Report - lootdest.com/s?NpHC

Report Overview

Visited public
2025-07-20 13:35:04
Tags
Submit Tags
URL
lootdest.com/s?NpHC
Finishing URL
lootdest.com/s?NpHC&did=9
IP / ASN
54.240.174.85
#16509 AMAZON-02
Title
Dragon Ball Rage Script

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dh8azcl753e1e.cloudfront.net	unknown	2008-04-25	2025-07-12	2025-07-19	466 B	1.1 kB	18.165.142.103
lootdest.com	unknown	2023-09-14	2023-09-18	2025-07-14	3.2 kB	299 kB	54.240.174.64
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-07-16	448 B	22 kB	151.101.1.229
nerventualken.com	unknown	2024-01-01	2024-10-08	2025-07-16	1.0 kB	2.5 kB	104.21.21.90
creators.lootlabs.gg	unknown	2023-03-20	2025-05-31	2025-07-13	1.0 kB	49 kB	54.240.174.38
unpkg.com	11693	2016-01-06	2016-01-07	2025-07-16	900 B	769 kB	104.18.1.22
fingerprinting36542.s3.us-east-1.amazonaws.com	unknown	2005-08-18	2024-12-09	2025-07-19	473 B	39 kB	52.217.132.162
app.unlockr.app	unknown	2024-08-18	2025-03-20	2025-07-20	463 B	879 B	104.21.81.47
d1wzdj81h1hubn.cloudfront.net	unknown	2008-04-25	2023-01-18	2025-07-13	2.8 kB	5.7 MB	54.230.245.83
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-16	1.1 kB	38 kB	142.250.178.99
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-16	462 B	4.9 kB	142.250.178.106
pagead2.googlesyndication.com	101	2003-01-21	2012-05-21	2025-07-17	465 B	165 kB	142.250.178.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-07-20	medium	lootdest.com/9.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework
2025-07-20	medium	javascript.script.md5:5e7338e627b9ffa06d9e83f94f1b61a0	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-20	medium	lootdest.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js	ScriptElement	38 kB	2024-12-09	2025-07-24
Pretty URL fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js IP 52.217.132.162 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-09 20:50 Last Seen2025-07-24 23:31 Times Seen372 Hash 9ac06ba71cc5803c7515b3e8c3a2854d 03ba918aad85dda720c6f46267eb4fba9103aac3 6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd Loading...

	unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js	ScriptElement	384 kB	2024-11-04	2025-07-25
Pretty URL unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js IP 104.18.1.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-04 13:40 Last Seen2025-07-25 00:40 Times Seen1168 Hash bc1ccb003c8dbdb1f75efa1fd38362bf 8ae598f92b85ef618e90e0129d57fb94c8f6c3b8 b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af Loading...

	cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js	ScriptElement	1.0 kB	2025-07-17	2025-07-20
Pretty URL cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-17 13:14 Last Seen2025-07-20 13:35 Times Seen2 Hash 893db0ee222823da7ed68a791a9c9918 71651a0553cd85e9feb3ed13f3c9fca0c3bb3e59 617fa3a74a8f3463222905f660a9265029b3898aab1a321d031ac6fe344c3b1c Loading...

	lootdest.com/s?NpHC&did=9	Function	79 B	2023-04-11	2025-07-25
Pretty URL lootdest.com/s?NpHC&did=9 IP 54.240.174.64 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-07-25 03:37 Times Seen119901 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	lootdest.com/s?NpHC&did=9	ScriptElement	57 B	2025-07-20	2025-07-20
Pretty URL lootdest.com/s?NpHC&did=9 IP 54.240.174.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-20 13:35 Last Seen2025-07-20 13:35 Times Seen1 Hash f9d7c295d445a799c74d5ebf55f59c22 01b1b7d0a5a42cdc301d303ecab4fb24d237b1c3 2fa0fc91fc5550d075a1bf53e6ac11dc0e59f9f4b58f918bb11f7431f7dc6d41 Loading...

