lima-rils.format.com Open in urlscan Pro
104.18.132.62 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://phot0.f5ddn.com/dik0u9fjb
Effective URL:
https://lima-rils.format.com/
Submission: On May 19 via manual (May 19th 2022, 11:25:24 pm UTC) from CL — Scanned from CA

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 33 HTTP transactions. The main IP is 104.18.132.62, located in and belongs to CLOUDFLARENET, US. The main domain is lima-rils.format.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2021. Valid for: a year.

This is the only time lima-rils.format.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	167.114.124.44 167.114.124.44	16276 (OVH) (OVH)
12	104.18.132.62 104.18.132.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.18.136.62 104.18.136.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:4780:b:6... 2a02:4780:b:664:0:3333:e0aa:1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	54.192.100.47 54.192.100.47	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	9

1 167.114.124.44 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip44.ip-167-114-124.net

phot0.f5ddn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.132.62 (None, )

ASN13335 (CLOUDFLARENET, US)

lima-rils.format.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.136.62 (None, )

ASN13335 (CLOUDFLARENET, US)

bucket1.format-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:4780:b:664:0:3333:e0aa:1 (Cyprus) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

teamcr01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.100.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-47.ewr53.r.cloudfront.net

d1v5qbuvucewy1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	format-assets.com bucket1.format-assets.com — Cisco Umbrella Rank: 502895	53 KB
12	format.com lima-rils.format.com	107 KB
3	teamcr01.com 1 redirects teamcr01.com	12 KB
2	cloudfront.net d1v5qbuvucewy1.cloudfront.net	77 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 369	1 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12351	29 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 381	14 KB
1	f5ddn.com phot0.f5ddn.com	354 B
33	8

	Domain	Requested by
12	bucket1.format-assets.com	lima-rils.format.com
12	lima-rils.format.com	lima-rils.format.com teamcr01.com
3	teamcr01.com	1 redirects lima-rils.format.com
2	d1v5qbuvucewy1.cloudfront.net	lima-rils.format.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	whos.amung.us
1	js-agent.newrelic.com	lima-rils.format.com
1	phot0.f5ddn.com
33	8

This site contains no links.

Subject Issuer	Validity	Valid
www.phot0.f5ddn.com R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-07` - `2022-10-06`	a year	crt.sh
bucket1.format-assets.com Cloudflare Inc ECC CA-3	`2022-04-29` - `2023-04-29`	a year	crt.sh
teamcr01.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lima-rils.format.com/
Frame ID: 50027D6131A45D4048F1C0C6C128FA65
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log into Facebook | Facebook

Page URL History Show full URLs

https://phot0.f5ddn.com/dik0u9fjb Page URL
https://lima-rils.format.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

265 kB
Transfer

875 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://phot0.f5ddn.com/dik0u9fjb Page URL
https://lima-rils.format.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://teamcr01.com/kevin1/location HTTP 301
https://teamcr01.com/kevin1/location/

33 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 dik0u9fjb Show response
phot0.f5ddn.com/ 135 B
354 B 130ms
9ms Document
text/html 167.114.124.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://phot0.f5ddn.com/dik0u9fjb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.114.124.44 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-167-114-124.net
Software: / PHP/7.3.33
Resource Hash: c45b377a77fb8edbcea9d71cd1628ae78c78b395ed384da795beadc2d7d53fc6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: br
content-length: 98
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 23:25:19 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

GET
H2 200 Primary Request / Show response
lima-rils.format.com/ 183 KB
32 KB 377ms
322ms Document
text/html 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ba25506b05408302dfeeee551e80aefbbced3c5b4ee44c79f80301610ad515f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phot0.f5ddn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, must-revalidate, private, max-age=0
cf-cache-status: MISS
cf-ray: 70e09752d9653ff8-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 19 May 2022 23:25:19 GMT
etag: W/"6ba25506b05408302dfeeee551e80aef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: X-Platform, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-format-path
x-permitted-cross-domain-policies: none
x-request-id: 4dd25074-16ca-4729-b061-36d5aa60d647
x-runtime: 0.158533
x-xss-protection: 1; mode=block

