lootaura.com

.com crawl

First seen 2026-04-28 · Last seen 2026-05-01 · ok HTTP/1.1 200 2250 ms crawled 2026-05-06

US · 216.198.79.65 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: LootAura · Yard Sales Near You | Loot Aura
Description: Find and post yard sales, garage sales, and estate sales in your area. Never miss a great deal again!
Language: en
Canonical: https://lootaura.com

Open Graph

url: https://lootaura.com
title: LootAura · Yard Sales Near You | Loot Aura
site name: Loot Aura
description: Find and post yard sales, garage sales, and estate sales in your area. Never miss a great deal again!

Technology

CDN: Vercel
CMS: Next.js

Third-party hosts loaded (30)

acidtools.com×2
aigc160.com×2
aixcollection.com×2
api.mapbox.com×2
appalist.com×2
appsytools.com×2
ashlist.com×2
beamtools.com×2
besttoolvault.com×2
events.mapbox.com×2
goodaitools.com×2
huntfortools.com×2
latestaiupdates.com×2
launchclash.com×2
launchscroll.com×2
mylaunchstash.com×2
mystarttools.com×2
neeed.directory×2
poweruptools.com×2
productlistdir.com×2
productwing.com×2
saasfield.com×2
saashubdirectory.com×2
saasroots.com×2
saastoolsdir.com×2
saaswheel.com×2
smartkithub.com×2
softwarebolt.com×2
solvertools.com×2
sourcedir.com×2

Registration

Registrar

NameCheap, Inc.

Created

2025-09-23

Expires

2026-09-23 127 days left

Updated

2025-11-13

Name servers

ns1.vercel-dns.com
ns2.vercel-dns.com

DNS records live

NS

ns1.vercel-dns.com
ns2.vercel-dns.com

Certificate (current)

R12

from 2026-03-15 to 2026-06-13

Expires in 25 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://lootaura.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: DENY
permissions-policy: camera=(), microphone=(), geolocation=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://widget.cloudinary.com https://upload-widget.cloudinary.com https://vercel.live https://www.clarity.ms https://scripts.clarity.ms https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://ep2.adtrafficquality.google https://js.stripe.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io; style-src 'self' 'unsafe-inline' https://api.mapbox.com; script-src-elem 'self' 'unsafe-inline' https://widget.cloudinary.com https://upload-widget.cloudinary.com https://vercel.live https://www.clarity.ms https://scripts.clarity.ms https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://ep2.adtrafficquality.google https://js.stripe.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io; style-src-elem 'self' 'unsafe-inline' https://api.mapbox.com; worker-src 'self' blob:; child-src blob:; img-src 'self' data: blob: https: https://res.cloudinary.com; font-src 'self'
strict-transport-security: max-age=63072000