	lootdest.com/s?NpHC&did=9	Function	37 B	2023-04-11	2025-07-25
Pretty URL lootdest.com/s?NpHC&did=9 IP 54.240.174.64 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-07-25 03:44 Times Seen310094 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	lootdest.com/s?NpHC&did=9	ScriptElement	16 kB	2025-07-20	2025-07-20
Pretty URL lootdest.com/s?NpHC&did=9 IP 54.240.174.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-20 13:35 Last Seen2025-07-20 13:35 Times Seen1 Hash 3bd20c04a211e282d1411e33d606755a 03d01f0b8e808ccf75cb631d4c98048045534c7a ffd07e35fcea45c16d6dc36582719d9dd694d603e42fb177011121a10672a008 Loading...

	lootdest.com/9.js	ScriptElement	102 kB	2025-07-17	2025-07-21
Pretty URL lootdest.com/9.js IP 54.240.174.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-17 13:14 Last Seen2025-07-21 17:53 Times Seen5 Hash 5e7338e627b9ffa06d9e83f94f1b61a0 d02d1a16ad61c1077b1bd63a13679fb7f6f00f0b 3efdc4608e73f67b51c0f1d9f6e8668140c3a27080d6c43f0b0806bcfb256acb Loading...

HTTP Transactions (27)

URL IP Response Size

GET dh8azcl753e1e.cloudfront.net/?tid=1053650&params_only=1

18.165.142.103

200 OK

596 B

URL GET
dh8azcl753e1e.cloudfront.net/?tid=1053650&params_only=1
IP
18.165.142.103:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
ASCII text, with very long lines (596), with no line terminators
Size
596 B (596 bytes)
Hash
016f1ef17f047641a98343764aa5625c
03fb7a856a858765517f637e105c96c622f6a814
a607a2d8a08ea848f6c5399fe6332eafe38f6837d2d92840499c10ca490df138

HTTP Headers

GET /?tid=1053650&params_only=1 HTTP/1.1
Host: dh8azcl753e1e.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lootdest.com/
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 350
access-control-allow-credentials: true
access-control-allow-origin: https://lootdest.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
date: Sun, 20 Jul 2025 13:34:43 GMT
x-cache: Miss from cloudfront
via: 1.1 9a36687e0defa29cd1a917bb38ae7ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 6yyi9v0b5GwkFcXXesTTeMcJRpNHK2QyTH9lam52wFF8a-u-MyMe0A==
X-Firefox-Spdy: h2

GET fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js

52.217.132.162

200 OK

38 kB

URL GET
fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js
IP
52.217.132.162:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:6E:24:DA:38:A4:1B:D7:08:C5:38:4D:E4:0F:23:5C:25:6C:07:22
ValidityTue, 20 May 2025 00:00:00 GMT - Fri, 15 May 2026 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38136), with no line terminators
Size
38 kB (38143 bytes)
Hash
9ac06ba71cc5803c7515b3e8c3a2854d
03ba918aad85dda720c6f46267eb4fba9103aac3
6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

HTTP Headers

GET /fingerprint.js HTTP/1.1
Host: fingerprinting36542.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 9qXh4U2IdziipIrARNXzCxJQAME/eenb3FdYrMS5VeSZuomNAeBPZDrbONj2YTrhbwVyLz6pjIM=
x-amz-request-id: 9AE06N56Z06E7WW5
Date: Sun, 20 Jul 2025 13:34:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 09 Dec 2024 12:08:59 GMT
ETag: "9ac06ba71cc5803c7515b3e8c3a2854d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 38143
Server: AmazonS3

GET lootdest.com/9.js

54.240.174.64

200 OK

102 kB

URL GET
lootdest.com/9.js
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
102 kB (102002 bytes)
Hash
5e7338e627b9ffa06d9e83f94f1b61a0
d02d1a16ad61c1077b1bd63a13679fb7f6f00f0b
3efdc4608e73f67b51c0f1d9f6e8668140c3a27080d6c43f0b0806bcfb256acb

