urlscan.io logo urlscan.io
SecurityTrails logo

lootdest.org Open in urlscan Pro
104.21.7.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Submission: On December 17 via manual from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 17 HTTP transactions. The main IP is 104.21.7.82, located in and belongs to CLOUDFLARENET, US. The main domain is lootdest.org.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time lootdest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.7.82 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
2 4 104.17.249.203 13335 (CLOUDFLAR...)
1 172.217.18.10 15169 (GOOGLE)
1 18.244.20.127 16509 (AMAZON-02)
2 142.250.185.131 15169 (GOOGLE)
1 52.217.204.242 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
1 151.101.129.44 54113 (FASTLY)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 18.244.20.133 16509 (AMAZON-02)
17 11
3    104.21.7.82 (None, )

ASN13335 (CLOUDFLARENET, US)
lootdest.org
1    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    104.17.249.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
fonts.googleapis.com
1    18.244.20.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-127.fra56.r.cloudfront.net
d1tafuajjg33f8.cloudfront.net
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    52.217.204.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.taboola.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
nerventualken.com
2    18.244.20.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-133.fra56.r.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
Apex Domain
Subdomains		 Transfer
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
128 KB
3 cloudfront.net
d1tafuajjg33f8.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
368 KB
3 lootdest.org
lootdest.org
33 KB
2 nerventualken.com
nerventualken.com — Cisco Umbrella Rank: 329759
1 KB
2 gstatic.com
fonts.gstatic.com
35 KB
1 taboola.com
api.taboola.com — Cisco Umbrella Rank: 4948
747 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 amazonaws.com
fingerprinting36542.s3.us-east-1.amazonaws.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
7 KB
17 10
Domain Requested by
4 unpkg.com 2 redirects lootdest.org
3 lootdest.org lootdest.org
2 d1wzdj81h1hubn.cloudfront.net
2 nerventualken.com lootdest.org
2 fonts.gstatic.com fonts.googleapis.com
1 api.taboola.com lootdest.org
1 pagead2.googlesyndication.com lootdest.org
1 fingerprinting36542.s3.us-east-1.amazonaws.com lootdest.org
1 d1tafuajjg33f8.cloudfront.net lootdest.org
1 fonts.googleapis.com lootdest.org
1 cdn.jsdelivr.net lootdest.org
17 11

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
lootdest.org
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-11-18 -
2025-11-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
nerventualken.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Frame ID: 60ED25190160F9FBCCFD4735B23F95C6
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

roblox condos

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

664 kB
Transfer

1105 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js HTTP 302
  • https://unpkg.com/detect-gpu@5.0.61/dist/detect-gpu.umd.js
Request Chain 13
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s
lootdest.org/ 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24073db3d362b12f223dd6eed56e52be3c8604efd6e33d0fca7add8efd45e6f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3a8b1b8e93bfe1-WAW
content-encoding
zstd
content-type
text/html
date
Tue, 17 Dec 2024 23:02:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6be9rYK4YrZH2yrjX%2BGom6FKY8f4KRXCWvzj9uKR7sGS1HJhbGgoX8A7VT6Hbq%2BGK84FHew5NavAyvJBYHLcZALfkXiUVAiLXVQ830vm7%2FcZTxfmEbwZYNshPi3Io8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24952&min_rtt=24708&rtt_var=4219&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4549&delivery_rate=553&cwnd=12000&unsent_bytes=0&cid=99f049b4befeefb4&ts=269&x=1" cfExtPri cfHdrFlush;dur=0
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
age
1192085
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 17 Dec 2024 23:02:54 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230078-FRA, cache-vie6349-VIE
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6589
x-jsd-version
6.5.0
detect-gpu.umd.js
unpkg.com/detect-gpu@5.0.61/dist/
Redirect Chain
  • https://unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
  • https://unpkg.com/detect-gpu@5.0.61/dist/detect-gpu.umd.js
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/detect-gpu@5.0.61/dist/detect-gpu.umd.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Protocol
H2
Server
104.17.249.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076c2a401cadf303a28028777f193e647e28327259bfca265be844295def88f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"25c3-KtJzcBj/8/tO4BdiF9gIm5zErRg"
age
250556
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 23:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JF3YT097PB05SKFNW1S36DXX-waw
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f3a8b1fff18eec7-WAW
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/detect-gpu@5.0.61/dist/detect-gpu.umd.js
content-encoding
br
cf-cache-status
HIT
age
583
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f3a8b1f8e46eec7-WAW
access-control-allow-origin
*
date
Tue, 17 Dec 2024 23:02:54 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFBD6J6BM021F61JK6SJYSSK-waw
server
cloudflare
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 23:02:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 23:02:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 21:10:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
1.js
lootdest.org/ 		78 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/1.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252c61a17653f19479d71fcc165426e43bbb2f3650b105425eb58637f11b95c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6761d840-1376b"
age
1215
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNYNBKfeaH1TRiCOP0e6xQ2wtM%2BfVXGE%2B8lA8HuU1Fdjhzx937rVn5HjyTMsANdD4LYp%2FwwnBHNh04oJn9IfoZoYOz5JW1s5dOcosJngloG0XeV8JA0Rk7dEBXW4K8g%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25357&min_rtt=24708&rtt_var=1725&sent=22&recv=16&lost=0&retrans=0&sent_bytes=14412&recv_bytes=5148&delivery_rate=208790&cwnd=12000&unsent_bytes=0&cid=99f049b4befeefb4&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 23:02:54 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 20:00:00 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3a8b1de876bfe1-WAW
server
cloudflare
/
d1tafuajjg33f8.cloudfront.net/ 		597 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1tafuajjg33f8.cloudfront.net/?tid=1063670&params_only=1
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-127.fra56.r.cloudfront.net
Software
/
Resource Hash
01bd8c17b617a67b5b92037be7a93ed8615cd517bc8ac2bc2e516ed528f07e36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
access-control-allow-origin
https://lootdest.org
x-cache
Miss from cloudfront
content-length
354
x-amz-cf-id
GFxsouIs_ct-5CcpT3QdGH43Sa0KxWU7Kj19s5zVFaR_mt-0zR4T6w==
date
Tue, 17 Dec 2024 23:02:55 GMT
x-amz-cf-pop
FRA56-P11
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
592947
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 02:20:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 02:20:27 GMT
last-modified
Thu, 24 Aug 2023 19:54:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18100
x-xss-protection
0
server
sffe
favicon.ico
lootdest.org/ 		561 B
809 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lootdest.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e48yB9LnETVyXKl8Rqotlfn7JRnxdnfQOpmuGzduwBL0vzBVWqPODa12nRZps3HNRfUHC%2FaPD9cB3umV2j6%2B0vm1EuiCQVxWIpV5ud672lZt6oXZ4t%2FmH2e3bIyfSbw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3a8b211ab9bfe1-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26900&min_rtt=24631&rtt_var=3033&sent=44&recv=28&lost=0&retrans=0&sent_bytes=37982&recv_bytes=6060&delivery_rate=360424&cwnd=22800&unsent_bytes=0&cid=99f049b4befeefb4&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 23:02:55 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
fingerprint.js
fingerprinting36542.s3.us-east-1.amazonaws.com/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.204.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://lootdest.org/

