Report - lootdest.com/s?nHdt

Report Overview

Visited public
2024-02-04 21:09:14
Tags
URL
lootdest.com/s?nHdt
Finishing URL
lootdest.com/s?nHdt
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Pal - oneD

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2024-02-03 22:39:55	451 B	52 kB	142.250.74.98
lootdest.com	unknown	2023-09-14	2023-09-18 15:52:37	2024-02-03 13:20:49	1.3 kB	342 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-02-03 18:48:51	1.0 kB	38 kB	142.250.74.131
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-02-03 18:12:06	434 B	7.4 kB	151.101.193.229
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-02-03 21:39:57	448 B	24 kB	142.250.74.106
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2024-02-03 18:13:03	844 B	29 kB	104.16.123.175
d1q0x5umuwwxy2.cloudfront.net	unknown	unknown	No data	No data	453 B	914 B	143.204.42.181
onasider.top	550880	2021-06-08	2021-06-12 07:30:56	2024-02-02 11:59:18	979 B	1.8 kB	104.21.23.212

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-02-04 21:08:44	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	lootdest.com/s?nHdt	ScriptElement	16 kB	2024-08-20	2024-08-20
Pretty URL lootdest.com/s?nHdt IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 10:18 Last Seen2024-08-20 10:18 Times Seen1 Hash 8444b4fdc9058e39e1594f6209e5b962 80748cac4e7ef9b4e72525cfe8750b083f1a8589 df6f9c16749f02de16481313e1728788ebb2ff9e67d587f600153ff3e00a431e Loading...

	cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js	ScriptElement	22 kB	2023-03-07	2025-04-29
Pretty URL cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:26 Last Seen2025-04-29 16:14 Times Seen120 Hash 4f6d0ac2c43a81b1890d6442a2a72494 5cec1237fc2cd482064efb78c55096560ffd4419 b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07 Loading...

	unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js	ScriptElement	9.6 kB	2024-02-01	2024-08-20
Pretty URL unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 00:54 Last Seen2024-08-20 10:33 Times Seen18 Hash 04097de36063721ce2a465141fefdf3a c9e87adb8472e2536da2563bfffea5a15d60de47 98f0bbbbeefc45c94a7ad0d7a43837517e0d3b133daddc609fc074a173e1a4d6 Loading...

	lootdest.com/s?nHdt	ScriptElement	1.6 kB	2023-12-02	2024-10-04
Pretty URL lootdest.com/s?nHdt IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 02:50 Last Seen2024-10-04 11:11 Times Seen68 Hash 08fa1194f9c5b3ce130efb59a66b8a3e ab69a923f3bba026b4c9292845456ccee152305d 4e944c5fa6b16c1c68e64fd0e04bf0e899dbf77772af63c1388131fed266f2b6 Loading...

	lootdest.com/1.js	ScriptElement	314 kB	2024-08-20	2024-08-20
Pretty URL lootdest.com/1.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 10:18 Last Seen2024-08-20 10:18 Times Seen1 Hash 0898234ca853b910cc2d45936a17f40e 8405af70c438cda32517f0f2feb3929b4b43ad9d 778b51f624707370a20ddc334b27b545a30a4d9e3655065685262d41e8e915cf Loading...