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9.js HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/s?NpHC&did=9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Sun, 20 Jul 2025 13:34:41 GMT
content-encoding: gzip
vary: accept-encoding
server: openresty/1.21.4.1
last-modified: Sun, 20 Jul 2025 07:00:00 GMT
etag: W/"687c93f0-18e72"
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EHLpYDwlSex2d-G2EGL1F9DbsjTcDCQkwGIlz17zeZxSniQQb5c-8A==
X-Firefox-Spdy: h2

POST app.unlockr.app/pixel?event=unlockrPromote&session_id=806566194264605994

104.21.81.47

200 OK

0 B

URL POST
app.unlockr.app/pixel?event=unlockrPromote&session_id=806566194264605994
IP
104.21.81.47:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectunlockr.app
FingerprintD4:0F:49:B4:99:EE:44:CC:49:C8:6E:86:F3:54:BC:C3:C8:5A:12:BC
ValidityThu, 26 Jun 2025 15:29:44 GMT - Wed, 24 Sep 2025 16:28:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pixel?event=unlockrPromote&session_id=806566194264605994 HTTP/1.1
Host: app.unlockr.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Sun, 20 Jul 2025 13:34:45 GMT
content-type: text/html; charset=UTF-8
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
access-control-allow-origin: https://lootdest.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fg20tdDXc6AiGd3IE6rQCe4MDNuvZzvUiKasikSQt85gk%2FfteApyMeeVc3lr1lFouY4yU%2BRwNBcH6weGb5MFPro7D9DB5660%2F1GbdjM%3D"}]}
content-encoding: br
cf-ray: 9622d67e9d04b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET lootdest.com/qr.png

54.240.174.64

200 OK

7.2 kB

URL GET
lootdest.com/qr.png
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
PNG image data, 1160 x 1160, 8-bit/color RGB, non-interlaced
Size
7.2 kB (7224 bytes)
Hash
a93ba4860dc42551669d1c44999d6219
f42f4d71fa233d571ec60e8998b15772eedf9b6c
bdd20de2c3c9af1e3df3ac71b2a52de1704c06e3bf2885db0a48423380f559cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /qr.png HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/s?NpHC&did=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 7224
date: Sun, 20 Jul 2025 13:34:45 GMT
accept-ranges: bytes
server: openresty/1.21.4.1
last-modified: Sun, 20 Jul 2025 07:00:00 GMT
etag: "687c93f0-1c38"
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vXC-eyYWW9k_0b9tn1Puk48_LnlJp3VuUektZf4eZxl7RbWbWllrow==
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js

151.101.1.229

200 OK

22 kB

URL GET
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, ASCII text
Size
22 kB (21453 bytes)
Hash
4f6d0ac2c43a81b1890d6442a2a72494
5cec1237fc2cd482064efb78c55096560ffd4419
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07

HTTP Headers

GET /npm/babel-regenerator-runtime@6.5.0/runtime.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 6.5.0
x-jsd-version-type: version
etag: W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 13:34:41 GMT
age: 2897635
x-served-by: cache-fra-eddf8230078-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6589
X-Firefox-Spdy: h2

GET lootdest.com/favicon.ico

54.240.174.64

404 Not Found

159 B

URL GET
lootdest.com/favicon.ico
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
159 B (159 bytes)
Hash
707a6bf80b2aae914a3475cb829e534b
2e70d81cf7a8b2c2bf66521e720969d1e92f3819
20703cc00e86bed52bb9af00fac1cbd8c3dc16c2866b7251288325f1501c8755

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/s?NpHC&did=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
content-length: 159
date: Sun, 20 Jul 2025 13:34:44 GMT
server: openresty/1.21.4.1
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FmW52i_YSvKqsGPhJSFJnIubK2c2U9t9Oi3-S5VW8fPNUzruE6tDeA==
X-Firefox-Spdy: h2