GET
H2 200 jquery.scrollpane.css
bucket1.format-assets.com/theme_versions/7794919/assets/stylesheets/ 991 B
924 B 122ms
57ms Stylesheet
text/css 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/stylesheets/jquery.scrollpane.css
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39b68c23f7523a8f45e32413d9f3fb503675a3c825a57efc6e0347154199cfc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4920
x-amz-request-id: F3Y7C05473V6TQPW
x-amz-id-2: 6Pd0dOUUAAqY8gPY/mkJehZ5xitHYmRchXX/L9rxJmhj92KoHcTipledI6Fp3WWFPv10FJBMxtE=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"14914c27204de7561fb8f8020bdf6ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b755407-YYZ

GET
H2 200 hosted_fonts-d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f.css
lima-rils.format.com/static/theme_api/v1/ 29 KB
2 KB 196ms
195ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/hosted_fonts-d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbeb3ff8-YYZ
content-length: 1963
via: 1.1 vegur

GET
H2 200 webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
lima-rils.format.com/static/theme_api/vendor/ 119 KB
6 KB 195ms
193ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbec3ff8-YYZ
content-length: 6455
via: 1.1 vegur

GET
H2 200 share_panel-1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1.css
lima-rils.format.com/static/theme_api/v1/ 4 KB
1 KB 194ms
192ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/share_panel-1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbed3ff8-YYZ
content-length: 1034
via: 1.1 vegur

GET
H2 200 protected_images-6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828.css
lima-rils.format.com/static/theme_api/v1/ 3 KB
443 B 140ms
137ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/protected_images-6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbf23ff8-YYZ
content-length: 379
via: 1.1 vegur

GET
H2 200 font-awesome.min-3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96.css
lima-rils.format.com/static/theme_api/v1/ 15 KB
3 KB 142ms
139ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/font-awesome.min-3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbf43ff8-YYZ
content-length: 3255
via: 1.1 vegur

GET
H2 200 theme_social-666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58.css
lima-rils.format.com/static/theme_api/v1/ 2 KB
566 B 138ms
136ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/theme_social-666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbf93ff8-YYZ
content-length: 494
via: 1.1 vegur

GET
H2 200 cart-4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533.css
lima-rils.format.com/static/theme_api/v1/sales/ 10 KB
2 KB 141ms
138ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/sales/cart-4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533.css

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbfa3ff8-YYZ
content-length: 2182
via: 1.1 vegur

GET
H2 200 stylesheet.css
lima-rils.format.com/ 75 KB
10 KB 633ms
631ms Stylesheet
text/css 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/stylesheet.css?v=2022-05-19T18:39:52Z

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853549e041ae484a182c061384964727c32da99a000d40e9d14e14670fe4bc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:20 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-encoding: gzip
vary: X-Platform, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: fa634c35-8751-42b8-b0e2-575753db7f77
x-runtime: 0.426680
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"853549e041ae484a182c061384964727"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-download-options: noopen
content-type: text/css
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e09754fbfb3ff8-YYZ

GET
H2 200 / Show response
teamcr01.com/kevin1/ 20 KB
12 KB 580ms
90ms Script
application/javascript 2a02:4780:b:664:0:3333:e0aa:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teamcr01.com/kevin1/?api=1&lan=eod5f84s&ht=2

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:664:0:3333:e0aa:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.26

Resource Hash

51edc726da06cee9fa3158eb246edebb03e84faceb70a6f0c228a996841db670

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 23:25:20 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11714
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 91 KB
33 KB 133ms
69ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc84f55c05e29f6f1c909a9e9dee7b058a4998b261ec6b6a6184d9526d41214

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: Y8GE0VNEWNS3H8KQ
x-amz-id-2: 4jU6u8T0L79UMUOWVhOEsgpHqsbB8AeOU2TCLy6uNp7o2OyrmzJwnbMXj16zOObFaug2wS7vr8I=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"9a412110823825a1cb282fc1a3fe6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b765407-YYZ

GET
H2 200 menu_dropdown.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 198 B
301 B 138ms
75ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/menu_dropdown.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3328dc4a0ff060f640d23c83546582685a58e66cfa908efd0aedff908958c48d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: Y8G7W0HS0EWR9GXJ
x-amz-id-2: fr6RdlRssS+Xf4ZSHeZtyoYt1muirxROLQSoCE0kALYTJ4gyYJvJ5ZJABpDdBUBQnW2h/QFMPTg=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"ed1b135bce8d79142580cb0550af652c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b775407-YYZ

GET
H2 200 jquery.jscrollpane.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 14 KB
5 KB 146ms
82ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.jscrollpane.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6342e0dab2a81ace5d67719288c433dc992f0bf5a6dd8c7aa23e58f4722aed81

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4920
x-amz-request-id: VXXC6G596RCH56QY
x-amz-id-2: /P/8ihoovOL3FNN7GhWZTtxfPVVOurCXkgQB6zUXww+TlufG98+MJld3OyoeE/BoQrd7JfNJGC4=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"75460df292d2dd66b62ebd26cb66d8b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b785407-YYZ

GET
H2 200 jquery.mousewheel.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 1 KB
875 B 135ms
72ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery.mousewheel.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad36c201a155c72065f955f0b04a0cdcbf5a9911c9ea26f051941ae4081bd8d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4920
x-amz-request-id: 4DAK2N6484XS8J3W
x-amz-id-2: Aq/FyAzJSa+5aRZuxLXcaxX6T82DqTzipKcjj7wS8Zx9ubLaYNIufBECh9daWu6RuGKy5v0leg4=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"6402c77c9590248ac344b12ae8892cd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b795407-YYZ

GET
H2 200 jquery-throttle-debounce.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 698 B
646 B 131ms
68ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/jquery-throttle-debounce.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2024f7ed25c0439731e05bc8a7b649c71bb5726676c4362db31091ec52caf906

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4920
x-amz-request-id: F3Y435DPXS0W0JHM
x-amz-id-2: y3Yc77AlBiH6joRtKrvCRWj9tdNxCwKeAdC0hcz//59T/GKRjDFpMRO1EDCQw0pvUt3RzG8vRFg=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"7fbae5d41562d2b087d40ff3940fdc53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b7a5407-YYZ

GET
H2 200 scrollDelta-1-b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0.js Show response
lima-rils.format.com/static/theme_api/vendor/ 971 B
466 B 131ms
130ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/vendor/scrollDelta-1-b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0.js

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbfe3ff8-YYZ
content-length: 343
via: 1.1 vegur

GET
H2 200 responsive.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 624 B
496 B 141ms
79ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/responsive.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8ad27ed1c02f999af9ce1e73f991eb186f0d91663bdf78a6ed54d15eb32d0f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: Y8G39QJ050WZAT5B
x-amz-id-2: RCApuQ6WkP8mBrqzs2MOjfE8aM8TG/p4tKNB1n5QNeL0dE20/4/fBYNXtPbC8OkV2IfvaYBA6ZQ=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"d710d05f4e8b369dec11cf49f0664d2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097557b9e5407-YYZ

GET
H2 200 mobile_menu.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 2 KB
923 B 149ms
87ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/mobile_menu.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630bd8d8f0929fd50c91b4f25194e2a99612cb62267a1877b7c844d3031a3488

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: Y8GBEHGXTKTYJ9RW
x-amz-id-2: R+YGg3AcpaQ0CzXeeHKUbJL3lUdkkz/6UgViUg6nG8Uj8w0nAOyONWkRHXii/KyU/ffJqm2R0qs=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"ee5d6493ce74e9db74b13dafb7d32a16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097557b9c5407-YYZ

GET
H2 200 ls.respimg.min.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 4 KB
2 KB 60ms
60ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ls.respimg.min.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2265287d55a26ab4567ce6c297d74de9f5748b7140f8c37ce06852cf7a8ed93

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5080
x-amz-request-id: 4DAY4CP0RS900APM
x-amz-id-2: bT9aVhzYfxOhfDvJD64A5b1NCewSLSif53C5nPF+uBjoy5ehvh5DKj2ySTNlgvdXEIfrtuGdvgc=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"2ef29400a1a779a06618dba5690d0fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e0975929455407-YYZ

