Report - loot-link.com/s?fcbb67de

Report Overview

Visited public
2024-12-31 03:39:28
Tags
URL
loot-link.com/s?fcbb67de
Finishing URL
loot-link.com/s?fcbb67de
IP / ASN
104.21.25.219
#13335 CLOUDFLARENET
Title
Download Executor Files

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d3h26c51lqz4go.cloudfront.net	unknown	2008-04-25	2024-10-08	2024-12-27	443 B	446 kB	143.204.42.188
d1wzdj81h1hubn.cloudfront.net	unknown	2008-04-25	2023-01-18	2024-12-29	892 B	47 kB	3.164.226.228
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	1.0 kB	38 kB	216.58.207.227
unpkg.com	11693	2016-01-06	2016-01-07	2024-12-25	1.7 kB	417 kB	104.17.246.203
loot-link.com	unknown	2023-09-14	2023-09-18	2024-12-19	1.4 kB	70 kB	172.67.134.201
d2tc1zttji8e3a.cloudfront.net	unknown	2008-04-25	2024-12-24	2024-12-31	455 B	865 B	3.164.247.212
nerventualken.com	unknown	2024-01-01	2024-10-08	2024-12-22	506 B	1.2 kB	172.67.197.84
pagead2.googlesyndication.com	101	2003-01-21	2012-05-21	2024-12-25	453 B	54 kB	142.250.74.98
fingerprinting36542.s3.us-east-1.amazonaws.com	unknown	2005-08-18	2024-12-09	2024-12-28	461 B	39 kB	52.217.141.122
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-25	435 B	7.7 kB	104.18.186.31
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	449 B	1.8 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-12-31	medium	loot-link.com/6.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js	ScriptElement	22 kB	2023-03-07	2025-06-02
Pretty URL cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:26 Last Seen2025-06-02 11:37 Times Seen131 Hash 4f6d0ac2c43a81b1890d6442a2a72494 5cec1237fc2cd482064efb78c55096560ffd4419 b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07 Loading...

	unknown	Function	79 B	2023-04-11	2025-06-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-02 13:08 Times Seen113855 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	loot-link.com/s?fcbb67de	ScriptElement	16 kB	2024-12-31	2024-12-31
Pretty URL loot-link.com/s?fcbb67de IP 172.67.134.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-31 03:39 Last Seen2024-12-31 03:39 Times Seen1 Hash bf05d80576c07e0125760e81f32ed848 8fad8a93e114f1054402b1ff27f9ae53c7238586 8af0e5962dd66fcba26af6b4c954385026389491bda79cf16c4cfe00b3b34fb4 Loading...

	unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js	ScriptElement	9.7 kB	2024-12-31	2025-01-11
Pretty URL unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js IP 104.17.246.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 03:39 Last Seen2025-01-11 14:15 Times Seen12 Hash ab23dc8ce2b944cc15e55f1f004048c9 de291142b744013c1c872fec4f0e550499c35e82 22be7e8aeea6c97526873b1e8bef7b98dfb61f42eb7d68c7cf897e090a922ba6 Loading...

	loot-link.com/s?fcbb67de	ScriptElement	1.6 kB	2024-10-01	2025-06-02
Pretty URL loot-link.com/s?fcbb67de IP 172.67.134.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-01 00:50 Last Seen2025-06-02 11:37 Times Seen72 Hash 558f233ddde0da7613463594b855ae68 487759c68a77d20f353698d0b9b9dcbd267d484b 0a3e527cb1a7dab5d0d1c786165221e81255b14586aae0b06337bba9fe5dcb9d Loading...

	loot-link.com/6.js	ScriptElement	82 kB	2024-12-31	2025-02-16
Pretty URL loot-link.com/6.js IP 172.67.134.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 03:39 Last Seen2025-02-16 16:52 Times Seen9 Hash cc96f4da2018cb2435278a04d03c39ed 9aab34868ecfa744b9bbfbf018557759b5e9bb6b 927ddba825ac23122b85306910f5e3876bb13768d014cf2778842582c65a11f1 Loading...