OPTIONS nerventualken.com/tc

104.21.21.90

200 OK

0 B

URL OPTIONS
nerventualken.com/tc
IP
104.21.21.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectnerventualken.com
FingerprintBB:5A:D8:D6:24:80:4E:D6:AD:D5:BC:83:1F:7D:C1:C9:BA:26:27:9D
ValiditySun, 25 May 2025 04:53:39 GMT - Sat, 23 Aug 2025 05:52:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tc HTTP/1.1
Host: nerventualken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lootdest.com/
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 13:34:44 GMT
content-type: application/json
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
access-control-allow-origin: https://lootdest.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QoEcc01WCGph4EdZsoby%2F%2B2%2BePMM7PztowT0Urf8mF8xQ5vgtDi8wbUuJGDND4R5rouvS%2FGJNUHovDb2HHoNx6nm2%2B92tXhhLhuK7xlmsA%3D%3D"}]}
content-encoding: br
set-cookie: ci=386570178274930; SameSite=None; Secure; Max-Age=86400
cf-ray: 9622d6782b7fb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/resources/f051d30b6b4bc6ff.jpeg

54.230.245.83

200 OK

74 kB

URL GET
d1wzdj81h1hubn.cloudfront.net/resources/f051d30b6b4bc6ff.jpeg
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1030x1004, components 3
Size
74 kB (73498 bytes)
Hash
abf3fcaf1623b8c189244449d581b592
e9ab5772b28c85d4dcb5cb1285fc683d7be47001
b097aafa5e5acd74d3ecb6d8b26a3cf60b0e2984cbc633a493968bfc6bab8618

HTTP Headers

GET /resources/f051d30b6b4bc6ff.jpeg HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 73498
last-modified: Tue, 12 Nov 2024 03:51:50 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 351647
x-amz-meta-timestamp: 2024-11-12T00:37:03.112779
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Jul 2025 09:51:14 GMT
etag: "abf3fcaf1623b8c189244449d581b592"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ssqux0RfCE6rt8PYzYIdo-YJ7XwKF1MsIoP7lMkh8FMqel_g89hCjg==
age: 13413
X-Firefox-Spdy: h2

POST nerventualken.com/tc

104.21.21.90

200 OK

615 B

URL POST
nerventualken.com/tc
IP
104.21.21.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectnerventualken.com
FingerprintBB:5A:D8:D6:24:80:4E:D6:AD:D5:BC:83:1F:7D:C1:C9:BA:26:27:9D
ValiditySun, 25 May 2025 04:53:39 GMT - Sat, 23 Aug 2025 05:52:00 GMT

File type
JSON text data
Size
615 B (615 bytes)
Hash
2063b85f16ef7df4645ffbf9b2b46a2c
f3bd7c4ad2cbc4938f0bb5d99bbbe8c9eb6ee1e2
563da12e19de00a97187ca03d18ff40216c4ef72e3dcb8a876828f99c765b2e6

HTTP Headers

POST /tc HTTP/1.1
Host: nerventualken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lootdest.com/
Content-Type: application/json
Content-Length: 706
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 13:34:45 GMT
content-type: application/json
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
access-control-allow-origin: https://lootdest.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bJzuUTIrzGDj0HXv1snbRa73IKQxKHwBBsTIO2E2fbVxTwd6t2yLb%2BSxHvM0%2BmtuLYJ5uNeA%2BLN1CVq3rbPtBwn%2FoS64B8SpAF4zoN822Q%3D%3D"}]}
content-encoding: br
set-cookie: ci=1919449489075270; SameSite=None; Secure; Max-Age=86400
cf-ray: 9622d6790a6556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/resources/4b48ef369da3aafb.png

54.230.245.83

200 OK

1.9 MB

URL GET
d1wzdj81h1hubn.cloudfront.net/resources/4b48ef369da3aafb.png
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced
Size
1.9 MB (1857172 bytes)
Hash
d0f2f3e102bd936eae592da950ee009f
9b4d72513398b5161a663aabfe30cd6d0d34d369
8389374f23808f3e07f980d51cd5175a350b029dbfd27061e8c54306ac38f1ce

