indexo.dev

loot.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 3742 ms crawled 2026-05-16

US · 172.67.70.74 · AS13335 Cloudflare, Inc.

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title
Loot - Free Buy & Sell classified ads for everything
Description
Loot - Original secondhand marketplace with cars, fashion, property, jobs and more for a sustainable future. Repurposed, reused , vintage and preloved, we have it all!
Language
en

Open Graph

url
https://www.loot.com/
title
Loot - Free Buy & Sell classified ads for everything | www.loot.com
region
United Kingdom
locality
United Kingdom
site name
www.loot.com
description
Loot - Original secondhand marketplace with cars, fashion, property, jobs and more for a sustainable future. Repurposed, reused , vintage and preloved, we have it all!
postal-code
United Kingdom
country-name
United Kingdom

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • ajax.googleapis.com×2
  • cdnjs.cloudflare.com×2
  • fonts.googleapis.com×2
  • maps.googleapis.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
eNom, LLC
Created
1997-04-30
Expires
2029-05-01 1076 days left
Updated
2020-03-09
Name servers
  • dean.ns.cloudflare.com
  • melissa.ns.cloudflare.com

DNS records live

NS
  • dean.ns.cloudflare.com
  • melissa.ns.cloudflare.com
MX
  • 10 loot-com.mail.protection.outlook.com
  • 5 eu-smtp-inbound-1.mimecast.com
  • 5 eu-smtp-inbound-2.mimecast.com
TXT
  • amazonses:wb/qUq1j7eLucuzA41nXX5ysRSyKr8SXH8DP8iMA20w=
  • riXHL2E3no/xsftdEHJNsr5Vf7gzbN6yexMX6fNYO4ei89YlVdGceD8P0ucVqa151dllBz9FRjDeFWCxn6jOUQ==
Verified for
  • GlobalSign
  • Google
  • Meta
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:_netblocks.mimecast.com ~all
softfail (~all)
DMARC
not published
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

WE1
from 2026-04-18 to 2026-07-17
Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.loot.com/

present
  • x-frame-options
findings
  • missing HSTS
  • missing Content Security Policy
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN

Links to (3)

Linked from (1)