GET
H2 200 lazysizes.min.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 6 KB
3 KB 83ms
82ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/lazysizes.min.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e28d2aaac8c0b1a306cdffa081b7f0527f2d14317f1930b8abbdaa1c312d76b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5080
x-amz-request-id: Y8GBGRJ9DEEE9SS8
x-amz-id-2: 9F02YmT2iY4QEqYM80phZLbQmEQc2XtpoX3+dHqb473CY7+RiNGwmKPpGx/7r3lq2k4M7/41u3c=
last-modified: Fri, 04 Feb 2022 13:58:27 GMT
server: cloudflare
etag: W/"8089848ee174fa79c144099de88b6e59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e09759496f5407-YYZ

GET
H2 200 masonry.pkgd-4.2.2.min-8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6.js Show response
lima-rils.format.com/static/theme_api/vendor/ 24 KB
7 KB 136ms
135ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/vendor/masonry.pkgd-4.2.2.min-8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6.js

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e09754fbff3ff8-YYZ
content-length: 7352
via: 1.1 vegur

GET
H2 200 zoomlevel.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 975 B
660 B 135ms
73ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/zoomlevel.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a618a8f1ce497ed1fe125c1926668efd8e6b8a27abe35e35910674822a700e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: Y8G6H8MYMB7T0Q7T
x-amz-id-2: UVJZxZTVMAzmTaf1/Nc3dZJosW+BS4PgtD1qe2E0LNOibFQVQUektt9zTnyhSkdzrwMyntkAJaA=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"5ea1b7d52c67cdc2785a1afd3bc6cbdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b7e5407-YYZ

GET
H2 200 theme.js Show response
bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/ 18 KB
5 KB 128ms
67ms Script
application/javascript 104.18.136.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket1.format-assets.com/theme_versions/7794919/assets/javascripts/theme.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.136.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280c59c3ec4f9be61433b6df946cfac52c5a6701dbdc809f04e1b33812883701

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5081
x-amz-request-id: S3VHJM9W5SJNH7D7
x-amz-id-2: W6HTpi0puFQUmL30EVj0C3pvrbsBXUyqfAQR/sj/7Zj37LocI4FpNxIS7J7fmM/CFmFnNGQ2/DQ=
last-modified: Fri, 04 Feb 2022 13:58:28 GMT
server: cloudflare
etag: W/"f4bce16a582dd8b97e6378f3a8bb00ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
cf-ray: 70e097555b7b5407-YYZ

GET
H2 200 4ormat-70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e.js Show response
lima-rils.format.com/static/theme_api/v1/ 127 KB
42 KB 202ms
202ms Script
application/javascript 104.18.132.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lima-rils.format.com/static/theme_api/v1/4ormat-70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e.js

Requested by

Host: lima-rils.format.com
URL: https://lima-rils.format.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.132.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 17:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, private, max-age=0
strict-transport-security: max-age=0; includeSubDomains
accept-ranges: bytes
cf-ray: 70e097550c163ff8-YYZ
content-length: 42482
via: 1.1 vegur

GET
H/1.1 200
OK 09da50f2-1eeb-4ba1-a23e-f327abbe9220-3.woff
d1v5qbuvucewy1.cloudfront.net/webtype/Lydian/ 32 KB
33 KB 99ms
20ms Font
application/x-font-woff 54.192.100.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1v5qbuvucewy1.cloudfront.net/webtype/Lydian/09da50f2-1eeb-4ba1-a23e-f327abbe9220-3.woff
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29d02f4707bca47f6174acfdaa987074bb1c69a0c0074112b235ef6954676f72

Request headers

Referer: https://lima-rils.format.com/
Origin: https://lima-rils.format.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 22:17:33 GMT
Via: 1.1 7059c9fc065ed611eb4484ede494f844.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age: 4068
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 32651
Last-Modified: Thu, 16 Jun 2016 18:23:16 GMT
Server: AmazonS3
ETag: "162d6c2b991ba4403413767ce256c982"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: EWR53-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: gOcdrpAXhSTsMHtptULuTMdJMLWHALxnIK0ndptnf0a9b2JZBY5oFQ==

GET
H/1.1 200
OK a1597cec-7798-455f-8033-f2949c56e28e-3.woff
d1v5qbuvucewy1.cloudfront.net/webtype/Freight-Sans-Book/ 44 KB
45 KB 102ms
21ms Font
application/x-font-woff 54.192.100.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1v5qbuvucewy1.cloudfront.net/webtype/Freight-Sans-Book/a1597cec-7798-455f-8033-f2949c56e28e-3.woff
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/static/theme_api/vendor/webtype_fonts.min-51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3c4d74c88e5b9f761d9021373b7e7c2f2e9b51ae0b50d150426bf1c583d426

Request headers

Referer: https://lima-rils.format.com/
Origin: https://lima-rils.format.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 22:17:33 GMT
Via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age: 4068
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 45147
Last-Modified: Thu, 16 Jun 2016 18:23:14 GMT
Server: AmazonS3
ETag: "477e11a357ebb2ad17eeed6703e73995"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: EWR53-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: 8x8t8Szqaa409nPK_rOTlgPWCNfq1GZDeY5gw9DqyOGPjovloTzbiw==

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 60ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: lima-rils.format.com
URL: https://lima-rils.format.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: 73HZJ3HD5R4XZEBY
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: ySNxGM9HyI6kd+2aYOZjdjL9fw4n674tyJrd3NFdrComnN/zebDnUT+jaIaJypqu71rJwvDkNWI=
x-served-by: cache-yul12833-YUL
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1653002720.448683,VS0,VE0
date: Thu, 19 May 2022 23:25:20 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1880

GET styles.css
lima-rils.format.com/ 0
0

GET
H2

200

/ Show response
teamcr01.com/kevin1/location/
Redirect Chain

https://teamcr01.com/kevin1/location
https://teamcr01.com/kevin1/location/

1 KB
595 B

90ms
89ms

Script
application/javascript

2a02:4780:b:664:0:3333:e0aa:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teamcr01.com/kevin1/location/

Protocol

Server

2a02:4780:b:664:0:3333:e0aa:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.26

Resource Hash

b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:20 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
content-length: 513
expires: Thu, 26 May 2022 23:25:20 GMT

Redirect headers

location: https://teamcr01.com/kevin1/location/
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
date: Thu, 19 May 2022 23:25:20 GMT
content-length: 707
content-type: text/html

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c74356e8464722d314b3b8ac1dfe373a43b1325c85f2faeae17f3d941203e2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9b0eae6f3267fff88ee70a8fdbd8f626f9f8705eb05fced528a550dea39bc16

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
whos.amung.us/pingjs/ 29 B
29 B 102ms
32ms Image
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=teamcr2022&t=https://www.tiktok.com/&x=https://www.tiktok.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:25:20 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK dcbde81dc9 Show response
bam-cell.nr-data.net/1/ 49 B
1 KB 131ms
86ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/dcbde81dc9?a=77525617&v=1216.487a282&to=IlsMTEJWDl4ERBZIEwNYC1sfSgpdFg%3D%3D&rst=1358&ck=1&ref=https://lima-rils.format.com/&qt=1&ap=158&be=522&fe=1288&dc=1120&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1653002719106,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:32,%22ce%22:56,%22rq%22:56,%22rp%22:378,%22rpe%22:410,%22dl%22:381,%22di%22:1120,%22ds%22:1120,%22de%22:1138,%22dc%22:1288,%22l%22:1288,%22le%22:1294%7D,%22navigation%22:%7B%7D%7D&fp=1111&fcp=1111&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lima-rils.format.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 23:25:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk9%2B8BOIRWZK76PgiEueUn6qzDunEIfpKr44W348e7HEmwO3SCOHh%2BUUc8QjgPsxc%2BD5aau8OOkyCJA80s4r4kfpERKymYVdDYIpVAt3v8i0Lvw61lEfH0y8Zgoxkcf7dSShNg2A"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 70e0975b4cb3a1d8-YYZ

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lima-rils.format.com
URL: https://lima-rils.format.com/styles.css?v=1653002720

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e2239a889aa03ca1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://lima-rils.format.com/ Message: Refused to apply style from 'https://lima-rils.format.com/styles.css?v=1653002720' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
bucket1.format-assets.com
d1v5qbuvucewy1.cloudfront.net
js-agent.newrelic.com
lima-rils.format.com
phot0.f5ddn.com
teamcr01.com
whos.amung.us
lima-rils.format.com
104.18.132.62
104.18.136.62
151.101.2.137
162.247.243.146
167.114.124.44
2a02:4780:b:664:0:3333:e0aa:1
54.192.100.47
67.202.94.94
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
1a26721acae26eabd7c32296e2ee8cf053d1a1a8d9f7c49f0df899bc27b784c1
2024f7ed25c0439731e05bc8a7b649c71bb5726676c4362db31091ec52caf906
280c59c3ec4f9be61433b6df946cfac52c5a6701dbdc809f04e1b33812883701
29d02f4707bca47f6174acfdaa987074bb1c69a0c0074112b235ef6954676f72
2b8ad27ed1c02f999af9ce1e73f991eb186f0d91663bdf78a6ed54d15eb32d0f
3149da3014aff38a256574aa7aa1b947387efee9cdc1fb2d39e234606f231c96
3328dc4a0ff060f640d23c83546582685a58e66cfa908efd0aedff908958c48d
4d5bed841e04f35cada9bb41f30882005c189af13e193524545f285f7c279533
51d9b9edb8f956fb39da113609d790ba607fa4fbda053af8e378bb9233ef4a39
51edc726da06cee9fa3158eb246edebb03e84faceb70a6f0c228a996841db670
5e28d2aaac8c0b1a306cdffa081b7f0527f2d14317f1930b8abbdaa1c312d76b
630bd8d8f0929fd50c91b4f25194e2a99612cb62267a1877b7c844d3031a3488
6342e0dab2a81ace5d67719288c433dc992f0bf5a6dd8c7aa23e58f4722aed81
666d56afe440722dbf0325c8f10528dcc28546f5fab9eb19bc7098b0179fac58
6ba25506b05408302dfeeee551e80aefbbced3c5b4ee44c79f80301610ad515f
6cc002aad772e14af53bbbb966d0611491b39e25fc8fba42e94598f98d535828
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70901225320ae427277039851b0e0b51e410c74562a86d842c56870b6226e02e
853549e041ae484a182c061384964727c32da99a000d40e9d14e14670fe4bc3a
8d645c617dae902d017672ffda525cc733715da09ddf3d8e52129f0ac480f0c6
99a618a8f1ce497ed1fe125c1926668efd8e6b8a27abe35e35910674822a700e
9c74356e8464722d314b3b8ac1dfe373a43b1325c85f2faeae17f3d941203e2e
ad36c201a155c72065f955f0b04a0cdcbf5a9911c9ea26f051941ae4081bd8d5
b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e
b6e8272491eb8c6443315078df2ac0e991ffe130f23a3b1943b7ee57fe861ea0
c45b377a77fb8edbcea9d71cd1628ae78c78b395ed384da795beadc2d7d53fc6
d2265287d55a26ab4567ce6c297d74de9f5748b7140f8c37ce06852cf7a8ed93
d39b68c23f7523a8f45e32413d9f3fb503675a3c825a57efc6e0347154199cfc
d5ec48dda39ec1dad115aee68d1d6c3460ffc8c8697f01060d36750496a3192f
d9b0eae6f3267fff88ee70a8fdbd8f626f9f8705eb05fced528a550dea39bc16
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc3c4d74c88e5b9f761d9021373b7e7c2f2e9b51ae0b50d150426bf1c583d426
dcc84f55c05e29f6f1c909a9e9dee7b058a4998b261ec6b6a6184d9526d41214
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

lima-rils.format.com Open in urlscan Pro 104.18.132.62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

9 IPs

4 Countries

265 kBTransfer

875 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lima-rils.format.com Open in urlscan Pro
104.18.132.62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

265 kB
Transfer

875 kB
Size

1
Cookies

33 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!