-amz-cf-pop
FRA56-P2
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
298903
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 09:29:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 09:29:22 GMT
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18100
x-xss-protection
0
server
sffe
favicon.ico
lootdest.org/ 		561 B
847 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
56
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bytRKY6piVjMSXZUspitx3%2BSWdIbi2Vnp%2BLo9mb%2B1VQvgog0MsmiYoq23l1Lk9DymQ3V7IlMqUAuujFObc4Wxr%2BxbebwZLXDYkF%2F%2Bi%2BrZBuFDekVFhDHM0xw4TtTW7k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fff6dbba8150ea8-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15364&min_rtt=12157&rtt_var=8167&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4258&recv_bytes=4539&delivery_rate=756&cwnd=12000&unsent_bytes=0&cid=05400196769c1046&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
fingerprint.js
fingerprinting36542.s3.us-east-1.amazonaws.com/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.18 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://lootdest.org/

Response headers

x-amz-server-side-encryption
AES256
ETag
"9ac06ba71cc5803c7515b3e8c3a2854d"
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
x-amz-request-id
2XXX9NMFA11M309A
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
38143
Date
Fri, 10 Jan 2025 20:31:06 GMT
Last-Modified
Mon, 09 Dec 2024 12:08:59 GMT
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server
AmazonS3
Content-Type
application/javascript
x-amz-id-2
5O6J+/Ek5PDuuuOlX+rdserkmhlKOqhbEg/R1zI3+mrlSo5hn4cxOMctT5RExbXa5dadCzob1kU=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
251a7322369d7ec690c67b87ca80798bcd6082dbcae5fa4017b4e3e5fa795666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
etag
13237060607202710692
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 20:31:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53550
x-xss-protection
0
server
cafe
user.sync
api.taboola.com/2.0/json/lootlabs-roblox/ 		83 B
745 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24129b700513a97bb73cc4f42cfd8d11c5dba8d978bb50ba92528f9556b49617

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Fri, 10 Jan 2025 20:31:05 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
x-cache-hits
0
x-served-by
cache-ams2100120-AMS
x-timer
S1736541066.747881,VS0,VE3
x-vcl-time-ms
3
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://lootdest.org
x-service-version
v1
server
nginx
tc
nerventualken.com/ 		571 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5b31978a5c91d09766596f0169151657b3ea9f0cd6bff57a9462eaf6a893bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://lootdest.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, HEAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWXQpUEt8lWUu9sfB%2BkPMgD2qRSJ2ND083hbxEh9PGYfb7h6KYMaTf5wEate64vrwGeGK48TunHoejv4GeD4H6tGGL08Gj6auYtKdZLlnlEY7NBdNlbwiU3AK0lqERTsf%2BWayA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fff6dbedcda66a2-AMS
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12464&min_rtt=12340&rtt_var=2183&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4582&delivery_rate=732&cwnd=12000&unsent_bytes=0&cid=937171d29cd656c4&ts=532&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 20:31:06 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
tc
nerventualken.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lootdest.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fff6dbd68d9f5ea-AMS
content-length
0
content-type
application/json
date
Fri, 10 Jan 2025 20:31:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FBfGdNr7dB8RNsVZqhSye6sF1tGRIC7sUCMApdemUTzTHzVnXR8vt3LsI0Mfzdzd0KA4qOXyeGjJv1RSFcUJ1tUv7uSL%2BwLt2Zuf6vHK%2B5jmdcaj5QaezFSlempUbYS1LNU5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=12361&min_rtt=12088&rtt_var=2086&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4139&recv_bytes=4413&delivery_rate=751&cwnd=12000&unsent_bytes=0&cid=91646d32e7a10d06&ts=215&x=1" cfExtPri cfHdrFlush;dur=0
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
300854
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 08:56:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 08:56:52 GMT
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18088
x-xss-protection
0
server
sffe
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
375 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Protocol
H2
Server
104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
age
995418
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 20:31:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JGB99WFZ2NKFQ2TNA14KA197-ams
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8fff6dc25fc40bba-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
content-encoding
br
cf-cache-status
HIT
age
231
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8fff6dc22f960bba-AMS
access-control-allow-origin
*
date
Fri, 10 Jan 2025 20:31:06 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JH8YCKDRM3ESMX0QXBGW7KEK-ams
server
cloudflare
051203bf224f8e9e.png
d1wzdj81h1hubn.cloudfront.net/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/051203bf224f8e9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

vary
accept-encoding
etag
"f0d9ad883a3d4f969f3b85fec3ee2720"
age
14467
via
1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-amz-meta-timestamp
2024-07-12T13:49:36.316144
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
371675
x-amz-cf-id
dLg8c1UsN9ZiDuQ__ZBnkzjBLjpxGslGN6R4vLv6qZBs94FwVhBkFA==
date
Fri, 10 Jan 2025 16:30:00 GMT
content-type
image/png
last-modified
Fri, 12 Jul 2024 22:35:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

etag
"fe92fe3dee69ba5c6dc9ab4b1785c556"
age
69379
via
1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3115
x-amz-cf-id
1Sg-ySd7s1YhfCWlaaBBSvuDAz58xNmdA3I44sy7E1iK7wAfFRQJbw==
date
Fri, 10 Jan 2025 01:14:48 GMT
content-type
image/png
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x5cd18e function| a0_0x29f3 function| a0_0x54af45 function| a0_0x390e99 function| sendRequest function| a0_0x2c6f object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line boolean| ALLOW_UNLOCKER object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

2 Cookies

Domain/Path Name / Value
lootdest.org/ Name: uid
Value: oL5Dyh3kRoQh8TUrT0WLG5oD5sXkvIfI
nerventualken.com/ Name: ci
Value: 1663104148126284

2 Console Messages

Source Level URL
Text
network error URL: https://lootdest.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGCwmJJZsYr6lK26z3uF2aL%2BwJNh7IoWp%2FEDnap%2BPE5R
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0304105E41B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d1wzdj81h1hubn.cloudfront.net
d3eksfxlf7bv9h.cloudfront.net
fingerprinting36542.s3.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
lootdest.org
nerventualken.com
pagead2.googlesyndication.com
unpkg.com
104.17.246.203
142.250.184.195
142.250.184.234
142.250.186.34
151.101.1.44
151.101.193.229
172.67.135.229
18.244.20.13
18.66.92.84
188.114.96.3
54.231.133.18
1f5b31978a5c91d09766596f0169151657b3ea9f0cd6bff57a9462eaf6a893bf
22be7e8aeea6c97526873b1e8bef7b98dfb61f42eb7d68c7cf897e090a922ba6
231b05d6475c5a0172642723edc41ca3f3619291808465ec6fb644d27343d2ee
24129b700513a97bb73cc4f42cfd8d11c5dba8d978bb50ba92528f9556b49617
251a7322369d7ec690c67b87ca80798bcd6082dbcae5fa4017b4e3e5fa795666
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
d261cbf956ec76807d549fe695e29f7c07ebb7cb949bba6af1a624f851f266a6
e53ab5bd30c8d43966b0f16d02a47adb5c5d23bc2a33bc29fae293aa7c0cfc6d