HTTP Headers

GET /resources/4b48ef369da3aafb.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1857172
last-modified: Wed, 02 Jul 2025 20:27:18 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 477364
x-amz-meta-timestamp: 2025-07-02T18:04:30.122112
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Jul 2025 03:11:13 GMT
etag: "d0f2f3e102bd936eae592da950ee009f"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PX-6_HwvoqEKMzYGq3tmlKJ7nftDxgiDF2-A_CFGa2GDNUt_iS_JHQ==
age: 37414
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/resources/b1f7f5607533a750.gif

54.230.245.83

200 OK

3.6 MB

URL GET
d1wzdj81h1hubn.cloudfront.net/resources/b1f7f5607533a750.gif
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 270
Size
3.6 MB (3597380 bytes)
Hash
685ad44243ed88ae5d92ab5d4e4beb31
3deb2ad836de4c6380591f58fca4bd30f3f8b204
1f1164dedcb297c408756493144a8d4de63360a6454f03aee1f3abf8f7af2021

HTTP Headers

GET /resources/b1f7f5607533a750.gif HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 3597380
last-modified: Wed, 20 Nov 2024 16:32:20 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 440984
x-amz-meta-timestamp: 2024-11-15T16:02:44.778736
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Jul 2025 06:06:56 GMT
etag: "685ad44243ed88ae5d92ab5d4e4beb31"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fMqKh7e7lsAdeIw7vcwgczuh8EL5pbIHwt8rk7vvP7Sa1PpH4LxLzg==
age: 26871
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/play/v20/6aez4K2oVqwIvtU2Hw.woff2

142.250.178.99

200 OK

18 kB

URL GET
fonts.gstatic.com/s/play/v20/6aez4K2oVqwIvtU2Hw.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
ValidityMon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18128, version 1.0
Size
18 kB (18128 bytes)
Hash
3ed6c0946ff584a90850e13ab42305eb
e99ed206e2c7241fa3823c5dfe81b0aab45c4ed7
a8824b32c20407f3e05b353ffe9b606670ff4fe88574afcbee6b02e31eab7fc6

HTTP Headers

GET /s/play/v20/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Jul 2025 21:35:12 GMT
expires: Tue, 14 Jul 2026 21:35:12 GMT
cache-control: public, max-age=31536000
age: 489572
last-modified: Mon, 02 Jun 2025 16:45:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/1428d4d358793e00.jpeg

54.230.245.83

200 OK

85 kB

URL GET
d1wzdj81h1hubn.cloudfront.net/1428d4d358793e00.jpeg
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=300], progressive, precision 8, 300x300, components 3
Size
85 kB (85016 bytes)
Hash
71bbf3517634f7af225fa0e2388d0e04
d118cd6efc8d991e1b9b00ce2f10646f560942f3
e392d7ef213b89f6b0145fabb876150c1c7bb789a4a4cbf33024915db7be4e78

HTTP Headers

GET /1428d4d358793e00.jpeg HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 85016
last-modified: Wed, 05 Jun 2024 11:17:32 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-timestamp: 2024-06-05T07:03:58.010801
accept-ranges: bytes
server: AmazonS3
date: Sat, 19 Jul 2025 15:34:42 GMT
etag: "71bbf3517634f7af225fa0e2388d0e04"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2M_s7N4IyMovYfTePXlEC6X98qDM_DXwYZjYeLkc-7Bg7z6fBUXETg==
age: 79203
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/icons/apps.png

54.230.245.83

200 OK

3.1 kB

URL GET
d1wzdj81h1hubn.cloudfront.net/icons/apps.png
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3115 bytes)
Hash
fe92fe3dee69ba5c6dc9ab4b1785c556
444c3bcb27bde9c050a4bd51bf35d511951a3077
2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0

