ranchis-lol.format.com Open in urlscan Pro
104.18.133.62 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://youtube.vi5y.com/1l3mux77
Effective URL:
https://ranchis-lol.format.com/
Submission: On May 12 via manual (May 12th 2022, 12:34:52 pm UTC) from NL — Scanned from NL

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 104.18.133.62, located in and belongs to CLOUDFLARENET, US. The main domain is ranchis-lol.format.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2021. Valid for: a year.

This is the only time ranchis-lol.format.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2	66.29.145.90 66.29.145.90	22612 (NAMECHEAP...) (NAMECHEAP-NET)
12	104.18.133.62 104.18.133.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.18.132.62 104.18.132.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:4780:b:6... 2a02:4780:b:664:0:3333:e0aa:1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	18.66.242.226 18.66.242.226	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	67.202.114.212 67.202.114.212	32748 (STEADFAST) (STEADFAST)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	9

2 66.29.145.90 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.tmrwcondos.com

youtube.vi5y.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.133.62 (None, )

ASN13335 (CLOUDFLARENET, US)

ranchis-lol.format.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.132.62 (None, )

ASN13335 (CLOUDFLARENET, US)

bucket1.format-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:4780:b:664:0:3333:e0aa:1 (Cyprus) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

teamcr01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.242.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-226.dus51.r.cloudfront.net

d1v5qbuvucewy1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	format-assets.com bucket1.format-assets.com — Cisco Umbrella Rank: 502895	53 KB
12	format.com ranchis-lol.format.com	108 KB
3	teamcr01.com 1 redirects teamcr01.com	12 KB
2	cloudfront.net d1v5qbuvucewy1.cloudfront.net	77 KB
2	vi5y.com youtube.vi5y.com	2 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 369	1 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12351	30 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 381	14 KB
34	8

	Domain	Requested by
12	bucket1.format-assets.com	ranchis-lol.format.com
12	ranchis-lol.format.com	youtube.vi5y.com ranchis-lol.format.com teamcr01.com
3	teamcr01.com	1 redirects ranchis-lol.format.com
2	d1v5qbuvucewy1.cloudfront.net	ranchis-lol.format.com
2	youtube.vi5y.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	whos.amung.us
1	js-agent.newrelic.com	ranchis-lol.format.com
34	8

This site contains no links.

Subject Issuer	Validity	Valid
youtube.vi5y.com R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-07` - `2022-10-06`	a year	crt.sh
bucket1.format-assets.com Cloudflare Inc ECC CA-3	`2022-04-29` - `2023-04-29`	a year	crt.sh
teamcr01.com R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ranchis-lol.format.com/
Frame ID: FDF5D286A802E79253FF9A39A55C9ACB
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log into Facebook | Facebook

Page URL History Show full URLs

https://youtube.vi5y.com/1l3mux77 Page URL
https://youtube.vi5y.com/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodH... Page URL
https://ranchis-lol.format.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

268 kB
Transfer

875 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://youtube.vi5y.com/1l3mux77 Page URL
https://youtube.vi5y.com/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvcmFuY2hpcy1sb2wuZm9ybWF0LmNvbVwvIn0.VpNdcuAwez77T-l4oUeMmwLAM9h7i2JC9nYjw9gFpCU Page URL
https://ranchis-lol.format.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://teamcr01.com/kevin1/location HTTP 301
https://teamcr01.com/kevin1/location/

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1l3mux77 Show response
youtube.vi5y.com/ 305 B
1 KB 720ms
204ms Document
text/html 66.29.145.90
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://youtube.vi5y.com/1l3mux77
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.29.145.90 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.tmrwcondos.com
Software: nginx /
Resource Hash: 7a6da5fe448daa504e1a18a42abdf24999c7bc1a697bf2de8fc4dbc0a00c2256

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 305
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 May 2022 12:34:47 GMT
Expires: 0
Last-Modified: Thu, 12 May 2022 12:34:47 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK gateway.php
youtube.vi5y.com/ 276 B
557 B 214ms
214ms Document
text/html 66.29.145.90
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://youtube.vi5y.com/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvcmFuY2hpcy1sb2wuZm9ybWF0LmNvbVwvIn0.VpNdcuAwez77T-l4oUeMmwLAM9h7i2JC9nYjw9gFpCU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.29.145.90 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.tmrwcondos.com
Software: nginx /
Resource Hash

Request headers

Referer: https://youtube.vi5y.com/1l3mux77
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 May 2022 12:34:48 GMT
Expires: 0
Last-Modified: Thu, 12 May 2022 12:34:48 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 Primary Request / Show response
ranchis-lol.format.com/ 183 KB
33 KB 164ms
95ms Document
text/html 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/

Requested by

Host: youtube.vi5y.com
URL: https://youtube.vi5y.com/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvcmFuY2hpcy1sb2wuZm9ybWF0LmNvbVwvIn0.VpNdcuAwez77T-l4oUeMmwLAM9h7i2JC9nYjw9gFpCU

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208827e435608f541781d27279e11e780070f75cd0c07c3a905986bad72fed5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://youtube.vi5y.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68664
cache-control: no-store, must-revalidate, private, max-age=0
cf-cache-status: HIT
cf-ray: 70a330cebdfb0b78-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 12 May 2022 12:34:48 GMT
etag: W/"208827e435608f541781d27279e11e78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: X-Platform, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-format-path
x-permitted-cross-domain-policies: none
x-request-id: d5157d07-a4a1-48ff-9870-f7f707e78e37
x-runtime: 0.177588
x-xss-protection: 1; mode=block

GET
H2 200 jquery.scrollpane.css
bucket1.format-assets.com/theme_versions/7794919/assets/stylesheets/ 991 B
632 B 175ms
82ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/stylesheets/jquery.scrollpane.css
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39b68c23f7523a8f45e32413d9f3fb503675a3c825a57efc6e0347154199cfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: V40B5GPPK5X8R923
x-amz-id-2: uG5bUeDOgMOHSBeRQXzREcf0bGsV0hnBzAGAjwoCqgRnP9NIIIvZH33xkOfPM0WYoUSt8bHFp5s=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"14914c27204de7561fb8f8020bdf6ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef2c1ec2-AMS

GET
H2 200 hosted_fonts-d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f.css
ranchis-lol.format.com/static/theme_api/v1/ 29 KB
2 KB 88ms
88ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/hosted_fonts-d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 1963
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5e9a0b78-AMS

GET
H2 200 webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
ranchis-lol.format.com/static/theme_api/vendor/ 119 KB
6 KB 86ms
85ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 6455
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5e9d0b78-AMS

GET
H2 200 share_panel-1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1.css
ranchis-lol.format.com/static/theme_api/v1/ 4 KB
1 KB 94ms
93ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/share_panel-1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 1034
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5e9f0b78-AMS

GET
H2 200 protected_images-6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828.css
ranchis-lol.format.com/static/theme_api/v1/ 3 KB
444 B 87ms
86ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/protected_images-6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 379
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea00b78-AMS

GET
H2 200 font-awesome.min-3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96.css
ranchis-lol.format.com/static/theme_api/v1/ 15 KB
3 KB 83ms
82ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/font-awesome.min-3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 3255
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea10b78-AMS

GET
H2 200 theme_social-666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58.css
ranchis-lol.format.com/static/theme_api/v1/ 2 KB
559 B 91ms
90ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/theme_social-666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 494
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea30b78-AMS

GET
H2 200 cart-4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533.css
ranchis-lol.format.com/static/theme_api/v1/sales/ 10 KB
2 KB 88ms
87ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/sales/cart-4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533.css

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 2182
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea50b78-AMS

GET
H2 200 stylesheet.css
ranchis-lol.format.com/ 75 KB
10 KB 109ms
108ms Stylesheet
text/css 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/stylesheet.css?v=2022-05-11T14:24:28Z

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1378f4016352149d0bf4fd268fc4db9c2c74c053d8c1366a1ab4ac5d1e2bbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 68663
content-encoding: gzip
vary: X-Platform, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 884ddf02-54e6-401b-b332-3787bee19199
x-runtime: 0.316988
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f1378f4016352149d0bf4fd268fc4db9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-download-options: noopen
content-type: text/css
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cf5ea60b78-AMS