Response headers

x-amz-server-side-encryption
AES256
ETag
"9ac06ba71cc5803c7515b3e8c3a2854d"
Connection
close
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
x-amz-request-id
MA5TCVWC2FRAV853
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
38143
Date
Tue, 17 Dec 2024 23:02:56 GMT
Last-Modified
Mon, 09 Dec 2024 12:08:59 GMT
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server
AmazonS3
Content-Type
application/javascript
x-amz-id-2
WCW94q5tjG9DpSK7hNtps1RW45pi2U/vsFnN4xg5HjVc5OrHRJ44HtxBusZ5unfrJS3cv6tRt6M=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
011165cb07f5aaf0181fb13fa321a66cad7025b9849be2d14aaa1359249bd2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
etag
1973762585778259611
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 23:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 17 Dec 2024 23:02:55 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53258
x-xss-protection
0
server
cafe
user.sync
api.taboola.com/2.0/json/lootlabs-roblox/ 		83 B
747 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/2.0/json/lootlabs-roblox/user.sync?app.apikey=cdb5e8d81c24e09c97db19a61b14ffdead0deac8&app.type=desktop
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f9e0f55ec59def14447111a1d17d67a544a9f4cc59b2e6856a16f829fdc6c9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 17 Dec 2024 23:02:55 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
x-cache-hits
0
x-served-by
cache-vie6382-VIE
x-timer
S1734476575.282638,VS0,VE69
x-vcl-time-ms
69
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://lootdest.org
x-service-version
v1
server
nginx
tc
nerventualken.com/ 		553 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Requested by
Host: lootdest.org
URL: https://lootdest.org/1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ac6df3513de6260a984d22b27c937247e75ba68c9a10c78a52f28c0f9b9788

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://lootdest.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, HEAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4%2BBB4Ho4h9C2cKtIMWsWe%2FlqyM%2BS80ZG4cffEgL0lgvPjgXe%2FGD3KNe%2F5WEMgVWkM0hiVeO%2F%2Bv2lKzzJMkTD3vEoXt814Ixjb8Y9EiMKuuQl%2BPIGAvrqQ1Ezfk1bJfa5pnIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3a8b26bd55c41c-WAW
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25027&min_rtt=24833&rtt_var=4224&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4571&delivery_rate=554&cwnd=12000&unsent_bytes=0&cid=88edadef4e92e9e0&ts=305&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 23:02:56 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
tc
nerventualken.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nerventualken.com/tc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lootdest.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
https://lootdest.org
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3a8b24f8e5bf20-WAW
content-length
0
content-type
application/json
date
Tue, 17 Dec 2024 23:02:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZnQAfZAH%2Fl%2B4X6vvyCjn8lcnEwS5wgpQpsXp3o7buOu81ZySCJDiI0Plb%2BhYvfpAHX4X3CrAM%2FTIYkDvIVG9jxAg4FlW9q2aEXFziIHAumxjZV5D4q5gTMpLwuA1irSiMabNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24579&min_rtt=24513&rtt_var=3906&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4412&delivery_rate=564&cwnd=12000&unsent_bytes=0&cid=51f72593f49a6525&ts=258&x=1" cfExtPri cfHdrFlush;dur=0
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lootdest.org
Referer
https://fonts.googleapis.com/

Response headers

age
460278
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 15:11:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 15:11:37 GMT
last-modified
Thu, 24 Aug 2023 20:26:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18088
x-xss-protection
0
server
sffe
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
375 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Protocol
H2
Server
104.17.249.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
age
1280650
x-content-type-options
nosniff
date
Tue, 17 Dec 2024 23:02:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JE58E2TGZ85P9QXFA5DP0V20-waw
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f3a8b292fc5eec7-WAW
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
content-encoding
br
cf-cache-status
HIT
age
338
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f3a8b28aec4eec7-WAW
access-control-allow-origin
*
date
Tue, 17 Dec 2024 23:02:56 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFBDE37FHEH8JP8Q1A331X0H-waw
server
cloudflare
051203bf224f8e9e.png
d1wzdj81h1hubn.cloudfront.net/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/051203bf224f8e9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-133.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

vary
accept-encoding
etag
"f0d9ad883a3d4f969f3b85fec3ee2720"
age
42728
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
x-amz-meta-timestamp
2024-07-12T13:49:36.316144
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
371675
x-amz-cf-id
kBdU4mje3t5SOJIxpXDh3PcuGO9JyvOWb2BFKLriUIPwnDlYX26D0A==
date
Tue, 17 Dec 2024 11:10:49 GMT
content-type
image/png
last-modified
Fri, 12 Jul 2024 22:35:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
apps.png
d1wzdj81h1hubn.cloudfront.net/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wzdj81h1hubn.cloudfront.net/icons/apps.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-133.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lootdest.org/

Response headers

vary
accept-encoding
etag
"fe92fe3dee69ba5c6dc9ab4b1785c556"
age
76973
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3115
x-amz-cf-id
529DEx8WbnskzJe3U5NLY3nJyDjAudPrEgN3E2_1o4waojDK1L120A==
date
Tue, 17 Dec 2024 01:40:04 GMT
content-type
image/png
last-modified
Tue, 07 Feb 2023 09:32:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime object| DetectGPU function| a0_0x105375 function| a0_0x90f368 function| a0_0x444544 function| a0_0x2134 function| a0_0x423e function| sendRequest object| textsArr object| loadingText function| getRandomText function| updateLoadingText string| line boolean| ALLOW_UNLOCKER object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

2 Cookies

Domain/Path Name / Value
lootdest.org/ Name: uid
Value: iUbI5fWXY0G3QNOMWIMUcdxzpXOndoqb
nerventualken.com/ Name: ci
Value: 1782673692581080

2 Console Messages

Source Level URL
Text
network error URL: https://lootdest.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://lootdest.org/s?84cdbc7c&data=7WzAW8T0iZD5qLSXdK9%2BiGYn0MYmoq5iSAjaIoYi%2B5bkMOc%2F9TcnqoyCXGHk9dpQ
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0300D15E4030000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taboola.com
cdn.jsdelivr.net
d1tafuajjg33f8.cloudfront.net
d1wzdj81h1hubn.cloudfront.net
fingerprinting36542.s3.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
lootdest.org
nerventualken.com
pagead2.googlesyndication.com
unpkg.com
104.17.249.203
104.21.7.82
142.250.185.131
151.101.129.44
151.101.65.229
172.217.18.10
172.217.18.2
18.244.20.127
18.244.20.133
188.114.97.3
52.217.204.242
011165cb07f5aaf0181fb13fa321a66cad7025b9849be2d14aaa1359249bd2e5
01bd8c17b617a67b5b92037be7a93ed8615cd517bc8ac2bc2e516ed528f07e36
076c2a401cadf303a28028777f193e647e28327259bfca265be844295def88f8
1f9e0f55ec59def14447111a1d17d67a544a9f4cc59b2e6856a16f829fdc6c9e
24073db3d362b12f223dd6eed56e52be3c8604efd6e33d0fca7add8efd45e6f7
252c61a17653f19479d71fcc165426e43bbb2f3650b105425eb58637f11b95c1
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd
a0ac6df3513de6260a984d22b27c937247e75ba68c9a10c78a52f28c0f9b9788
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745
ccd301728bdb7278affa4f6e9b6c1d373ee427a223cc94280fcf9fb2b689bbf4
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f