	unknown	Function	79 B	2023-04-11	2025-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-01 04:40 Times Seen111868 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-01 04:40 Times Seen261831 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js	151.101.193.229	200 OK	6.6 kB
URL GET HTTP/2 cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js IP 151.101.193.229:443 ASN #54113 FASTLY Requested by https://lootdest.com/s?nHdt Certificate IssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT File type JavaScript source, ASCII text Size 6.6 kB (6589 bytes) Hash 4f6d0ac2c43a81b1890d6442a2a72494 5cec1237fc2cd482064efb78c55096560ffd4419 b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07 HTTP Headers `GET /npm/babel-regenerator-runtime@6.5.0/runtime.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://lootdest.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 x-jsd-version: 6.5.0 x-jsd-version-type: version etag: W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk" content-encoding: br accept-ranges: bytes date: Sun, 04 Feb 2024 21:08:49 GMT age: 2758850 x-served-by: cache-fra-eddf8230078-FRA, cache-hel1410031-HEL x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 6589 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap	142.250.74.106	200 OK	23 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint6F:81:CD:1A:A2:80:8C:76:2C:D8:63:D0:74:1B:DD:35:C8:79:84:20 ValidityTue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT File type gzip compressed data, max compression Size 23 kB (23122 bytes) Hash d91f5f5a861059f7e84fde62bf7a3c5c de194dc8298aaf7ba47058147d4c4d20208802b6 c305e798aa4704845cd775e0505d414424298ed311ad0cbfbe0ce1603a9e532c HTTP Headers `GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://lootdest.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 04 Feb 2024 21:08:49 GMT date: Sun, 04 Feb 2024 21:08:49 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js	104.16.123.175	302 Found	18 kB
URL GET HTTP/2 unpkg.com/detect-gpu@latest/dist/detect-gpu.umd.js IP 104.16.123.175:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type data Size 18 kB (18163 bytes) Hash eca76aac0b944e5dcb1c4f4e66d9f780 c7142bb91daeb9bf242dca6199ae992b152e9f45 cc85f425133cef6b40ccac52e1aae47c61d607fbf2e1d2ece0e03bce6b3afa30 HTTP Headers `GET /detect-gpu@latest/dist/detect-gpu.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://lootdest.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Sun, 04 Feb 2024 21:08:49 GMT content-type: text/plain; charset=utf-8 access-control-allow-origin: * cache-control: public, s-maxage=600, max-age=60 location: /detect-gpu@5.0.38/dist/detect-gpu.umd.js vary: Accept, Accept-Encoding via: 1.1 fly.io fly-request-id: 01HNTZ1BF5ZX21GMR7M7HD9HSF-arn cf-cache-status: HIT age: 206 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8505e420bf905685-OSL X-Firefox-Spdy: h2

	d1q0x5umuwwxy2.cloudfront.net/?tid=1011103&params_only=1	143.204.42.181	200 OK	398 B
URL GET HTTP/2 d1q0x5umuwwxy2.cloudfront.net/?tid=1011103&params_only=1 IP 143.204.42.181:443 ASN #16509 AMAZON-02 Requested by https://lootdest.com/s?nHdt Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (641), with no line terminators Size 398 B (398 bytes) Hash 7b5bcd54935dbffaff455f549adb5be3 70b2adfb591b053cca4a582b13cc7ae74d957bba 9faccf60fdceda3e75fd6fc61375b7c10d2691f55e8c223d248e1402f46ca155 HTTP Headers `GET /?tid=1011103&params_only=1 HTTP/1.1 Host: d1q0x5umuwwxy2.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lootdest.com/ Origin: https://lootdest.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-length: 398 date: Sun, 04 Feb 2024 21:08:50 GMT access-control-allow-credentials: true access-control-allow-origin: https://lootdest.com cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-encoding: gzip pragma: no-cache x-cache: Miss from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: PlvXYgt05KwPon40XCWIAapdWDqnYwddmMwwtbjOivcPiy3yy7QOCg== X-Firefox-Spdy: h2