GET
H2 200 / Show response
teamcr01.com/kevin1/ 20 KB
12 KB 506ms
162ms Script
application/javascript 2a02:4780:b:664:0:3333:e0aa:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teamcr01.com/kevin1/?api=1&lan=eod5f84s&ht=2

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:664:0:3333:e0aa:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.26

Resource Hash

b1ad14a6fa229177559d9ea43e6fcdf16109ac7234bace537a4a17ec1d12c547

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11713
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 91 KB
33 KB 191ms
99ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc84f55c05e29f6f1c909a9e9dee7b058a4998b261ec6b6a6184d9526d41214

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7147
x-amz-request-id: YMXQ2KBVG90YS61A
x-amz-id-2: 62ziW3GU9fN1oMcGWKc7PeVwqF0pSUY3k8u2Ig0xpv1+XEI6IML5ekha1rv3MNlA+u0BkrML5Kw=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"9a412110823825a1cb282fc1a3fe6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef2f1ec2-AMS

GET
H2 200 menu_dropdown.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 198 B
304 B 186ms
95ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/menu_dropdown.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3328dc4a0ff060f640d23c83546582685a58e66cfa908efd0aedff908958c48d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7147
x-amz-request-id: 9VNZ71HBF70WN0WC
x-amz-id-2: JTt+ZP/HnXURKeG7RfMBasgy+EVYxwBiCJ3jgdKqwVT7f9Fl4U5fmPOTkTaKs8z8N+uJh1Q1/iQ=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"ed1b135bce8d79142580cb0550af652c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef311ec2-AMS

GET
H2 200 jquery.jscrollpane.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 14 KB
5 KB 169ms
78ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.jscrollpane.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6342e0dab2a81ace5d67719288c433dc992f0bf5a6dd8c7aa23e58f4722aed81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: YPZS86BCNPNTXVFD
x-amz-id-2: Z0a0cz0+u8Auf/3qT5uBhii1dhllHth7V3kF16WM+bRdvXz+6iSbzURCpycDqEkfhheTK+KsThM=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"75460df292d2dd66b62ebd26cb66d8b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef321ec2-AMS

GET
H2 200 jquery.mousewheel.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 1 KB
889 B 234ms
142ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.mousewheel.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad36c201a155c72065f955f0b04a0cdcbf5a9911c9ea26f051941ae4081bd8d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: V40CHSYDHHQ1A8P9
x-amz-id-2: ktnhbjFag9tKOnhyuEx8HXWtHT1wAE5YI8tBjJB2NeMdOZ+izaC8QoRdcziHQNxXgFG11zCPaH8=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"6402c77c9590248ac344b12ae8892cd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef341ec2-AMS

GET
H2 200 jquery-throttle-debounce.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 698 B
631 B 182ms
91ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery-throttle-debounce.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2024f7ed25c0439731e05bc8a7b649c71bb5726676c4362db31091ec52caf906

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: 123KVSZG4W68H439
x-amz-id-2: +ffyUh/33785Twt5rtbEEseFu6swSazeUxnVF97BNPHSpF1LCoHBAAri9eXg8pkbBue93WlPSJw=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"7fbae5d41562d2b087d40ff3940fdc53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef351ec2-AMS

GET
H2 200 scrollDelta-1-b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0.js Show response
ranchis-lol.format.com/static/theme_api/vendor/ 971 B
425 B 82ms
81ms Script
application/javascript 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/vendor/scrollDelta-1-b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0.js

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 343
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea70b78-AMS

GET
H2 200 responsive.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 624 B
508 B 186ms
95ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/responsive.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8ad27ed1c02f999af9ce1e73f991eb186f0d91663bdf78a6ed54d15eb32d0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: 9PVMQQSFAXBFV9FV
x-amz-id-2: I9FYiUUykZKweAxUvULkdO5ZZV2ORWv/otNQETy7ZtVtV7fUoVZAxbdaSmNwuqMKvsofXfm+CEo=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"d710d05f4e8b369dec11cf49f0664d2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef361ec2-AMS

GET
H2 200 mobile_menu.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 2 KB
941 B 170ms
80ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/mobile_menu.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630bd8d8f0929fd50c91b4f25194e2a99612cb62267a1877b7c844d3031a3488

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7145
x-amz-request-id: 9RQKY668YMFVPE66
x-amz-id-2: xLG3suIW0JtOu8f5VrkEIk2M/UrmKM9JAG8xDylz96pJJufRZjpUglVVrsZKrLCSrHFh8DKf/pU=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"ee5d6493ce74e9db74b13dafb7d32a16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330cfef371ec2-AMS

GET
H2 200 ls.respimg.min.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 4 KB
2 KB 72ms
72ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ls.respimg.min.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2265287d55a26ab4567ce6c297d74de9f5748b7140f8c37ce06852cf7a8ed93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: YMXJX6RCRDKXD5JN
x-amz-id-2: bhu9qLGWSIQYVr8WvJCCenw9X/SJ/Wy/IUI33oNZdjyRQyBjeUnQR+L0zQxgWcSDo9ksxNuqfEA=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"2ef29400a1a779a06618dba5690d0fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330d0d8511ec2-AMS

GET
H2 200 lazysizes.min.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 6 KB
3 KB 75ms
74ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/lazysizes.min.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e28d2aaac8c0b1a306cdffa081b7f0527f2d14317f1930b8abbdaa1c312d76b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: YMXJ5ZYRHC01SX8H
x-amz-id-2: dH/YUfotsumqVTHByFbq5JJbdNw4MgV1s1/qK5RETimDSChijFu4Zmr7xa4eQKxVUKaMXqGUqow=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"8089848ee174fa79c144099de88b6e59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330d0d8561ec2-AMS

GET
H2 200 masonry.pkgd-4.2.2.min-8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6.js Show response
ranchis-lol.format.com/static/theme_api/vendor/ 24 KB
7 KB 83ms
82ms Script
application/javascript 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/vendor/masonry.pkgd-4.2.2.min-8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6.js

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 7352
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf5ea80b78-AMS

GET
H2 200 zoomlevel.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 975 B
646 B 192ms
101ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/zoomlevel.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a618a8f1ce497ed1fe125c1926668efd8e6b8a27abe35e35910674822a700e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: 123PH0SQ9SZA2411
x-amz-id-2: EdZaumHtK6t/4yjPKRxHhk/XDtzHH6eDkIrNxpGT16RYeNWSkENvh1JZTTmCJW44dvRLuXwr5Os=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"5ea1b7d52c67cdc2785a1afd3bc6cbdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330d00f571ec2-AMS

GET
H2 200 theme.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 18 KB
5 KB 184ms
94ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/theme.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280c59c3ec4f9be61433b6df946cfac52c5a6701dbdc809f04e1b33812883701

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7146
x-amz-request-id: 123H3TQXDXCD6HN7
x-amz-id-2: HHLYxn0rL1yUi89kh8mlt61SL0UVgJv/c74AMX0CB3jQLhHdAfO+qMZPA3sdE0o6o0A50v8t3W8=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"f4bce16a582dd8b97e6378f3a8bb00ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70a330d00f5a1ec2-AMS

GET
H2 200 4ormat-70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e.js Show response
ranchis-lol.format.com/static/theme_api/v1/ 127 KB
42 KB 99ms
99ms Script
application/javascript 104.18.133.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ranchis-lol.format.com/static/theme_api/v1/4ormat-70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e.js

Requested by

Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.133.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5461
content-length: 42482
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
via: 1.1 vegur
cache-control: no-store, must-revalidate, private, max-age=0
accept-ranges: bytes
cf-ray: 70a330cf7ec90b78-AMS

GET
H/1.1 200
OK 09da50f2-1eeb-4ba1-a23e-f327abbe9220-3.woff
d1v5qbuvucewy1.cloudfront.net/webtype/Lydian/ 32 KB
33 KB 131ms
41ms Font
application/x-font-woff 18.66.242.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1v5qbuvucewy1.cloudfront.net/webtype/Lydian/09da50f2-1eeb-4ba1-a23e-f327abbe9220-3.woff
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-226.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29d02f4707bca47f6174acfdaa987074bb1c69a0c0074112b235ef6954676f72

Request headers

Referer: https://ranchis-lol.format.com/
Origin: https://ranchis-lol.format.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 17:29:50 GMT
Via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age: 68700
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 32651
Last-Modified: Thu, 16 Jun 2016 18:23:16 GMT
Server: AmazonS3
ETag: "162d6c2b991ba4403413767ce256c982"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: 69fcFJ0PcsYWm8tLhVKmq9Rhek5UH99AseMBREUL2YnxP_yh3wWI8g==

GET
H/1.1 200
OK a1597cec-7798-455f-8033-f2949c56e28e-3.woff
d1v5qbuvucewy1.cloudfront.net/webtype/Freight-Sans-Book/ 44 KB
45 KB 126ms
36ms Font
application/x-font-woff 18.66.242.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1v5qbuvucewy1.cloudfront.net/webtype/Freight-Sans-Book/a1597cec-7798-455f-8033-f2949c56e28e-3.woff
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-226.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3c4d74c88e5b9f761d9021373b7e7c2f2e9b51ae0b50d150426bf1c583d426

Request headers

Referer: https://ranchis-lol.format.com/
Origin: https://ranchis-lol.format.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 17:29:50 GMT
Via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age: 68700
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 45147
Last-Modified: Thu, 16 Jun 2016 18:23:14 GMT
Server: AmazonS3
ETag: "477e11a357ebb2ad17eeed6703e73995"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: U8RsHmu3XXghOIgplTEOfuI6Sb6u8-3X49u75y3tbDS9AkiW_PzyQg==

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 300ms
99ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: XHMCMP6XEQRQNPS8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: 2umcovIMoGm5isiTYC/0lU4bIF2M5rR7hkLWEiUKecyxVjNrT7aGF+OEW0JzjnjIXDGBvD+nKto=
x-served-by: cache-ewr18124-EWR
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1652358890.958128,VS0,VE0
date: Thu, 12 May 2022 12:34:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9621

GET styles.css
ranchis-lol.format.com/ 0
0

GET
H2

200

/ Show response
teamcr01.com/kevin1/location/
Redirect Chain

https://teamcr01.com/kevin1/location
https://teamcr01.com/kevin1/location/

1 KB
599 B

160ms
160ms

Script
application/javascript

2a02:4780:b:664:0:3333:e0aa:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teamcr01.com/kevin1/location/

Protocol

Server

2a02:4780:b:664:0:3333:e0aa:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.26

Resource Hash

6ebfae6466d3964cd2ea9b003614f774305042f8dd81de7c8f3d0aa5cbab0798

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:49 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
content-length: 517
expires: Thu, 19 May 2022 12:34:49 GMT

Redirect headers

location: https://teamcr01.com/kevin1/location/
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
date: Thu, 12 May 2022 12:34:49 GMT
content-length: 707
content-type: text/html

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c74356e8464722d314b3b8ac1dfe373a43b1325c85f2faeae17f3d941203e2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9b0eae6f3267fff88ee70a8fdbd8f626f9f8705eb05fced528a550dea39bc16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
whos.amung.us/pingjs/ 30 B
30 B 373ms
119ms Image
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=teamcr2022&t=https://www.tiktok.com/&x=https://www.tiktok.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 12:34:50 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK dcbde81dc9 Show response
bam-cell.nr-data.net/1/ 49 B
1 KB 512ms
438ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/dcbde81dc9?a=77525617&v=1216.487a282&to=IlsMTEJWDl4ERBZIEwNYC1sfSgpdFg%3D%3D&rst=1355&ck=1&ref=https://ranchis-lol.format.com/&qt=2&ap=177&be=354&fe=1041&dc=447&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1652358888661,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:11,%22c%22:11,%22s%22:36,%22ce%22:69,%22rq%22:69,%22rp%22:164,%22rpe%22:169,%22dl%22:167,%22di%22:446,%22ds%22:446,%22de%22:456,%22dc%22:1041,%22l%22:1041,%22le%22:1045%7D,%22navigation%22:%7B%7D%7D&fp=437&fcp=437&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ranchis-lol.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 12 May 2022 12:34:50 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqFqv730lh0DzyjNDE%2B1I9dP04JAOGJv%2F7uASZK4J%2FQ24EbEeaF0jVV%2BLIfOGjnoQ9EKn4BVL84J%2BO57zvOXR%2FmOt7WmJBFIv3QEZiT%2FRGpIafDH6tC1ayZ08nL65aM%2FHJP1uBEE"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 70a330d72d5c9743-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ranchis-lol.format.com
URL: https://ranchis-lol.format.com/styles.css?v=1652358889