HTTP Headers

GET /icons/apps.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 3115
last-modified: Tue, 07 Feb 2023 09:32:37 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Jul 2025 09:34:44 GMT
etag: "fe92fe3dee69ba5c6dc9ab4b1785c556"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6DHh5RRV1xuIBrxqv4mH51vTsi8-7Wcw46In4qUEW4CehFRu8vxV3w==
age: 14661
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap

142.250.178.106

200 OK

4.2 kB

URL GET
fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintDC:40:BF:B1:59:C9:CC:B5:4A:38:2D:D0:16:8D:06:A5:1D:B4:08:8B
ValidityMon, 23 Jun 2025 08:41:28 GMT - Mon, 15 Sep 2025 08:41:27 GMT

File type
ASCII text
Size
4.2 kB (4192 bytes)
Hash
514d99a714b4c23c7ec96adfe23c1d60
9331e81302450cfdc5630f65f7b7147e62e4c0f8
75a40a0c833b14ae64f9f9b74629da9d8b9cd98b4fde1dce379773a84838016b

HTTP Headers

GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Jul 2025 13:34:41 GMT
date: Sun, 20 Jul 2025 13:34:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

OPTIONS creators.lootlabs.gg/api/links_search

54.240.174.38

204 No Content

0 B

URL OPTIONS
creators.lootlabs.gg/api/links_search
IP
54.240.174.38:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectcreators.lootlabs.gg
Fingerprint64:63:85:C4:3A:C0:E1:22:50:B3:E7:21:84:4B:EA:E2:A4:3D:73:71
ValidityWed, 18 Jun 2025 00:00:00 GMT - Fri, 17 Jul 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/links_search HTTP/1.1
Host: creators.lootlabs.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lootdest.com/
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 20 Jul 2025 13:34:45 GMT
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
server: openresty/1.21.4.1
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OGV6mFTfPY__T9Nwv47WRq0xSJ4pE5RcRfvSATwzM_93mWOTSYYSpw==
X-Firefox-Spdy: h2

GET unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

104.18.1.22

200 OK

384 kB

URL GET
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
IP
104.18.1.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint74:03:6D:4D:8D:B7:AF:5F:95:BA:97:8E:E3:FA:63:4F:20:FD:29:80
ValidityFri, 27 Jun 2025 07:12:29 GMT - Thu, 25 Sep 2025 08:12:28 GMT

File type
JavaScript source, ASCII text, with very long lines (27447)
Size
384 kB (383981 bytes)
Hash
bc1ccb003c8dbdb1f75efa1fd38362bf
8ae598f92b85ef618e90e0129d57fb94c8f6c3b8
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af

HTTP Headers

GET /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lootdest.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 13:34:45 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 9622d67ecd38b4fa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 131106
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 13:34:45 GMT
last-modified: Tue, 29 Apr 2025 17:16:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fly.io, 1.1 fly.io
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: *
content-digest: sha256=:s5bGhH+Rb5OzU93ckkWwVq2QDRFc+1ieeQm6mW6vcK8=:
cross-origin-resource-policy: cross-origin
fly-request-id: 01JT18S4QMXBPS96PSFS1JWCXY-ord
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST creators.lootlabs.gg/api/links_search

54.240.174.38

200 OK

48 kB

URL POST
creators.lootlabs.gg/api/links_search
IP
54.240.174.38:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectcreators.lootlabs.gg
Fingerprint64:63:85:C4:3A:C0:E1:22:50:B3:E7:21:84:4B:EA:E2:A4:3D:73:71
ValidityWed, 18 Jun 2025 00:00:00 GMT - Fri, 17 Jul 2026 23:59:59 GMT

File type
JSON text data
Size
48 kB (47885 bytes)
Hash
28e9bfc3eb5cf06ef4488834f54e2977
d1faacd6cc1c2858a544e0ee416f8162ab5b5ae4
95d288cb2da6c7989de43623ac196d8373bfda0a1346da6bf366d832916fbb32

HTTP Headers

POST /api/links_search HTTP/1.1
Host: creators.lootlabs.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lootdest.com/
Content-Type: application/json
Content-Length: 27
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
date: Sun, 20 Jul 2025 13:34:45 GMT
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
server: openresty/1.21.4.1
access-control-allow-origin: *
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4MOhuZTv9VW9jmm-wuUA2bLjlT_rXYc87JlwtqSKcHXWLp4M89lZmQ==
X-Firefox-Spdy: h2

GET lootdest.com/s?NpHC

54.240.174.64

302 Found

23 kB

URL User Request GET
lootdest.com/s?NpHC
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type

Size
23 kB (22752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s?NpHC HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/json
content-length: 0
location: https://lootdest.com/s?NpHC&did=9
date: Sun, 20 Jul 2025 13:34:41 GMT
server: openresty/1.21.4.1
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
surrogate-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ULe5p6-ahmjTF8cakwT3MuhaG7zlVMVaVhRsQRQMZkJBnkGgFCXoUA==
X-Firefox-Spdy: h2

GET lootdest.com/WrappedBotd.browser.protected.js

54.240.174.64

200 OK

109 kB

URL GET
lootdest.com/WrappedBotd.browser.protected.js
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (109231 bytes)
Hash
95888320adab6afba4a8e0c8f06e8361
c04b231b41d57f1cc95e66e04d8f2631a4b10018
8fda68ace483a03aa4362a8731fff5b2a37d85aab3de76801ab8e225b217b2df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WrappedBotd.browser.protected.js HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/s?NpHC&did=9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Sun, 20 Jul 2025 13:34:41 GMT
content-encoding: gzip
vary: accept-encoding
server: openresty/1.21.4.1
last-modified: Sun, 20 Jul 2025 07:00:00 GMT
etag: W/"687c93f0-1aaaf"
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IMpJPVbkS5Jt1CdM_eu82ACDzWakhy7GqxS8JZoeImcqt7Ht3j3DJQ==
X-Firefox-Spdy: h2

GET unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js

104.18.1.22

302 Found

384 kB

URL GET
unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
IP
104.18.1.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint74:03:6D:4D:8D:B7:AF:5F:95:BA:97:8E:E3:FA:63:4F:20:FD:29:80
ValidityFri, 27 Jun 2025 07:12:29 GMT - Thu, 25 Sep 2025 08:12:28 GMT

File type

Size
384 kB (383981 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 20 Jul 2025 13:34:45 GMT
content-type: text/plain;charset=UTF-8
content-length: 71
location: /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=300
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9622d67e8ce6b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET lootdest.com/unlocker.png

54.240.174.64

200 OK

31 kB

URL GET
lootdest.com/unlocker.png
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
PNG image data, 246 x 246, 8-bit/color RGBA, non-interlaced
Size
31 kB (31030 bytes)
Hash
aa3e9ab7989d9c695c98fc750957670d
4022d553f4952fa7c7b57f00942b202354b66acb
5e0813c96779ef092cefc6e77fa90de7a86e307f04bd6d64f9d37a5d9a8fb4e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /unlocker.png HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/s?NpHC&did=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 31030
date: Sun, 20 Jul 2025 13:34:45 GMT
accept-ranges: bytes
server: openresty/1.21.4.1
last-modified: Sun, 20 Jul 2025 07:00:00 GMT
etag: "687c93f0-7936"
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FyYT1yr4scUnldTefSXnjHSHet2e_RvGgDvh8aYgvy4A0VFlXOec7g==
X-Firefox-Spdy: h2

GET d1wzdj81h1hubn.cloudfront.net/resources/2aea5f5337485af0.png

54.230.245.83

200 OK

108 kB

URL GET
d1wzdj81h1hubn.cloudfront.net/resources/2aea5f5337485af0.png
IP
54.230.245.83:443
ASN
#16509 AMAZON-02