	unknown	Function	37 B	2023-04-11	2025-06-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-02 13:11 Times Seen268443 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js	ScriptElement	38 kB	2024-12-09	2025-06-02
Pretty URL fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js IP 52.217.141.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-09 20:50 Last Seen2025-06-02 11:37 Times Seen278 Hash 9ac06ba71cc5803c7515b3e8c3a2854d 03ba918aad85dda720c6f46267eb4fba9103aac3 6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd Loading...

	unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js	ScriptElement	384 kB	2024-11-04	2025-06-02
Pretty URL unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js IP 104.17.246.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-04 13:40 Last Seen2025-06-02 11:37 Times Seen734 Hash bc1ccb003c8dbdb1f75efa1fd38362bf 8ae598f92b85ef618e90e0129d57fb94c8f6c3b8 b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af Loading...

HTTP Transactions (18)

URL IP Response Size

cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js

104.18.186.31

200 OK

6.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
6.6 kB (6589 bytes)
Hash
4f6d0ac2c43a81b1890d6442a2a72494
5cec1237fc2cd482064efb78c55096560ffd4419
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07

HTTP Headers

GET /npm/babel-regenerator-runtime@6.5.0/runtime.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 03:39:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 6589
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 6.5.0
x-jsd-version-type: version
etag: W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
content-encoding: br
x-served-by: cache-fra-eddf8230078-FRA, cache-lga21936-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 17338460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgOIfp%2B94p42UcTvePj9f95%2BL6%2B3oEUmBr6Owo7cfU65OYBcpfqvIB5m5R4E3NGSIWYU8yMWfhl1AlxBd0KXnhGdrXTjMbnEHi9g%2FT1XpqpKFL7mG8KoTtbEg8rCXnQfiTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa73d7e987d56b4-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap

142.250.74.42

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
1.1 kB (1128 bytes)
Hash
6d26c67a5b5e2001cb1b1bd0d681c0d1
8740cc407d75a5aaa7a86af8f42f2c51c3080720
74260771db716ce5649c25eb9db8a5a314c6c4a17e3f44a6f77a2f5c0425c67b

HTTP Headers

GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Dec 2024 03:39:02 GMT
date: Tue, 31 Dec 2024 03:39:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js

104.17.246.203

302 Found

18 kB

URL GET HTTP/2
unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint52:49:2C:12:84:12:D7:18:93:74:16:EC:95:11:EA:C2:09:08:7D:0F
ValidityThu, 12 Dec 2024 16:51:52 GMT - Wed, 12 Mar 2025 17:51:49 GMT

File type
ASCII text, with no line terminators
Size
18 kB (18167 bytes)
Hash
6ea6175c4b94503542d9938c32e29842
4ca0ada4de1745e2f20148b0ca32a24ff9c4bde9
6b2fa84864e9bbd419426fd7dc9e324976931a76ae9354542bde05b3de57f93f

HTTP Headers

GET /detect-gpu@latest/dist/detect-gpu.umd.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 31 Dec 2024 03:39:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /detect-gpu@5.0.63/dist/detect-gpu.umd.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JGDCCH300W5MB8MRH8PR07A1-arn
cf-cache-status: HIT
age: 352
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fa73d7e98ab5689-OSL
X-Firefox-Spdy: h2

loot-link.com/6.js

172.67.134.201

200 OK

45 kB

URL GET HTTP/3
loot-link.com/6.js
IP
172.67.134.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectloot-link.com
Fingerprint85:3D:AB:09:A7:19:EB:BA:71:68:D1:83:61:10:BA:71:96:EF:EA:BE
ValidityMon, 04 Nov 2024 10:06:05 GMT - Sun, 02 Feb 2025 10:06:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (44630 bytes)
Hash
cc96f4da2018cb2435278a04d03c39ed
9aab34868ecfa744b9bbfbf018557759b5e9bb6b
927ddba825ac23122b85306910f5e3876bb13768d014cf2778842582c65a11f1

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /6.js HTTP/1.1
Host: loot-link.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/s?fcbb67de
Cookie: uid=aUX2iCGUkCTYX3tz1fyWsTxq5ZKrauS0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 03:39:02 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 07:00:00 GMT
etag: W/"677244f0-13e41"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2475
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrzpTBgVU5XL%2BoW201mZxVEVBJSQ4ASkskG4ijMIeFRZP1KYfHmb4k4uUv%2Bd6A7x1tyJdnlWJyVSM%2BOXlzDPjSooCzX%2FPa7m3VqU0FNVc63My9c3UCymb%2BK7yHSNZk7Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa73d7e6ec07130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4358&min_rtt=2627&rtt_var=2221&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4156&recv_bytes=1193&delivery_rate=226059&cwnd=12000&unsent_bytes=0&cid=84c6c5ec3121438b&ts=312&x=1", cfExtPri, cfHdrFlush;dur=0

d2tc1zttji8e3a.cloudfront.net/?tid=1132810&params_only=1

3.164.247.212

200 OK

348 B

URL GET HTTP/2
d2tc1zttji8e3a.cloudfront.net/?tid=1132810&params_only=1
IP
3.164.247.212:443
ASN
#0

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (594), with no line terminators
Size
348 B (348 bytes)
Hash
2243a81fbe407bef2561ed5c33cdae7f
e4c2ddd68766d4414a54f1ce55fa58517e16f415
36143939235b9a3ca559e378464a2f679297c7bee27c3ba2b6cb4e62a5e956ee

HTTP Headers

GET /?tid=1132810&params_only=1 HTTP/1.1
Host: d2tc1zttji8e3a.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loot-link.com/
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 348
date: Tue, 31 Dec 2024 03:39:03 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://loot-link.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 2d1005a64868f4455f2999ba31bde290.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: R3gsa-Ku85248BZ8GVy6697bu3WtKOuZXW7Ix9EwLh8Ac-uP1Ne09Q==
X-Firefox-Spdy: h2

d3h26c51lqz4go.cloudfront.net/loot-sources/rbx.jpg

143.204.42.188

200 OK

446 kB

URL GET HTTP/2
d3h26c51lqz4go.cloudfront.net/loot-sources/rbx.jpg
IP
143.204.42.188:443
ASN
#16509 AMAZON-02

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], progressive, precision 8, 1920x1080, components 3
Size
446 kB (445602 bytes)
Hash
782b7fc18a24ee997efd9a7f02fa4bf9
db1f15bf56aa30ec79bb6a9d2632fe2a12de099b
c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e

HTTP Headers

GET /loot-sources/rbx.jpg HTTP/1.1
Host: d3h26c51lqz4go.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 445602
last-modified: Tue, 12 Nov 2024 11:54:52 GMT
server: AmazonS3
date: Mon, 30 Dec 2024 13:27:26 GMT
etag: "782b7fc18a24ee997efd9a7f02fa4bf9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qqVB6N3EXnB1jY8VU38WxmEvWD2aeFLFKco47EJdfBAOnJzMu5xygw==
age: 51098
X-Firefox-Spdy: h2

nerventualken.com/tc

172.67.197.84

200 OK

0 B

URL POST HTTP/2
nerventualken.com/tc
IP
172.67.197.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectnerventualken.com
Fingerprint19:CE:12:37:70:29:71:A4:D4:6B:D7:88:6E:23:42:C9:90:8F:29:C7
ValidityThu, 28 Nov 2024 17:04:35 GMT - Wed, 26 Feb 2025 17:04:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tc HTTP/1.1
Host: nerventualken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://loot-link.com/
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 03:39:03 GMT
content-type: application/json
content-length: 0
set-cookie: ci=234378416391801; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://loot-link.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxuXnTVGc8enAwboC9PrHFfyL%2BWnwwC2E%2FnwedTSzPNXs9xe0Q3pI%2BUJuW6lHlcbJpSfwaGq3FOZmNmtcyprsyA98J9NzzarVVwDsQhrN5cHmhptm09dE9fWx13AMoQ1LXorHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa73d82fd1156a9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=590&min_rtt=431&rtt_var=172&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3290&recv_bytes=1271&delivery_rate=7203980&cwnd=254&unsent_bytes=0&cid=95cb14de551f9734&ts=268&x=0"
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.98

200 OK

53 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.98:443
ASN
#15169 GOOGLE

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
FingerprintBA:DF:E8:69:61:F6:F8:D5:A5:A9:E9:A2:92:F0:8A:AA:A7:E6:7A:EA
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (3679)
Size
53 kB (53261 bytes)
Hash
e3d9d51ce94c998511f795e0c37862e1
2aff2b742c9ca3ccc8834da3c7b4cdfbb0c6d49f
3a80d6bd4812b89dfd94ac5e080c977e804a5c950707e81e4eb8f7b3f71b0d4d

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loot-link.com/
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 31 Dec 2024 03:39:03 GMT
expires: Tue, 31 Dec 2024 03:39:03 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6193969935381387934
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js

52.217.141.122

200 OK

38 kB

URL GET HTTP/1.1
fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
IP
52.217.141.122:443
ASN
#16509 AMAZON-02

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintE8:B4:46:AB:CF:F8:1A:F9:65:3F:DD:AD:F3:14:03:B8:A9:44:A2:1F
ValidityMon, 18 Nov 2024 00:00:00 GMT - Fri, 07 Nov 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38136), with no line terminators
Size
38 kB (38143 bytes)
Hash
9ac06ba71cc5803c7515b3e8c3a2854d
03ba918aad85dda720c6f46267eb4fba9103aac3
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

HTTP Headers

GET /fingerprint.js HTTP/1.1
Host: fingerprinting36542.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5YjbGHJDmLjADgcY+lrTdUj6lmbddErds5PPoa+t5Pg5ScVm17fKn2b+7AIeG4qLNiQHJdMA0Mw=
x-amz-request-id: P961462MMKPDM9PG
Date: Tue, 31 Dec 2024 03:39:04 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 09 Dec 2024 12:08:59 GMT
ETag: "9ac06ba71cc5803c7515b3e8c3a2854d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 38143
Server: AmazonS3

unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js

104.17.246.203

302 Found

3.2 kB

URL GET HTTP/2
unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint52:49:2C:12:84:12:D7:18:93:74:16:EC:95:11:EA:C2:09:08:7D:0F
ValidityThu, 12 Dec 2024 16:51:52 GMT - Wed, 12 Mar 2025 17:51:49 GMT

File type
ASCII text, with no line terminators
Size
3.2 kB (3197 bytes)
Hash
d03cb5ba4fbb91dbef27fd161b8a7061
bc3d5e1a2672e5ab2783732739416d14b013755b
8858bdb522665ac44a2f4e4221ed78b06c01cf2ee19724d7e033b21c45157332

HTTP Headers

GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 31 Dec 2024 03:39:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JGDCPZBWCRKWWY1Z5ZK07JSZ-arn
cf-cache-status: HIT
age: 13
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fa73d88fec85689-OSL
X-Firefox-Spdy: h2

d1wzdj81h1hubn.cloudfront.net/resources/c94584993fa8656a.png

3.164.226.228

200 OK

43 kB

URL GET HTTP/2
d1wzdj81h1hubn.cloudfront.net/resources/c94584993fa8656a.png
IP
3.164.226.228:443
ASN
#0

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
PNG image data, 315 x 315, 8-bit/color RGBA, non-interlaced
Size
43 kB (42795 bytes)
Hash
a5101fb25f8e55d17ec13cb520f868d1
f0e0b96459e5f342b6b8d0ccfc0d73ea589b8b4d
df0f8eca301ac73cbffc5b0d13742eda1012f02c79c1e2fe21a59fb8eb84ae02

HTTP Headers

GET /resources/c94584993fa8656a.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 42795
date: Tue, 31 Dec 2024 03:39:05 GMT
last-modified: Sat, 21 Dec 2024 16:50:16 GMT
etag: "a5101fb25f8e55d17ec13cb520f868d1"
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 448991
x-amz-meta-timestamp: 2024-12-21T09:04:05.103035
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5d44e22fe93ef8713c49e65bc8443112.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: 6Sys8IT32JGosrk540dbCPovQTTzZfURvtKKJy0X_smsRJz_66bSCQ==
X-Firefox-Spdy: h2

d1wzdj81h1hubn.cloudfront.net/icons/apps.png

3.164.226.228

200 OK

3.1 kB

URL GET HTTP/2
d1wzdj81h1hubn.cloudfront.net/icons/apps.png
IP
3.164.226.228:443
ASN
#0

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3115 bytes)
Hash
fe92fe3dee69ba5c6dc9ab4b1785c556
444c3bcb27bde9c050a4bd51bf35d511951a3077
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

HTTP Headers

GET /icons/apps.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 3115
last-modified: Tue, 07 Feb 2023 09:32:37 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Dec 2024 08:35:23 GMT
etag: "fe92fe3dee69ba5c6dc9ab4b1785c556"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5d44e22fe93ef8713c49e65bc8443112.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: 2w-YIg7lSWhRcB_hTo3bC-2aj3MHazrUOeApGVXHK-YbI8-_z1hvWQ==
age: 68625
X-Firefox-Spdy: h2

loot-link.com/s?fcbb67de

172.67.134.201

200 OK

22 kB

URL User Request GET HTTP/2
loot-link.com/s?fcbb67de
IP
172.67.134.201:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectloot-link.com
Fingerprint85:3D:AB:09:A7:19:EB:BA:71:68:D1:83:61:10:BA:71:96:EF:EA:BE
ValidityMon, 04 Nov 2024 10:06:05 GMT - Sun, 02 Feb 2025 10:06:04 GMT

File type
HTML document, ASCII text, with very long lines (3884)
Size
22 kB (21889 bytes)
Hash
bdade41a2ea5c29de95934094378d4ff
ff7130d66f5b249ab5f3a415350be312e7958800
c2ec7e5d0f0078919440c85d54a167207c2e5fa8d408a33fa5be90a29f67ed06

HTTP Headers

GET /s?fcbb67de HTTP/1.1
Host: loot-link.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 03:39:02 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
set-cookie: uid=aUX2iCGUkCTYX3tz1fyWsTxq5ZKrauS0; expires=Wed, 31 Dec 2025 03:39:02 GMT; Path=/; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsQDJ9iJE2TUVb2%2Fc9MXgsfYzPVtB2ibxjdcHlnd%2FUDF9NbIP4BpfCmUjjTJZaoENifurzXcsT%2F4jXqLLhE1bxN4MzJwjYIwuX6YQp%2BwOPkimoQwDBAjsElC0Nr7jmS6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa73d7afacfb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6650&min_rtt=466&rtt_var=12314&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1124&delivery_rate=6407079&cwnd=254&unsent_bytes=0&cid=5f573419676c855b&ts=257&x=0"
X-Firefox-Spdy: h2

unpkg.com/detect-gpu@5.0.63/dist/detect-gpu.umd.js

104.17.246.203

200 OK

9.7 kB

URL GET HTTP/2
unpkg.com/detect-gpu@5.0.63/dist/detect-gpu.umd.js
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint52:49:2C:12:84:12:D7:18:93:74:16:EC:95:11:EA:C2:09:08:7D:0F
ValidityThu, 12 Dec 2024 16:51:52 GMT - Wed, 12 Mar 2025 17:51:49 GMT

File type
JavaScript source, ASCII text, with very long lines (10011), with no line terminators
Size
9.7 kB (9667 bytes)
Hash
a8a4b9941ebd25cb8fc0b9e26fe3df5f
44c4636b2edf7979abfe99c2f7974817b0360b00
f3000554729ad75aee8e3cb52c8dfb5c8b1a609faa9363a9a9f8f5225647371f

HTTP Headers

GET /detect-gpu@5.0.63/dist/detect-gpu.umd.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loot-link.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 03:39:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "25c3-3ikRQrdEATwchy/sTw5VBJnDXoI"
via: 1.1 fly.io
fly-request-id: 01JG7ZTW1494CREWDZW8KHSV5X-arn
cf-cache-status: HIT
age: 181287
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fa73d7f08e15689-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18100, version 1.0
Size
18 kB (18100 bytes)
Hash
2af0645d8798834a774f014332120c5d
c1f9a794c35d75cd3196ec52e457467d33b2405b
42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f

HTTP Headers

GET /s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Dec 2024 04:02:11 GMT
expires: Sun, 28 Dec 2025 04:02:11 GMT
cache-control: public, max-age=31536000
age: 257812
last-modified: Thu, 24 Aug 2023 19:54:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

104.17.246.203

200 OK

384 kB

URL GET HTTP/2
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint52:49:2C:12:84:12:D7:18:93:74:16:EC:95:11:EA:C2:09:08:7D:0F
ValidityThu, 12 Dec 2024 16:51:52 GMT - Wed, 12 Mar 2025 17:51:49 GMT

File type

Size
384 kB (383981 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loot-link.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 03:39:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
via: 1.1 fly.io
fly-request-id: 01JFH2E30AV7ERCXT9W1JEJXQB-arn
cf-cache-status: HIT
age: 950312
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fa73d892ede5689-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18088, version 1.0
Size
18 kB (18088 bytes)
Hash
f4aa2d622725f1af4e132e2bbaeb47ae
20594962b8a024c0cec8d3b3fe8614bea75d5388
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f

HTTP Headers

GET /s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loot-link.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18088
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Dec 2024 01:41:32 GMT
expires: Sun, 28 Dec 2025 01:41:32 GMT
cache-control: public, max-age=31536000
age: 266251
last-modified: Thu, 24 Aug 2023 20:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

loot-link.com/favicon.ico

172.67.134.201

404 Not Found

159 B

URL GET HTTP/3
loot-link.com/favicon.ico
IP
172.67.134.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loot-link.com/s?fcbb67de
Certificate
IssuerGoogle Trust Services
Subjectloot-link.com
Fingerprint85:3D:AB:09:A7:19:EB:BA:71:68:D1:83:61:10:BA:71:96:EF:EA:BE
ValidityMon, 04 Nov 2024 10:06:05 GMT - Sun, 02 Feb 2025 10:06:04 GMT

File type
HTML document, ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
047df4239d5e57f4c78db606a5859d7b
6f2a5da57c2a02837e19f8ac1158db728f3ad62c
45eda3cf633f023269cef5c11cf1c1d5dde3345afdc28610589ef3682ae5130a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: loot-link.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loot-link.com/s?fcbb67de
Cookie: uid=aUX2iCGUkCTYX3tz1fyWsTxq5ZKrauS0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 31 Dec 2024 03:39:03 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BIv02GiQyEBXH3G17VSYI6RuRcwBl7sICYZ9GvHfR1bPanh1yBsytFo337oXw6IrVcZf2TIR%2B3thgXv9dey855%2FJ%2FWtYLzC0qE%2FFmNRXDE7%2BjWXsiolBxr5PLuSDD%2FL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa73d80ffd87130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4521&min_rtt=1310&rtt_var=3100&sent=33&recv=11&lost=0&retrans=0&sent_bytes=26830&recv_bytes=1588&delivery_rate=8124813&cwnd=24000&unsent_bytes=0&cid=84c6c5ec3121438b&ts=951&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2