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
youtube.vi5y.com/	1970-01-20 03:43:57	Name: _subid Value: vchdda17ibp
youtube.vi5y.com/	1970-02-08 06:00:04	Name: 35479 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU5NzQzXCI6MTY1MjM1ODg4N30sXCJjYW1wYWlnbnNcIjp7XCIyOTg3MVwiOjE2NTIzNTg4ODd9LFwidGltZVwiOjE2NTIzNTg4ODd9In0.BRHle2m9CrccNbnciLpiAHJ26u9UVqGdnNR8k2-Vidc
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: da6653602077c1e4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ranchis-lol.format.com/ Message: Refused to apply style from 'https://ranchis-lol.format.com/styles.css?v=1652358889' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
bucket1.format-assets.com
d1v5qbuvucewy1.cloudfront.net
js-agent.newrelic.com
ranchis-lol.format.com
teamcr01.com
whos.amung.us
youtube.vi5y.com
ranchis-lol.format.com
104.18.132.62
104.18.133.62
151.101.194.137
162.247.243.146
18.66.242.226
2a02:4780:b:664:0:3333:e0aa:1
66.29.145.90
67.202.114.212
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1
2024f7ed25c0439731e05bc8a7b649c71bb5726676c4362db31091ec52caf906
208827e435608f541781d27279e11e780070f75cd0c07c3a905986bad72fed5b
280c59c3ec4f9be61433b6df946cfac52c5a6701dbdc809f04e1b33812883701
29d02f4707bca47f6174acfdaa987074bb1c69a0c0074112b235ef6954676f72
2b8ad27ed1c02f999af9ce1e73f991eb186f0d91663bdf78a6ed54d15eb32d0f
3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96
3328dc4a0ff060f640d23c83546582685a58e66cfa908efd0aedff908958c48d
4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533
51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39
5e28d2aaac8c0b1a306cdffa081b7f0527f2d14317f1930b8abbdaa1c312d76b
630bd8d8f0929fd50c91b4f25194e2a99612cb62267a1877b7c844d3031a3488
6342e0dab2a81ace5d67719288c433dc992f0bf5a6dd8c7aa23e58f4722aed81
666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58
6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828
6ebfae6466d3964cd2ea9b003614f774305042f8dd81de7c8f3d0aa5cbab0798
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e
7a6da5fe448daa504e1a18a42abdf24999c7bc1a697bf2de8fc4dbc0a00c2256
8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6
99a618a8f1ce497ed1fe125c1926668efd8e6b8a27abe35e35910674822a700e
9c74356e8464722d314b3b8ac1dfe373a43b1325c85f2faeae17f3d941203e2e
ad36c201a155c72065f955f0b04a0cdcbf5a9911c9ea26f051941ae4081bd8d5
b1ad14a6fa229177559d9ea43e6fcdf16109ac7234bace537a4a17ec1d12c547
b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0
d2265287d55a26ab4567ce6c297d74de9f5748b7140f8c37ce06852cf7a8ed93
d39b68c23f7523a8f45e32413d9f3fb503675a3c825a57efc6e0347154199cfc
d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f
d9b0eae6f3267fff88ee70a8fdbd8f626f9f8705eb05fced528a550dea39bc16
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc3c4d74c88e5b9f761d9021373b7e7c2f2e9b51ae0b50d150426bf1c583d426
dcc84f55c05e29f6f1c909a9e9dee7b058a4998b261ec6b6a6184d9526d41214
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1378f4016352149d0bf4fd268fc4db9c2c74c053d8c1366a1ab4ac5d1e2bbee

ranchis-lol.format.com Open in urlscan Pro 104.18.133.62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

94 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

9 IPs

3 Countries

268 kBTransfer

875 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ranchis-lol.format.com Open in urlscan Pro
104.18.133.62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

268 kB
Transfer

875 kB
Size

3
Cookies

34 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!