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
PNG image data, 383 x 383, 8-bit/color RGBA, non-interlaced
Size
108 kB (107957 bytes)
Hash
7f9f3218285a1aaa088a92142b521005
3070c0803f0072d5ee4c2f28192b170bf3c7e3f0
2e4fa206502a315e56a5132698cf0a880cb2d669d35fe305bce234984bb499fa

HTTP Headers

GET /resources/2aea5f5337485af0.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lootdest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 107957
last-modified: Fri, 28 Mar 2025 12:09:28 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 473003
x-amz-meta-timestamp: 2025-03-28T03:42:31.993151
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Jul 2025 10:44:50 GMT
etag: "7f9f3218285a1aaa088a92142b521005"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _AjMMow_cUeASqSYK5KlwlXjuIUMFOTycoUnw9p1kj9hJmwZZsSJ0A==
age: 10313
X-Firefox-Spdy: h2

GET lootdest.com/s?NpHC&did=9

54.240.174.64

200 OK

23 kB

URL User Request GET
lootdest.com/s?NpHC&did=9
IP
54.240.174.64:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectloot-link.com
FingerprintF2:29:EE:C8:55:1A:0D:B4:EC:B8:40:2C:83:64:56:BA:0A:3A:6D:87
ValidityTue, 15 Jul 2025 00:00:00 GMT - Thu, 13 Aug 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3884)
Size
23 kB (22752 bytes)
Hash
b7f440ab1d1750d0286bbe153aa228c6
ed0c24b1203ca8dee225465460571d0516674c17
790d15a753b6b93fc8e10619469949542f01cd06ec46070662e8fd63524504ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s?NpHC&did=9 HTTP/1.1
Host: lootdest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Sun, 20 Jul 2025 13:34:41 GMT
vary: accept-encoding
server: openresty/1.21.4.1
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
surrogate-control: no-store
content-encoding: gzip
etag: W/"53076516-9eea-4522-ab51-b9d295150a30"
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jzUQCtj1URbNCTxrj1J4W5zunDX9R7jsv3zlaWiuehI_Tl3IyvOfkQ==
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/play/v20/6ae84K2oVqwItm4TCpAy2g.woff2

142.250.178.99

200 OK

18 kB

URL GET
fonts.gstatic.com/s/play/v20/6ae84K2oVqwItm4TCpAy2g.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
ValidityMon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18156, version 1.0
Size
18 kB (18156 bytes)
Hash
aad808c85ec3c88ca213ac1cb5f02d03
c95ec71ed1a088fced4797a512cd2cba9790a27f
d539e6e7c0240f1565b1156395d914d93200b2c3ba312809813bb6ca6f96578b

HTTP Headers

GET /s/play/v20/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Jul 2025 21:53:59 GMT
expires: Tue, 14 Jul 2026 21:53:59 GMT
cache-control: public, max-age=31536000
age: 488445
last-modified: Mon, 02 Jun 2025 16:44:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.178.34

200 OK

164 kB

URL GET
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.178.34:443
ASN
#15169 GOOGLE

Requested by
https://lootdest.com/s?NpHC&did=9
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
FingerprintF1:ED:20:12:BD:23:CD:08:FA:D3:32:4F:8E:79:71:2D:1D:99:40:DC
ValidityMon, 23 Jun 2025 08:40:16 GMT - Mon, 15 Sep 2025 08:40:15 GMT

File type
JavaScript source, ASCII text, with very long lines (4327)
Size
164 kB (164165 bytes)
Hash
0f80a3e72c309b39cdc25fdcbbf57287
76c1569a910a2772dfb4b302850ed51e6c88d420
d7a85be52c207603f093db01e9513bd5a224b2e2cb5bd99022a291860cf11032

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lootdest.com/
Origin: https://lootdest.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sun, 20 Jul 2025 13:34:44 GMT
expires: Sun, 20 Jul 2025 13:34:44 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7594904235487428105
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP