{"report_id":"bda3ded4-538b-4039-bffb-c3bde01f1d2e","version":6,"status":"done","tags":[],"date":"2026-01-07T14:57:21Z","url":{"schema":"https","addr":"loot-link.com/s?QJyaSKTR","fqdn":"loot-link.com","domain":"loot-link.com","tld":"com"},"ip":{"addr":"104.21.25.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"title":"Xeno Official Download","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"loot-link.com/s?QJyaSKTR","fqdn":"loot-link.com","domain":"loot-link.com","tld":"com"},"ip":{"addr":"104.21.25.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T14:57:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-01-07","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"lootdest.com/9.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"pagead2.googlesyndication.com","ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2003-01-21","domain_rank":610,"first_seen":"2012-05-21T07:15:40Z","last_seen":"2026-01-05T03:22:45.851126Z","alert_count":0,"request_count":1,"received_data":165241,"sent_data":465,"comment":"","tags":null,"fingerprints":null},{"fqdn":"d1wzdj81h1hubn.cloudfront.net","ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-01-18T20:12:00Z","last_seen":"2026-01-05T23:27:28.139977Z","alert_count":0,"request_count":6,"received_data":5731302,"sent_data":2771,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":2,"received_data":37954,"sent_data":1054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":4878,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"creators.lootlabs.gg","ip":{"addr":"54.240.174.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-03-20","domain_rank":2265990,"first_seen":"2025-05-31T22:36:57.524635Z","last_seen":"2026-01-06T23:43:11.089472Z","alert_count":0,"request_count":2,"received_data":49087,"sent_data":1036,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d33f51dyacx7bd.cloudfront.net","ip":{"addr":"54.230.241.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-12-21T21:51:47.249845Z","last_seen":"2026-01-05T23:27:26.927792Z","alert_count":0,"request_count":1,"received_data":1116,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-01-04T23:18:50.311218Z","alert_count":0,"request_count":2,"received_data":769383,"sent_data":900,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}]},{"fqdn":"fingerprinting36542.s3.us-east-1.amazonaws.com","ip":{"addr":"52.217.49.216","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":980294,"first_seen":"2024-12-09T20:50:57.594921Z","last_seen":"2026-01-05T23:27:26.83631Z","alert_count":0,"request_count":1,"received_data":38715,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"app.unlockr.app","ip":{"addr":"104.21.81.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-18","domain_rank":844335,"first_seen":"2025-03-20T23:46:19.496978Z","last_seen":"2026-01-02T04:50:11.482624Z","alert_count":0,"request_count":1,"received_data":877,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"nerventualken.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-01","domain_rank":155901,"first_seen":"2024-10-08T03:58:59Z","last_seen":"2026-01-06T23:43:10.94714Z","alert_count":0,"request_count":2,"received_data":2393,"sent_data":1003,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"loot-link.com","ip":{"addr":"172.67.134.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-09-14","domain_rank":25577,"first_seen":"2023-09-18T13:51:16Z","last_seen":"2025-12-30T00:08:49.773822Z","alert_count":0,"request_count":1,"received_data":23402,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":1,"received_data":22243,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lootdest.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-09-14","domain_rank":382127,"first_seen":"2023-09-18T13:52:37Z","last_seen":"2026-01-06T23:43:11.021648Z","alert_count":13,"request_count":6,"received_data":283102,"sent_data":2930,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T04:49:14.438544Z","times_seen":203977,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"84a95a69a96b339f52fa65d186e9563b","sha1":"55817728ce6bbaf485fa31cd82baf92edd91fae5","sha256":"3f9f1202b9dbcc5814fd69ee2cf8e095a0fd7e832a5e8333924a09a43f154526","sha512":"e5e9755724dc81809a0da6604ae0edd5b8a0bc4c5111d03614d90fe022faf95ec75723f53b583562f6691fbbdbfe683f520b3e317db9e8c8609cc81fda6deff2","ssdeep":"","tlshash":"6090027426644021140195544136b6d46a775998315d11120ea789526351d4491c1a54","size":57,"data":"","first_seen":"2026-01-07T14:57:26.536106Z","last_seen":"2026-01-07T14:57:26.536106Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac21ad932fa7c437b171d3492d0a7876","sha1":"23a894ff1dbbaa41cd2c4d2fc9d4c91386cac7ab","sha256":"5938e083fecf72610c2750e7a84ca0253b8402e9b59cb6e097d04defb7627844","sha512":"7df042fb564ba706153aac1380005d3eb07f62c44189f1a5786ae3419b01d685fa0783a3d63a8ca84a2ee0f3bcd41f523a9c64b095963a0464e4a7219749de10","ssdeep":"384:XGKXRJJjmmX5II4gHRCR4/qMd202VQxk7zL1IeuP1I:XGKXRJ9m72p3AT7zhIFPu","tlshash":"e872a793051952daab193992d74b34c99788e4d7bec21acaf4fe0c24cb6bb4d374170d","size":16353,"data":"","first_seen":"2026-01-07T14:57:26.53846Z","last_seen":"2026-01-07T14:57:26.53846Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc1ccb003c8dbdb1f75efa1fd38362bf","sha1":"8ae598f92b85ef618e90e0129d57fb94c8f6c3b8","sha256":"b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af","sha512":"da7392435a35a21260083593ad27b6b451b8094f21bab08644ea542a8a2980f1d3da6516cb59a02de776d667f695ef27f60676737ba3387ba25e58af02762f4d","ssdeep":"6144:a4oQYPIDD5g3/btDQ3PSIoPabTzf/W8tpgsQ5cDo4Dd:SPI3+Ch+p5c35","tlshash":"478418597254743905c54069803f090bf636392e246ac09cb76cf4efa9bde8d32beb79","size":383981,"data":"","first_seen":"2024-11-04T13:40:42.622928Z","last_seen":"2026-04-05T02:08:52.403472Z","times_seen":3474,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T04:47:30.009332Z","times_seen":595028,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/9.js","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"26dbde0ea062885d0dc8a153f3209694","sha1":"f0d19aecdd74cb28a4e1e51bdd05224b4e0a1d56","sha256":"711cbfda1b5c47f1e19568644412bf433220a4e0fcd7db5705ba63a04f326c8b","sha512":"0db75d4237ab49edae11547d9400c8c07c57f272666c94de42000b7274332c7661a01ceaa86f5cf82a61c458b216cb03d2860383d23b484d93f7a0db4633c56c","ssdeep":"1536:a0ciNoAgy4k7AN7biDhFopN7Lq4g0z7DZ:a0O5yPUBbyE+Cz7DZ","tlshash":"fbb375485960fd4d230b8ef73f3a98cdf65a0a4e29814b89e406fc3421b5617f9fa578","size":108869,"data":"","first_seen":"2025-10-12T11:25:02.334852Z","last_seen":"2026-01-15T19:39:48.213865Z","times_seen":10,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-01-07","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"lootdest.com/9.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}}],"urlquery":null}},{"url":{"schema":"https","addr":"fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js","fqdn":"fingerprinting36542.s3.us-east-1.amazonaws.com","domain":"fingerprinting36542.s3.us-east-1.amazonaws.com","tld":"s3.us-east-1.amazonaws.com"},"ip":{"addr":"52.217.49.216","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ac06ba71cc5803c7515b3e8c3a2854d","sha1":"03ba918aad85dda720c6f46267eb4fba9103aac3","sha256":"6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd","sha512":"8db044466454b70e2dcf368078e845163e714e68e5405fc5d3cb9202737c7e3f9696a1f231d1ba0b8ace9dc46712035eab112c3ef3f728be64644cffd587b0e7","ssdeep":"384:2xcDKdRZKREaMRMBp5iKQID95wH3KqwzrWmKj5+pCqNFaiE8E0QIQfJWbkhGYKon:x3RBp5Kjnc9NwlJWbhSu+AW","tlshash":"300306d8b2c3b06e227368b5457f6006b23a7d50346d8842c523e5d57ca9e6e913bfbc","size":38143,"data":"","first_seen":"2024-12-09T20:50:59.331644Z","last_seen":"2026-04-04T10:23:38.613676Z","times_seen":891,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"lootdest.com/WrappedBotd.browser.protected.js","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:56:59.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /WrappedBotd.browser.protected.js HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nCookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\ncontent-type: application/javascript\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Jan 2026 12:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 833\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r4nbUc2l1Br35rio3nyBCbrUbA%2FKtXNQrgey0NP2sfhDhNKc4sRUpY37%2Bjw7r%2FW%2BNvZZM9EoNu5KLY2u36gAit6onv7%2FaCL%2FZPk%3D\"}]}\r\netag: W/\"695e4ac0-1aaaf\"\r\ncontent-encoding: br\r\ncf-ray: 9ba44e162d91b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109231,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"95888320adab6afba4a8e0c8f06e8361","sha1":"c04b231b41d57f1cc95e66e04d8f2631a4b10018","sha256":"8fda68ace483a03aa4362a8731fff5b2a37d85aab3de76801ab8e225b217b2df","sha512":"e3a17ad670f939f563fe6d1dc507ab5ba99f90a4b6bc94364fa2f56d5c5ca1a552b0dbb973a4f68f7694ca9a8bf1a3ff3bf28b0dc1f4bf2fc796deef5007bd82","ssdeep":"3072:9ISWWZitd7yfmAa0Zzg/N8OSv0TfuuC8a5MAVCGNs:YhlLqD0TmPMAVCSs","tlshash":"bab3d79462472c958392d1ff142fb285ac2d8e51bc8fdce1d651c3959c306c78afbba2","first_seen":"2025-07-01T16:50:14.740307Z","last_seen":"2026-04-04T10:23:38.596452Z","times_seen":600,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d33f51dyacx7bd.cloudfront.net/?tid=1145141\u0026params_only=1","fqdn":"d33f51dyacx7bd.cloudfront.net","domain":"d33f51dyacx7bd.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.241.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /?tid=1145141\u0026params_only=1 HTTP/1.1\r\nHost: d33f51dyacx7bd.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lootdest.com/\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 346\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://lootdest.com\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\ndate: Wed, 07 Jan 2026 14:57:01 GMT\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: -WFVN64qW9YfSq215IewZL2X-LYGpELAqkbTXc7LlicNGCMXL0705g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":598,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (598), with no line terminators","md5":"e81ab2738e10aa63b1d176928b07786b","sha1":"d3f0c639247add6cf3ceeefb31f1014c8220e7ec","sha256":"e912a0597cc236eff2a8e9afe279f0592b508d5513b9482a0e7046c36aea9c03","sha512":"348138bcaca669c74fa3829d846be5f7715dd57bd79e289b28ce453c9ebf5322e3161a2477e629584bed77227fd7a6b993f984f14daad99421866290fe009665","ssdeep":"","tlshash":"e8f0f6269548472ecbda017ad32758854238a8e7c404601fda493e9da370feb3692fce","first_seen":"2026-01-07T14:57:26.488919Z","last_seen":"2026-01-07T14:57:26.488919Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":8,"dns":36,"connect":1,"send":0,"wait":167,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:25 GMT","end":"Wed, 25 Feb 2026 15:49:24 GMT"},"fingerprint":{"sha1":"91:C9:D2:96:3C:37:B7:AA:92:08:CB:D8:91:FB:4B:EC:F0:31:EE:14","sha256":"F9:FB:99:62:9D:67:65:04:DE:83:94:21:A9:3D:E7:BF:DB:C8:AF:30:5A:64:53:01:12:4A:34:94:55:B4:42:2A"}}},"request":{"raw":"GET /pagead/js/adsbygoogle.js HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lootdest.com/\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nlink: \u003chttps://googleads.g.doubleclick.net\u003e; rel=\"preconnect\"; crossorigin\r\nvary: Accept-Encoding\r\ndate: Wed, 07 Jan 2026 14:57:01 GMT\r\nexpires: Wed, 07 Jan 2026 14:57:01 GMT\r\ncache-control: private, max-age=3600, stale-while-revalidate=3600\r\ncontent-type: text/javascript; charset=UTF-8\r\netag: 9511113537317001112\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\nserver: cafe\r\ncontent-length: 55541\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":164451,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4830)","md5":"47b4674485fda8c4baeefce81459b4bb","sha1":"a3c99a8549c040a17789709206922c97d2036384","sha256":"3bcab33ecf54dc8a183107f0d08cd0893aaafa460666c5aa466210c73ad691a7","sha512":"337679d6250b7e38c27774f7d71a4060eb7926951f07dc4e15295179cfcbbddd24427a8d2d43b60aea7c0995af5d92db19643650380ba444f7f83f3f6b6815f6","ssdeep":"3072:6LOf8nZkhS8ulyCUdTHEB8ElEYSpkp3AmUll3Ok/sArs2LYgTzkEmMIDwIOqjX:6LOf8Zk09lyCUdbw8ElEYXwmUT3x9rTa","tlshash":"d7f3f8d97192bcb78b6389e5006f4107b42da863f00cc8b0f2d8ded97a249655277fad","first_seen":"2026-01-07T14:57:26.49246Z","last_seen":"2026-01-07T14:57:26.49246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":76,"dns":39,"connect":21,"send":0,"wait":51,"receive":31,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 07:56:49 GMT","end":"Sat, 21 Mar 2026 08:56:47 GMT"},"fingerprint":{"sha1":"26:50:C2:17:0A:FF:C4:D7:84:D7:E7:28:A7:58:4B:CD:0A:7B:2A:79","sha256":"93:15:E6:80:68:21:48:A6:B0:14:8D:F2:4E:A3:50:33:6C:01:5B:84:8D:F6:75:2E:09:A4:79:DD:37:13:FA:B0"}}},"request":{"raw":"GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 71\r\ncf-ray: 9ba44e25eef5c759-OSL\r\nlocation: /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=60, s-maxage=300\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":383981,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":53,"dns":20,"connect":1,"send":0,"wait":32,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/resources/3031e91efa83994e.gif","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /resources/3031e91efa83994e.gif HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 256966\r\nlast-modified: Sun, 26 Jan 2025 16:06:27 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-publisher_id: 458333\r\nx-amz-meta-timestamp: 2025-01-26T13:29:36.360284\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 07 Jan 2026 07:41:25 GMT\r\netag: \"1ef4f58823a4565bc7639f34db3e7741\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: GLmkn0uozmGHivA9-muPO6YX4aPqM-5TIxooQKXAbSoRL0WOldtd6g==\r\nage: 26138\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":256966,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"1ef4f58823a4565bc7639f34db3e7741","sha1":"f33dacdb41878f18cb080dbb66d2a03016411ebe","sha256":"bc262b586644dee86417a1161bcb48c7bf5007d94842c157d3b3da26f90a7936","sha512":"09e554a436094828b0a9107766d5c489b5dc6778a8ec9bed24d413a8c3cdad12d2e22f2d2e5d659ecd579bedff606179940aeb1f296bb3c0307d2a8e3f221ea9","ssdeep":"6144:PP4r4W/PU/ffwM2PJacvk0TG6Xs82TZ2z1VPiDAN:a4Rg450821VPiDAN","tlshash":"e144236832e80380902e129e6ec9676acf7d4f5c712b7f995e572c16e1df22751083bb","first_seen":"2025-06-06T19:11:47.239737Z","last_seen":"2026-01-07T14:57:26.496729Z","times_seen":8,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":15,"dns":23,"connect":3,"send":0,"wait":3,"receive":11,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/icons/apps.png","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /icons/apps.png HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3115\r\nlast-modified: Tue, 07 Feb 2023 09:32:37 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 07 Jan 2026 10:14:10 GMT\r\netag: \"fe92fe3dee69ba5c6dc9ab4b1785c556\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: nG9Yxp0IKVVtClIsgOxz-gx0LkHUUsEDXAHrLfyqKG7HXqBF-x5XSA==\r\nage: 48640\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":3115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"fe92fe3dee69ba5c6dc9ab4b1785c556","sha1":"444c3bcb27bde9c050a4bd51bf35d511951a3077","sha256":"2c07bad8f7225591d84faba9c558c4bff26e5acdac36f91f47a73796be04dbd0","sha512":"09b4b641278c07f96a4662c4886999deb20da899b64ebb1723513c8afe7530986d6d4fbe609e3d7585a00c72dfce81e22ae4c73458984c04e9d2a0974dc0a0f4","ssdeep":"","tlshash":"44513bf66bc88406c08adf75a4fb4b274727d14044f4e46e55eec8a248312f10c6d1fb","first_seen":"2023-09-28T12:53:45Z","last_seen":"2026-03-08T13:23:07.749239Z","times_seen":186,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":14,"dns":16,"connect":2,"send":0,"wait":13,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js","fqdn":"fingerprinting36542.s3.us-east-1.amazonaws.com","domain":"fingerprinting36542.s3.us-east-1.amazonaws.com","tld":"s3.us-east-1.amazonaws.com"},"ip":{"addr":"52.217.49.216","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 20 May 2025 00:00:00 GMT","end":"Fri, 15 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"94:6E:24:DA:38:A4:1B:D7:08:C5:38:4D:E4:0F:23:5C:25:6C:07:22","sha256":"35:22:88:53:F8:1C:C9:41:3D:8C:59:1A:B2:A9:9D:DB:1E:0B:3D:51:8E:EC:0A:47:5C:FD:28:EF:42:DD:69:E6"}}},"request":{"raw":"GET /fingerprint.js HTTP/1.1\r\nHost: fingerprinting36542.s3.us-east-1.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nSi7+cdKnzT7l6FkDq4O/QESRJOhq6d3pJFE2QJSEsNZsuYh0pfroRQ/9b5jQztyk9gufGRhcHM=\r\nx-amz-request-id: 6YFEJ3GTT198Q7TH\r\nDate: Wed, 07 Jan 2026 14:57:02 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, PUT, POST, DELETE\r\nVary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nLast-Modified: Mon, 09 Dec 2024 12:08:59 GMT\r\nETag: \"9ac06ba71cc5803c7515b3e8c3a2854d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: application/javascript\r\nContent-Length: 38143\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":38143,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38136), with no line terminators","md5":"9ac06ba71cc5803c7515b3e8c3a2854d","sha1":"03ba918aad85dda720c6f46267eb4fba9103aac3","sha256":"6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd","sha512":"8db044466454b70e2dcf368078e845163e714e68e5405fc5d3cb9202737c7e3f9696a1f231d1ba0b8ace9dc46712035eab112c3ef3f728be64644cffd587b0e7","ssdeep":"384:2xcDKdRZKREaMRMBp5iKQID95wH3KqwzrWmKj5+pCqNFaiE8E0QIQfJWbkhGYKon:x3RBp5Kjnc9NwlJWbhSu+AW","tlshash":"300306d8b2c3b06e227368b5457f6006b23a7d50346d8842c523e5d57ca9e6e913bfbc","first_seen":"2024-12-09T20:50:59.331644Z","last_seen":"2026-04-04T10:23:38.613676Z","times_seen":891,"resource_available":true,"data":null}},"time_used":740,"timings":{"blocked":258,"dns":39,"connect":93,"send":0,"wait":126,"receive":94,"ssl":127},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/9.js","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:56:59.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /9.js HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nCookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Jan 2026 14:11:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 833\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QEgMGa3m46NLeCorNHtmlY1%2F2HOtDtmGcUTZv%2FJqo86AMb4yzoRowOFYnZyAzbYd0PuQ5bp1tiTfNBoTaSEZ5g1MNMSHaCEdSLQ%3D\"}]}\r\netag: W/\"695e69a2-1a945\"\r\ncontent-encoding: br\r\ncf-ray: 9ba44e163d95b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108869,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"26dbde0ea062885d0dc8a153f3209694","sha1":"f0d19aecdd74cb28a4e1e51bdd05224b4e0a1d56","sha256":"711cbfda1b5c47f1e19568644412bf433220a4e0fcd7db5705ba63a04f326c8b","sha512":"0db75d4237ab49edae11547d9400c8c07c57f272666c94de42000b7274332c7661a01ceaa86f5cf82a61c458b216cb03d2860383d23b484d93f7a0db4633c56c","ssdeep":"1536:a0ciNoAgy4k7AN7biDhFopN7Lq4g0z7DZ:a0O5yPUBbyE+Cz7DZ","tlshash":"fbb375485960fd4d230b8ef73f3a98cdf65a0a4e29814b89e406fc3421b5617f9fa578","first_seen":"2025-10-12T11:25:02.334852Z","last_seen":"2026-01-15T19:39:48.213865Z","times_seen":10,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-01-07","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"lootdest.com/9.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/play/v21/6ae84K2oVqwItm4TCpAy2g.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/play/v21/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18156\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 31 Dec 2025 17:32:43 GMT\r\nexpires: Thu, 31 Dec 2026 17:32:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 595458\r\nlast-modified: Tue, 09 Sep 2025 19:04:00 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18156,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18156, version 1.0","md5":"aad808c85ec3c88ca213ac1cb5f02d03","sha1":"c95ec71ed1a088fced4797a512cd2cba9790a27f","sha256":"d539e6e7c0240f1565b1156395d914d93200b2c3ba312809813bb6ca6f96578b","sha512":"782a500a5f5ecf9b3f54a62186353227e1209affaf470dc285c88a4a910dd27b0a74fc8ed1a9b63c1e8602c9fddc37c94b00fe2fd8e384f8fb93432968ed33c1","ssdeep":"384:PFjxIjX2LTtwL4HrZ9UxmdNzZCBV8KMD1au:9iiHtwLAZKqeV8KW1d","tlshash":"b682d08042f203d6f9a4b2366de73469863755a4aa948edc3fb07872f0562f45306fb7","first_seen":"2025-06-03T16:05:08.724808Z","last_seen":"2026-04-04T13:30:15.591158Z","times_seen":873,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":85,"dns":2,"connect":20,"send":0,"wait":22,"receive":7,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.unlockr.app/pixel?event=unlockrPromote\u0026session_id=457866979648845541","fqdn":"app.unlockr.app","domain":"app.unlockr.app","tld":""},"ip":{"addr":"104.21.81.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unlockr.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 23:45:54 GMT","end":"Sat, 21 Mar 2026 00:44:19 GMT"},"fingerprint":{"sha1":"57:D0:02:87:82:A8:9B:95:05:FA:CA:3B:92:5B:56:F1:D7:EE:BA:F5","sha256":"D4:40:1E:79:E6:29:34:5B:E8:2B:54:A2:8A:6E:E5:22:A9:5D:7C:D4:16:90:53:3E:15:50:26:4C:42:F2:8A:AA"}}},"request":{"raw":"POST /pixel?event=unlockrPromote\u0026session_id=457866979648845541 HTTP/1.1\r\nHost: app.unlockr.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccess-control-allow-origin: https://lootdest.com\r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST, GET, OPTIONS, HEAD\r\naccess-control-allow-credentials: true\r\ncache-control: no-store\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wE3YOo66ySabduMc%2BM8UoPSKOfcik%2BQY2YMntWLOihf9wcdn96gaMYzJryHhwCYmRZppC728bl9XODyVRDQRmMErPBB1aRRX9PC0Ll0%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ba44e260918712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":55,"dns":22,"connect":2,"send":0,"wait":127,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/resources/cb806ad1ac4a2e4d.png","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:03.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /resources/cb806ad1ac4a2e4d.png HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 727638\r\nlast-modified: Tue, 01 Apr 2025 10:23:25 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-publisher_id: 473635\r\nx-amz-meta-timestamp: 2025-04-01T07:46:34.926132\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 07 Jan 2026 14:57:03 GMT\r\netag: \"44b82593398073a1533c70c05c1934b9\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: m9GcFQ1kMmc7D-WomE1MddvsfGGV7Q_s9R9kLdGPE6ngSpgY0QQEgw==\r\nage: 5429\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":727638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced","md5":"44b82593398073a1533c70c05c1934b9","sha1":"1ea10c20c9076e5ee066e3d53f4ad37233b0aa39","sha256":"64640ad6ef00b9b9cb295b6fe915c92e8a1900cc8cd81d2253e6ad4933d212d4","sha512":"309baa480e77317f21bcc4457d630c2adb95aca064fec92311580de6e7e6ae9983a51b237d2b17aae93d9cfac9afaa18219ef02a8255e82f07b67dfbd26921ce","ssdeep":"12288:2+vMMk/v7yULKaJyPgU9//T4mp+aJPNS4m51Nbz7nzDNbudib6CiNDU7l25oc8:L8r+oyPgU9//T42PU/pzDpCieCSDYlC8","tlshash":"a9f4018ad3958873f1a4956a7580c6ab05f66c733024dd0612e77a8f1b1bff42fb2e44","first_seen":"2026-01-07T14:57:26.510476Z","last_seen":"2026-01-25T23:47:36.026692Z","times_seen":2,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":210,"dns":0,"connect":0,"send":0,"wait":27,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Play:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:56:59.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Play:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 07 Jan 2026 14:56:59 GMT\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4192,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"adf2a11b39b09426410dc181032f74e4","sha1":"3e4063f1bb52fc90f41e5cedc3029b8fcb35974c","sha256":"6ab3c2f755a6fdf9c2b798ed7fc8f27007f12f720b50ad13317a28fa57b8020a","sha512":"61642ce161fda1b81ed4f3f348f06d92747f2936d930ea25e32b8f7f88d4291f94d328ad17c1da4afd8222ab4b7a4907bde81d1b294ddc6993e10e875df5ea94","ssdeep":"96:wOEacgOEaAFZlOEaY33OEa7AOEaJJc+uDOEadNTOpa7gOpaqFZlOpaC33OpadOpy:/cvXY3w7pxF7SAC3pfaY5","tlshash":"7781cad60066d810eb530cc223df7e329d5e6161b054c179affe18ccacead2a2361b0d","first_seen":"2025-09-11T09:59:06.566554Z","last_seen":"2026-04-04T18:41:42.324501Z","times_seen":328,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":61,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/qr.png","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /qr.png HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nCookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 7224\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Jan 2026 14:11:46 GMT\r\netag: \"695e69a2-1c38\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gCwSMrakY8QAzuZs9y7WxCtTSfoQUthjWMBAImz5sgrwt0uaIrnoNUgrqWtQsgLKxkGvn1dfRmo0%2FJqZiRmGwjM3IOBMwP3XUHs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba44e25afb7b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1160 x 1160, 8-bit/color RGB, non-interlaced","md5":"a93ba4860dc42551669d1c44999d6219","sha1":"f42f4d71fa233d571ec60e8998b15772eedf9b6c","sha256":"bdd20de2c3c9af1e3df3ac71b2a52de1704c06e3bf2885db0a48423380f559cb","sha512":"c39361ebaf0aa3c799b0f2fa62acbaf5e779f19b19042c61c27bb7703d2c10bd11034755fb07a6bcff4035f690d65c51367cfb4dc5d1b0d12e4473ecdddd819b","ssdeep":"192:y5iSWmbbbbbbbbbbbbbbbbbbVbbbbbbbbbbbbbbbbbbZhpbbbbbbbbbbbbbbbbbL:y3WGB","tlshash":"e4e1b91d05510a2c6edeafeb89c544c8bed5e247c9f97b63e31a1868e40143cad6edb0","first_seen":"2025-03-20T23:46:21.232783Z","last_seen":"2026-03-28T22:46:47.406361Z","times_seen":590,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/favicon.ico","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nCookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:01 GMT\r\ncontent-type: text/plain\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\nage: 832\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Wed, 07 Jan 2026 14:43:08 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a3XqCOahA9SGFpt%2FLAL3eJ2LJw5cSsl4oSpGsccB1XKcOcHX1aqhM7S9FXMgthA9neXzISixPMyx4JzoQ7tb4g3EG%2FQMTSGk8hY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ba44e1fef96b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nerventualken.com/tc","fqdn":"nerventualken.com","domain":"nerventualken.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nerventualken.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Nov 2025 17:49:08 GMT","end":"Mon, 16 Feb 2026 18:46:27 GMT"},"fingerprint":{"sha1":"47:82:77:6A:2C:F3:39:09:1C:6F:40:A9:7B:F2:B0:CF:DE:60:FE:8A","sha256":"01:C6:99:F0:95:78:9D:7E:2D:68:02:21:E6:8C:39:58:32:9E:4C:53:5B:86:A7:81:C5:5C:07:5C:46:AD:76:69"}}},"request":{"raw":"OPTIONS /tc HTTP/1.1\r\nHost: nerventualken.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://lootdest.com/\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:01 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nset-cookie: ci=669147673473061; Max-Age=86400; Secure; SameSite=None\r\naccess-control-allow-origin: https://lootdest.com\r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST, GET, OPTIONS, HEAD\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QUfAQ%2F1Sa24SzkQrrBQ2wCW4NVRuJPQJCXXphL96xMKftQ%2FG3cNDEFEgTCxP3CXEDtRTJh0a4tL14GSQDev3E94wzzQQ6mIaimK1Oyix%2BA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ba44e21bdceb4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":46,"dns":16,"connect":4,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nerventualken.com/tc","fqdn":"nerventualken.com","domain":"nerventualken.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nerventualken.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Nov 2025 17:49:08 GMT","end":"Mon, 16 Feb 2026 18:46:27 GMT"},"fingerprint":{"sha1":"47:82:77:6A:2C:F3:39:09:1C:6F:40:A9:7B:F2:B0:CF:DE:60:FE:8A","sha256":"01:C6:99:F0:95:78:9D:7E:2D:68:02:21:E6:8C:39:58:32:9E:4C:53:5B:86:A7:81:C5:5C:07:5C:46:AD:76:69"}}},"request":{"raw":"POST /tc HTTP/1.1\r\nHost: nerventualken.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lootdest.com/\r\nContent-Type: application/json\r\nContent-Length: 708\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":708,"data":"{\"tid\":1145141,\"bl\":[10],\"session\":\"457866979648845541\",\"max_tasks\":2,\"design_id\":109,\"cur_url\":\"https://lootdest.com/s?QJyaSKTR\u0026did=9\",\"doc_ref\":\"\",\"tier_id\":\"4\",\"num_of_tasks\":\"4\",\"is_loot\":true,\"rkey\":\"543342211134401397\",\"cookie_id\":\"233356652\",\"botd\":\"{\\\"bot\\\":false,\\\"timestamp\\\":1767797820201,\\\"webGLSolution\\\":{\\\"uuid\\\":\\\"20C8a26f-8F75-499d-b54c-0dC3869323eB\\\",\\\"nonce\\\":968,\\\"time\\\":959},\\\"encrypted\\\":\\\"ZaHs9rqvk5OowqmbyZC1Il1IVwVWY43+OFFBYLvSwBECAGHAqoIdQIQWfYmOumr68f13J1auaKO5CxYopBj5yoYOPTnu1O06Z/RgGufVNF+rztRjESxKDvfyK80mA9MD++5tVR6xK0UebK45MzwfamJT16gV3vv/wb6RjnA0pSq+2qas7fjw6CLi+xApSrric6wtXDPf/LZHJg==\\\"}\",\"botds\":\"20C8a26f-8F75-499d-b54c-0dC3869323eB\",\"offer\":\"0\",\"taboola_user_sync\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nset-cookie: ci=1619346199102433; Max-Age=86400; Secure; SameSite=None\r\naccess-control-allow-origin: https://lootdest.com\r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST, GET, OPTIONS, HEAD\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJpnG9vjGD1M3Q2oAFUg8olqLtk9xEgvPHdP6Vh%2B2hIZvz%2FjfDGU6Y741KiWHdDuRWPnt586GIa3c1id%2B7db7PAbhQQAp2H0ypTxP2gXlw%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ba44e235cf5568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":548,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"84bc51f9b8a35a13fe45072c8c0bbf4f","sha1":"882a3cdf596480ed7f8faa8fd941401aaeb5af62","sha256":"92496660a7a6a5e18d7477da4d74d1266a4516af04f4adb8ba50838942caf408","sha512":"b3c505bc7d6f203232db0b227eb110c4808a6aa247f70b70eaae820643a95cb2d61419695895e93735dbda407b8551d1acc6aad328fdb3ccb1e6180c4d425c91","ssdeep":"","tlshash":"6af0c002f46e253367909630c1113b987990223c0bd064add6d18a1889eeed1309e24f","first_seen":"2026-01-07T14:57:26.51387Z","last_seen":"2026-01-07T14:57:26.51387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":22,"connect":1,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/fbba1760f8ebcb7d.png","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:03.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /fbba1760f8ebcb7d.png HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 353064\r\ndate: Wed, 07 Jan 2026 03:06:14 GMT\r\nlast-modified: Sun, 21 Jan 2024 02:11:06 GMT\r\netag: \"a7f914bc06139ea69c953c8fd9e50b74\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-timestamp: 2024-01-20T13:07:36.323739\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: czsVgMsiLzOfiKzE8PYSX-Y9d1qCFgrXecPxokcts7HKabYzkawu-A==\r\nage: 42650\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":353064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a7f914bc06139ea69c953c8fd9e50b74","sha1":"6d3d24187fcabf090abf6cf842532505ff9ef97a","sha256":"baf24ed37f543c0156ebb3e97fefbd9d7d4e2f4530b75363057415f39fe7ce9d","sha512":"bc3d152c926dbc4a130ad61e9a065cc481c1d155b78508c4b5ac218aec6770675b4a05cdebf9ca7230615dde7a4a064b97060ac0c4c7ab3970303cc7c3128caa","ssdeep":"6144:O9gD/BOd0hQDmQ4jQ1p+Dp6XVS8j99ZknNSfVsBS+LJNvUAQynJXqyMNKGdJQquE:nD4d+bV++F6XVX99ZknNQVeLnUAQWFMZ","tlshash":"0f74236ffa430f3db03636d463c65c21a3b56248974d437c394d279953be8284eb89ab","first_seen":"2024-08-19T15:34:16.569152Z","last_seen":"2026-01-07T14:57:26.516061Z","times_seen":3,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":90,"dns":0,"connect":0,"send":0,"wait":118,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"loot-link.com/s?QJyaSKTR","fqdn":"loot-link.com","domain":"loot-link.com","tld":"com"},"ip":{"addr":"172.67.134.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T14:56:59.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"loot-link.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 10:45:11 GMT","end":"Sun, 22 Mar 2026 11:42:34 GMT"},"fingerprint":{"sha1":"D3:9A:B3:C7:73:2A:34:71:09:B7:FA:8B:1A:72:9B:18:95:8F:F7:31","sha256":"0C:22:24:CF:63:38:C3:A7:77:FF:05:0C:E3:22:7A:4F:C0:C5:7F:52:88:59:31:8B:DB:5F:D1:9B:E8:C3:41:A3"}}},"request":{"raw":"GET /s?QJyaSKTR HTTP/1.1\r\nHost: loot-link.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 0\r\nlocation: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST, GET, OPTIONS, HEAD\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nsurrogate-control: no-store\r\nset-cookie: uid=aTb0wC1uCxczGKDvzgDTD2wiZi292mhP; expires=Thu, 07 Jan 2027 14:56:59 GMT; Path=/; Secure\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X87WuMr8EDxOyLXp0ZmJsGy1qiiVhg4zlAQZfwdKXgaYBPfV2o9yebfbC7JLin4uZWsa1RWh243niuKbMv6ualV%2B3tmZsrvLpeFcnyI%3D\"}]}\r\ncf-ray: 9ba44e123d6aa0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22317,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":31,"dns":20,"connect":1,"send":0,"wait":125,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creators.lootlabs.gg/api/links_search","fqdn":"creators.lootlabs.gg","domain":"lootlabs.gg","tld":"gg"},"ip":{"addr":"54.240.174.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creators.lootlabs.gg","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 18 Jun 2025 00:00:00 GMT","end":"Fri, 17 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:63:85:C4:3A:C0:E1:22:50:B3:E7:21:84:4B:EA:E2:A4:3D:73:71","sha256":"72:10:F0:1B:F8:26:8B:D1:EE:02:21:09:1F:6E:0C:CB:A1:94:B0:2F:69:05:D1:EC:FA:44:1A:2A:90:0E:F2:BF"}}},"request":{"raw":"POST /api/links_search HTTP/1.1\r\nHost: creators.lootlabs.gg\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lootdest.com/\r\nContent-Type: application/json\r\nContent-Length: 27\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":27,"data":"{\"search\":\"\",\"sort_by\":\"2\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\naccess-control-allow-headers: x-requested-with\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\nserver: openresty/1.21.4.1\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 2kFKRzbGdE6EqUDd-4ElxG6J5VSZummYManzAPgMtwqWAhYqrmgqdQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48105,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b794a9e2791cfebf5a013d66d8b1aba3","sha1":"59dcb584b2e08fbe31f12e742e227d0600cfa29a","sha256":"36e48eb681764a7b62e6d825ee24bd8db6c5166e196bf1f2ee53ecdcc243329f","sha512":"900a6de4f3f715499008035ebd5d9f91ebd89b393037050331f2aad75d697bd09d8b5dea6c6ed4016babe9e377d813b063804bc2a0912748b1ef0ae35dbbdae3","ssdeep":"192:7y1LmkJLQnD+yJ9pPCp29s7NqmH0R2gQrcKeKQaaRJpLKDhY4XFma2bzktRoCkpH:vbs8fYmoZmNMAhOiz7Mw+Nq00LemvD","tlshash":"3d23ae36dc78b51325df61e759b9a6d8e32413c903c085b6c781e82ce0cedf45baba19","first_seen":"2026-01-07T14:57:26.518308Z","last_seen":"2026-01-07T14:57:26.518308Z","times_seen":1,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creators.lootlabs.gg/api/links_search","fqdn":"creators.lootlabs.gg","domain":"lootlabs.gg","tld":"gg"},"ip":{"addr":"54.240.174.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creators.lootlabs.gg","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 18 Jun 2025 00:00:00 GMT","end":"Fri, 17 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:63:85:C4:3A:C0:E1:22:50:B3:E7:21:84:4B:EA:E2:A4:3D:73:71","sha256":"72:10:F0:1B:F8:26:8B:D1:EE:02:21:09:1F:6E:0C:CB:A1:94:B0:2F:69:05:D1:EC:FA:44:1A:2A:90:0E:F2:BF"}}},"request":{"raw":"OPTIONS /api/links_search HTTP/1.1\r\nHost: creators.lootlabs.gg\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://lootdest.com/\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\nserver: openresty/1.21.4.1\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: PtRFfYWHSKL9u8ugmUw61tyig29-XbHX463CwvpVH_QYYq0hM72adg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":737,"timings":{"blocked":252,"dns":104,"connect":1,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 07:56:49 GMT","end":"Sat, 21 Mar 2026 08:56:47 GMT"},"fingerprint":{"sha1":"26:50:C2:17:0A:FF:C4:D7:84:D7:E7:28:A7:58:4B:CD:0A:7B:2A:79","sha256":"93:15:E6:80:68:21:48:A6:B0:14:8D:F2:4E:A3:50:33:6C:01:5B:84:8D:F6:75:2E:09:A4:79:DD:37:13:FA:B0"}}},"request":{"raw":"GET /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lootdest.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-ray: 9ba44e26cae45ebd-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 1757451\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 07 Jan 2027 14:57:02 GMT\r\nlast-modified: Fri, 17 Oct 2025 00:03:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:s5bGhH+Rb5OzU93ckkWwVq2QDRFc+1ieeQm6mW6vcK8=:\r\nfly-request-id: 01K7QQMF8N1G3GB9FWMCHE11KT-fra\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":383981,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (27447)","md5":"bc1ccb003c8dbdb1f75efa1fd38362bf","sha1":"8ae598f92b85ef618e90e0129d57fb94c8f6c3b8","sha256":"b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af","sha512":"da7392435a35a21260083593ad27b6b451b8094f21bab08644ea542a8a2980f1d3da6516cb59a02de776d667f695ef27f60676737ba3387ba25e58af02762f4d","ssdeep":"6144:a4oQYPIDD5g3/btDQ3PSIoPabTzf/W8tpgsQ5cDo4Dd:SPI3+Ch+p5c35","tlshash":"478418597254743905c54069803f090bf636392e246ac09cb76cf4efa9bde8d32beb79","first_seen":"2024-11-04T13:40:42.622928Z","last_seen":"2026-04-05T02:08:52.403472Z","times_seen":3474,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/resources/850f2184ffe2d675.jpeg","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:03.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /resources/850f2184ffe2d675.jpeg HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 629408\r\nlast-modified: Sun, 30 Nov 2025 18:36:59 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-publisher_id: 510197\r\nx-amz-meta-timestamp: 2025-11-27T20:43:24.340967\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 07 Jan 2026 05:15:00 GMT\r\netag: \"2d0b01d3a53a4f5ad4a97196ec45a6dd\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: lyMhnAQC2XRP_Rb6O_lN6ORvHGcLksN7Fhe0B9ZV_sNXQsQCewK0eg==\r\nage: 34924\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":629408,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1200, components 3","md5":"2d0b01d3a53a4f5ad4a97196ec45a6dd","sha1":"18fcefc1de16869626010fed0e01ae1a454570b2","sha256":"ad147900f3d5e27f1c73497ddcf69e515ac9a8b59aca992f53ca656eab5ef9bd","sha512":"125765a8a774e5e45148d79c9b3cedf8bc33b32b14c9102df5500a67879cedbe425070c87cb72ac190c43d119892256cb05ac744d9c2f695132af8c339bb2c77","ssdeep":"12288:7iVGzInt49M29q7rKFvOq287rM4bTatPR1HYUTZrqbMmLpGtLXOj2kLlJrHJ93fR:+37QmqPTuR6OFqNpQ+j2+JrHfSy","tlshash":"52d423ca60cc657de5f4b357f0e129a7c016cb7b69abb3a1599b0838e60c4cb701267d","first_seen":"2026-01-07T14:57:26.521526Z","last_seen":"2026-01-07T14:57:26.521526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/s?QJyaSKTR\u0026did=9","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T14:56:59.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /s?QJyaSKTR\u0026did=9 HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST, GET, OPTIONS, HEAD\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nsurrogate-control: no-store\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uhgMobgHJWQC4N7Hyx%2BGMX%2FqFpjIhB0wlVGz1x9xd5MRidcp70KmoMFtHXbAM6d6HRqp8kqi6pUcjEtv4vm2Vywohln%2FjSjs4dQ%3D\"}]}\r\nset-cookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9; expires=Thu, 07 Jan 2027 14:56:59 GMT; Path=/; Secure\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ba44e135d9156b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22317,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (3884)","md5":"1a241534bf2f892ae4c29f74fe187864","sha1":"a8244c23ed8eb1e1557c1c1815039606fde8a60a","sha256":"87f5b5cfbf62c8365fc42928e4547a6fd634b402a0ab8d85720966ac34f572cc","sha512":"dcdfc4aa9ce76e1ae512b89de438bf796e24a3c3de5a50c79016c991d5897c81b33666026e089f06d43a319fff506d1af1e10cc8006968978ccc05ea44e37041","ssdeep":"384:nRg8zYGKXRJJjmmX5II4gHRCR4/qMd202VQxk7zL1IeuP1/8O:nRTEGKXRJ9m72p3AT7zhIFPz","tlshash":"aba20852056652caab1535a2d79b34c89b88e487efc24e8af8fe0d18cf5b74d374274c","first_seen":"2026-01-07T14:57:26.523678Z","last_seen":"2026-01-07T14:57:26.523678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":48,"dns":27,"connect":1,"send":0,"wait":265,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/play/v21/6aez4K2oVqwIvtU2Hw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:01.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/play/v21/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lootdest.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:55:18 GMT\r\nexpires: Sun, 03 Jan 2027 10:55:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 360103\r\nlast-modified: Tue, 09 Sep 2025 18:58:19 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18128, version 1.0","md5":"3ed6c0946ff584a90850e13ab42305eb","sha1":"e99ed206e2c7241fa3823c5dfe81b0aab45c4ed7","sha256":"a8824b32c20407f3e05b353ffe9b606670ff4fe88574afcbee6b02e31eab7fc6","sha512":"9e20013b63d609652d9c3e8aac93cc0c4762c89bb1ef2f4b8e38252a83e1233697a474df37e46a9d22b975ac2a58646baf832514283391bb74963087f6319e3f","ssdeep":"384:CiR0I9jEmgp6aFp5oTwXplvOgNCxtRdyYRjl0:CieIQ2TaZOgNYHdy00","tlshash":"ca82d1b1b824a5f1ec0c4dd89096415b6d91fc2c6e0dbbc9a071691cbb21afd26cf4dd","first_seen":"2025-06-03T13:49:57.162731Z","last_seen":"2026-04-05T04:23:24.714541Z","times_seen":1100,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":78,"dns":2,"connect":20,"send":0,"wait":22,"receive":6,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lootdest.com/unlocker.png","fqdn":"lootdest.com","domain":"lootdest.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:02.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lootdest.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Dec 2025 18:43:46 GMT","end":"Sun, 22 Mar 2026 19:42:12 GMT"},"fingerprint":{"sha1":"6D:B8:F6:B2:CA:A1:60:5C:54:01:E4:48:50:44:85:4C:87:A0:FD:DD","sha256":"3A:02:5B:20:54:18:96:22:76:58:5E:26:32:52:2E:9C:D1:24:21:5F:27:59:8C:5C:F7:7C:96:96:5F:8B:08:8D"}}},"request":{"raw":"GET /unlocker.png HTTP/1.1\r\nHost: lootdest.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/s?QJyaSKTR\u0026did=9\r\nCookie: uid=ZSCi7Ggp38hvMJhpbkVQ5zc3Dmo4TPj9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 14:57:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 31030\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Jan 2026 14:11:52 GMT\r\netag: \"695e69a8-7936\"\r\naccept-ranges: bytes\r\nage: 832\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q4KaXtOwxYJ4NH2cAm43%2BG%2BIEnSoAfhU1evxgWn6IOCbpmOpJZh1rQA3UKv3pWhLfUhutuFM4ng6VlVmkh%2FDZMJGU1OjK5skrIE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba44e25afb8b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31030,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 246 x 246, 8-bit/color RGBA, non-interlaced","md5":"aa3e9ab7989d9c695c98fc750957670d","sha1":"4022d553f4952fa7c7b57f00942b202354b66acb","sha256":"5e0813c96779ef092cefc6e77fa90de7a86e307f04bd6d64f9d37a5d9a8fb4e0","sha512":"e3b681724244c3834a9d24d92c3b3817afb553e1a697c58b21d84e6a8ba1c07cece4b14e1316c6235436768b2e62362169810568921d660efc576536ec41696f","ssdeep":"768:nwlF+bky/Yt20bgvguLfk7D07HIcDbMXj5ZVp0iB6VRc8p6UvzMVOs:NkBXghfk7aHbDbMXj5Zh6LcC6YIVOs","tlshash":"54d2d0f5b033745de9f50006fa4647b801bb8af07f31b618d4bbc60eb78839e24a9965","first_seen":"2025-03-20T23:46:21.230829Z","last_seen":"2026-03-28T22:46:47.405383Z","times_seen":590,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"lootdest.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d1wzdj81h1hubn.cloudfront.net/resources/ab12a74d96444314.png","fqdn":"d1wzdj81h1hubn.cloudfront.net","domain":"d1wzdj81h1hubn.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.55","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:57:03.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /resources/ab12a74d96444314.png HTTP/1.1\r\nHost: d1wzdj81h1hubn.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3757656\r\ndate: Tue, 06 Jan 2026 21:30:27 GMT\r\nlast-modified: Mon, 22 Dec 2025 00:43:30 GMT\r\netag: \"22c79f8ea7b21f77225d82937d5e928f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-publisher_id: 453228\r\nx-amz-meta-timestamp: 2025-12-20T04:47:31.883876\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: XUYQMvyaMuOzPN1xUZlSk1qayoVYEppjUh8yS_BCh9g4MuMxIYFfGQ==\r\nage: 62797\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":3757656,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced","md5":"43b60c5d79c92060f18840a6f37ddbb3","sha1":"5f3b475af88a4e6061ce07b90e12be3e5c658eac","sha256":"e78c77ba4822e16da4a16c4dc41f06b19212253e2bcf2ba37ad41086ad8c082f","sha512":"48414a048b39934aa80e80f82cc4eac35950aa71c87b0cbcf4fa3779bccec366821e33e77362b53c864013a4130c390e58844f9d05b5d27e1039d1088e858341","ssdeep":"24576:LmpS564zeGsNkuKJPIMbAxkzgyr8zVHQyClIQjQzaFChq8LHkO:LT56HFWuKIMcywZQldjQAChqg","tlshash":"3d2533364f5f9671da83c492c2b67dd82ff6608c057aa3518618ded4b532386cbee234","first_seen":"2026-01-07T14:57:26.529507Z","last_seen":"2026-01-07T14:57:26.529507Z","times_seen":1,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lootdest.com/s?QJyaSKTR\u0026did=9","date":"2026-01-07T14:56:59.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/babel-regenerator-runtime@6.5.0/runtime.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lootdest.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 6.5.0\r\nx-jsd-version-type: version\r\netag: W/\"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 07 Jan 2026 14:56:59 GMT\r\nage: 2468649\r\nx-served-by: cache-fra-etou8220131-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 6589\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"4f6d0ac2c43a81b1890d6442a2a72494","sha1":"5cec1237fc2cd482064efb78c55096560ffd4419","sha256":"b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07","sha512":"b513e08a30b27f90e72b9f9e4e0602314d995736079820f23e35fe7a160029c8082c39bebec6b96270b72bf1f3e9af6ed68e70e943874395a6e42cd51012d83f","ssdeep":"384:beeCv9SwPTYFjZA5mfzfPZxWRrT+hcMXnRxlWllmt87SRM57EZp:be1SwPTYFjZfzGTMcM5gt6","tlshash":"65a2648d69eba2619a4672388b4f3019b735c01b820dcd51784d93e1bf9143453baffe","first_seen":"2023-03-07T14:26:52Z","last_seen":"2026-04-04T10:23:38.612385Z","times_seen":308,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":62,"dns":1,"connect":27,"send":0,"wait":28,"receive":1,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}