	onasider.top/tc	104.21.23.212	200 OK	0 B
URL POST HTTP/2 onasider.top/tc IP 104.21.23.212:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerLet's Encrypt Subjectonasider.top Fingerprint5E:29:8D:03:55:7E:0F:7A:2B:4F:C3:A3:14:FE:EC:BB:66:55:A9:AA ValidityWed, 10 Jan 2024 10:30:32 GMT - Tue, 09 Apr 2024 10:30:31 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /tc HTTP/1.1 Host: onasider.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://lootdest.com/ Origin: https://lootdest.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 204 No Content date: Sun, 04 Feb 2024 21:08:50 GMT set-cookie: ci=2063139973672823; Max-Age=86400; Secure; SameSite=None access-control-allow-origin: https://lootdest.com access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKKnWuvD9YsNetkfUjNm7s2GfpeBjIH1rmj6WE0YmVUq0n%2F1DYb2OeVe6Pw9qUctwT3YDJkXoc1YD5ApJQ%2BQh3nILpRAg6l8Jm0ItapQ9v6nyVtV9yMRGmobDwg%2BdUQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8505e42589de568f-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	142.250.74.98	200 OK	51 kB
URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.98:443 ASN #15169 GOOGLE Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subject.g.doubleclick.net Fingerprint25:68:92:DB:11:7B:3E:27:F8:B7:23:41:CF:6E:BB:37:9F:93:61:3E ValidityTue, 09 Jan 2024 06:25:07 GMT - Tue, 02 Apr 2024 06:25:06 GMT File type JavaScript source, ASCII text, with very long lines (3917) Size 51 kB (51317 bytes) Hash 38560511f49cde4f8f002a7fedf8cded c9638dfcf276e46d450b2ea3de11c7013bada79d 73b54ca83af78985552988a428434a52fcf46db6c7f494ea286644a47872ff5e HTTP Headers `GET /pagead/js/adsbygoogle.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lootdest.com/ Origin: https://lootdest.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin vary: Accept-Encoding date: Sun, 04 Feb 2024 21:08:50 GMT expires: Sun, 04 Feb 2024 21:08:50 GMT cache-control: private, max-age=3600, stale-while-revalidate=3600 content-type: text/javascript; charset=UTF-8 etag: 7447426954503054417 access-control-allow-origin: * x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 51317 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	onasider.top/tc	104.21.23.212	200 OK	2 B
URL POST HTTP/2 onasider.top/tc IP 104.21.23.212:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerLet's Encrypt Subjectonasider.top Fingerprint5E:29:8D:03:55:7E:0F:7A:2B:4F:C3:A3:14:FE:EC:BB:66:55:A9:AA ValidityWed, 10 Jan 2024 10:30:32 GMT - Tue, 09 Apr 2024 10:30:31 GMT File type JSON text data Size 2 B (2 bytes) Hash d751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 HTTP Headers `POST /tc HTTP/1.1 Host: onasider.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lootdest.com/ Content-Type: application/json Content-Length: 277 Origin: https://lootdest.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Sun, 04 Feb 2024 21:08:50 GMT content-type: application/json content-length: 2 set-cookie: ci=1563927370653834; Max-Age=86400; Secure; SameSite=None access-control-allow-origin: https://lootdest.com access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W2qZRzFfQisvIBEcigI8saVaDMvB51f76p2uoTkLYFn5z9OPLcXMIaJWVj9VZ5QlegB0eydyNzj2m19NXjxYMo6ermiNE2jsQOF7ok2%2F0atllmEzikh8Pp4t0wZXYo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8505e4264abcb4fd-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	lootdest.com/favicon.ico	188.114.96.1	404 Not Found	4.8 kB
URL GET HTTP/3 lootdest.com/favicon.ico IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subjectlootdest.com FingerprintDD:77:D8:EC:D3:B7:6B:DE:7C:92:D6:88:56:E3:EB:21:DC:0C:96:58 ValiditySun, 14 Jan 2024 12:28:53 GMT - Sat, 13 Apr 2024 12:28:52 GMT File type HTML document, ASCII text, with CRLF line terminators Size 4.8 kB (4814 bytes) Hash 707a6bf80b2aae914a3475cb829e534b 2e70d81cf7a8b2c2bf66521e720969d1e92f3819 20703cc00e86bed52bb9af00fac1cbd8c3dc16c2866b7251288325f1501c8755 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: lootdest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://lootdest.com/s?nHdt Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 404 Not Found date: Sun, 04 Feb 2024 21:08:50 GMT content-type: text/html cache-control: max-age=14400 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEXFtdCDZ7n6aUk44czVVs7O7eqVNhKdxY5SvgC9y2pVdHG6K%2BzYHOTf1Qq1%2F5PBMgZijzGz32VV%2Br1AvY2OLOy%2FGcgrBYxOpBu8kuznGZfPaC6GMFDhx90G6vDcgpE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8505e4237cf90afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	lootdest.com/s?nHdt	188.114.96.1	200 OK	21 kB
URL User Request GET HTTP/2 lootdest.com/s?nHdt IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectlootdest.com FingerprintDD:77:D8:EC:D3:B7:6B:DE:7C:92:D6:88:56:E3:EB:21:DC:0C:96:58 ValiditySun, 14 Jan 2024 12:28:53 GMT - Sat, 13 Apr 2024 12:28:52 GMT File type HTML document, ASCII text, with very long lines (3884) Size 21 kB (21076 bytes) Hash b2b7f203fcff00cbac50b1e536c0bc2b b3c55b8e1d12b293182181f71554b1dcb2411cc2 dffa4f0dce1c72bd502e493b97e46ed2be2f9c51e5dd01a0823dd79b0a01e2f0 HTTP Headers `GET /s?nHdt HTTP/1.1 Host: lootdest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 04 Feb 2024 21:08:49 GMT content-type: text/html access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDzyRg%2BW4%2B4MfYsp7grIk6DNzlFZFMQr4aFhXegp5HbhI2E1K3ovzm%2FAqthq%2Fdr%2BVtoJsWLN%2FLxLIreMp%2FGLK767tXRmFofMAvgoysqulgMKFq1aGIuwR4v8DgILCtQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8505e41d98bc7128-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2	142.250.74.131	200 OK	18 kB
URL GET HTTP/2 fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48 ValidityTue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT File type Web Open Font Format (Version 2), TrueType, length 18088, version 1.0 Size 18 kB (18088 bytes) Hash f4aa2d622725f1af4e132e2bbaeb47ae 20594962b8a024c0cec8d3b3fe8614bea75d5388 d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f HTTP Headers `GET /s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://lootdest.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 18088 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Feb 2024 03:06:50 GMT expires: Sat, 01 Feb 2025 03:06:50 GMT cache-control: public, max-age=31536000 last-modified: Thu, 24 Aug 2023 20:26:25 GMT content-type: font/woff2 age: 237719 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js	104.16.123.175	200 OK	9.6 kB
URL GET HTTP/2 unpkg.com/detect-gpu@5.0.38/dist/detect-gpu.umd.js IP 104.16.123.175:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (9982), with no line terminators Size 9.6 kB (9642 bytes) Hash f0b734deb21655970ed64c324d291979 e2f9ad0dec37d2baa6cdf251c9e8fbb321264cc3 104af5995209651b750434e7f7e53bc2ed5a14638d4261eb1653ff575a82eb91 HTTP Headers `GET /detect-gpu@5.0.38/dist/detect-gpu.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lootdest.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 04 Feb 2024 21:08:49 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"25aa-yeh624Ry4lNtolY7//6loV1g3kc" via: 1.1 fly.io fly-request-id: 01HNFW61NADNRHYD8NR6MBRFX4-arn cf-cache-status: HIT age: 372296 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8505e421385a5685-OSL content-encoding: br X-Firefox-Spdy: h2

	fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2	142.250.74.131	200 OK	18 kB
URL GET HTTP/2 fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48 ValidityTue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT File type Web Open Font Format (Version 2), TrueType, length 18100, version 1.0 Size 18 kB (18100 bytes) Hash 2af0645d8798834a774f014332120c5d c1f9a794c35d75cd3196ec52e457467d33b2405b 42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f HTTP Headers `GET /s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://lootdest.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 18100 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Feb 2024 03:01:49 GMT expires: Sat, 01 Feb 2025 03:01:49 GMT cache-control: public, max-age=31536000 last-modified: Thu, 24 Aug 2023 19:54:08 GMT content-type: font/woff2 age: 238020 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	lootdest.com/1.js	188.114.96.1	200 OK	314 kB
URL GET HTTP/3 lootdest.com/1.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://lootdest.com/s?nHdt Certificate IssuerGoogle Trust Services LLC Subjectlootdest.com FingerprintDD:77:D8:EC:D3:B7:6B:DE:7C:92:D6:88:56:E3:EB:21:DC:0C:96:58 ValiditySun, 14 Jan 2024 12:28:53 GMT - Sat, 13 Apr 2024 12:28:52 GMT File type Size 314 kB (313515 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /1.js HTTP/1.1 Host: lootdest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://lootdest.com/s?nHdt Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 04 Feb 2024 21:08:49 GMT content-type: application/javascript last-modified: Sun, 04 Feb 2024 07:00:00 GMT etag: W/"65bf35f0-4c8ab" cache-control: max-age=14400 cf-cache-status: HIT age: 4366 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXjUQT5ZJufrzeHPbm9ub2weRrjbleS72qfBSfmmIzOcKOdHXWV1novg75iuFedNnAXIsGrLSvSSCYdH6A6EMo5jQR47ki%2F6ZHUIGmIAz%2BphfKFiQj1CwF5zTeEUL84%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8505e42059db0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate