urlscan.io logo urlscan.io
SecurityTrails logo

ambassadors.ribbonandink.com Open in urlscan Pro
75.101.134.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ambassadors.ribbonandink.com/
Effective URL: https://ambassadors.ribbonandink.com/
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 75.101.134.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ambassadors.ribbonandink.com.
TLS certificate: Issued by R10 on June 13th 2024. Valid for: 3 months.
This is the only time ambassadors.ribbonandink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 75.101.134.27 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.112.49 16509 (AMAZON-02)
1 18.213.144.148 14618 (AMAZON-AES)
2 172.67.75.33 13335 (CLOUDFLAR...)
1 2600:9000:275... 16509 (AMAZON-02)
1 2 54.163.202.42 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
13 18.244.18.116 16509 (AMAZON-02)
2 104.26.9.123 13335 (CLOUDFLAR...)
28 12
1    75.101.134.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-134-27.compute-1.amazonaws.com
ambassadors.ribbonandink.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    18.66.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-49.fra56.r.cloudfront.net
lib.showit.co
1    18.213.144.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-144-148.compute-1.amazonaws.com
19807.17hats.com
2    172.67.75.33 (United States)

ASN13335 (CLOUDFLARENET, US)
snapwidget.com
1    2600:9000:275b:ac00:c:cfd4:a580:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.loom.com
2    54.163.202.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-202-42.compute-1.amazonaws.com
19807.17hats.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    18.244.18.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-116.fra56.r.cloudfront.net
static.showit.co
2    104.26.9.123 (None, )

ASN13335 (CLOUDFLARENET, US)
snapwidget.com
Apex Domain
Subdomains		 Transfer
16 showit.co
lib.showit.co — Cisco Umbrella Rank: 87981
static.showit.co — Cisco Umbrella Rank: 75248
465 KB
4 snapwidget.com
snapwidget.com — Cisco Umbrella Rank: 50678
7 KB
3 17hats.com
19807.17hats.com
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
ajax.googleapis.com — Cisco Umbrella Rank: 457
32 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 loom.com
www.loom.com — Cisco Umbrella Rank: 17254
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
4 KB
1 ribbonandink.com
ambassadors.ribbonandink.com
13 KB
28 8
Domain Requested by
13 static.showit.co ambassadors.ribbonandink.com
4 snapwidget.com ambassadors.ribbonandink.com
3 19807.17hats.com 1 redirects ambassadors.ribbonandink.com
3 lib.showit.co ambassadors.ribbonandink.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.loom.com ambassadors.ribbonandink.com
1 ajax.googleapis.com ambassadors.ribbonandink.com
1 cdnjs.cloudflare.com ambassadors.ribbonandink.com
1 fonts.googleapis.com ambassadors.ribbonandink.com
1 ambassadors.ribbonandink.com
28 10
Subject Issuer Validity Valid
ambassadors.ribbonandink.com
R10		 2024-06-13 -
2024-09-11		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.showit.com
Amazon RSA 2048 M02		 2024-06-10 -
2025-07-09		 a year crt.sh
17hats.com
Amazon RSA 2048 M02		 2024-02-21 -
2025-03-21		 a year crt.sh
snapwidget.com
E1		 2024-05-14 -
2024-08-12		 3 months crt.sh
loom.com
Amazon RSA 2048 M02		 2024-01-28 -
2025-02-25		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ambassadors.ribbonandink.com/
Frame ID: C549C1E53E40DDE3DB1BEE0488FC71C3
Requests: 24 HTTP requests in this frame

Frame: https://www.loom.com/embed/d9d58fa5de104ac9aa2931b76fd7499b
Frame ID: B9935E62FCB57353BB62DBF75FB2A6B6
Requests: 1 HTTP requests in this frame

Frame: https://19807.17hats.com/p
Frame ID: AFEB3F4EED9B492FE43088D4DD598BC4
Requests: 1 HTTP requests in this frame

Frame: https://snapwidget.com/embed/308070
Frame ID: B861D90E201FE215EB0E0CA34BD9758C
Requests: 1 HTTP requests in this frame

Frame: https://snapwidget.com/embed/487286
Frame ID: 07EECC4B6038CB8549B6DA896B4760CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Template

Page URL History Show full URLs

  1. http://ambassadors.ribbonandink.com/ HTTP 307
    https://ambassadors.ribbonandink.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

10
Subdomains

12
IPs

3
Countries

558 kB
Transfer

824 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ambassadors.ribbonandink.com/ HTTP 307
    https://ambassadors.ribbonandink.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://19807.17hats.com/ruby/embed/lead/form/ggcxkzcvgnshrzssnvzdbtcdcrprcrtd HTTP 301
  • https://19807.17hats.com/p

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ambassadors.ribbonandink.com/
Redirect Chain
  • http://ambassadors.ribbonandink.com/
  • https://ambassadors.ribbonandink.com/
61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-134-27.compute-1.amazonaws.com
Software
/
Resource Hash
4c932d2bdd52c66f2b4983bd768f02dfd40a4e9dc322370318fced6f43cd2ff9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 02:19:33 GMT
etag
W/"6fcd5c2295e17b51941de0e26e36d6b8"
last-modified
Mon, 06 Nov 2023 23:26:42 GMT
vary
Accept-Encoding
x-showit
hosted

Redirect headers

Location
https://ambassadors.ribbonandink.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:regular
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f4524331f9e2499a7fdad77231f003f8d33d231406957335b9f1d3c368d785b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 02:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 02:19:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 02:19:34 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
519453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3203
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-d8e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2B5pOaqU4Wj5Wg6MybIyBCQX35BuFPShwG7%2BbdIdUOaaomj2wLsVLGCfUKZQ%2BBO%2FnXaQ8m5Tlz65S96Dhb8QWJl5Qzl%2FxmmgF4CjfraPCTJqslYch0VjUGxRUvURUmn1OWlFII%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896008f258cf35eb-FRA
expires
Mon, 09 Jun 2025 02:19:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 02:15:58 GMT
showit-lib.min.js
lib.showit.co/engine/2.0.1/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.1/showit-lib.min.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:21:19 GMT
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Jan 2023 22:46:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
3496
x-amz-server-side-encryption
AES256
etag
W/"964b2fb6bb83c92996a9d15472852402"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SISUCl1bM8yxvoK1IDFVk3nnzJ5kbV0BIoQJl9Qn3qIQ-vxdj5Zpmg==
showit.min.js
lib.showit.co/engine/2.0.1/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.1/showit.min.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d19e6661f7429f0c58da1a09b8628c7657a15b58f6bdefd1ea56a6027f45fa2a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 22:59:06 GMT
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Jan 2023 22:46:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
357673
x-amz-server-side-encryption
AES256
etag
W/"219223c2874d9b567b5aea698e5a6665"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DtmZYin3W7VLTOfK2BDYxVlZ91IlS4CWW6CWoGJQF-m3V-9K-wRBxA==
showit.css
lib.showit.co/engine/2.0.1/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.1/showit.css
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 23:33:57 GMT
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Jan 2023 22:46:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
96341
x-amz-server-side-encryption
AES256
etag
W/"8e74b817a46d3ed438a34b919f7bd280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
J0-BWhCgcBnV9ncKFtvcqqcP3UZzww13_KrxC-yBxK4jp4_peW2Uvg==
iframeSizer.min.js
19807.17hats.com/vendor/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://19807.17hats.com/vendor/iframeSizer.min.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.144.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-144-148.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a3f9170cdf8de37c23388bf266bde0cadf2fec7c80c843b2bd4f68518cc8627c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-length
3036
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Jun 2024 22:23:52 GMT
server
nginx
etag
"667208f8-bdc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
permissions-policy
fullscreen=(self)
accept-ranges
bytes
expires
Fri, 19 Jul 2024 02:19:35 GMT
snapwidget.js
snapwidget.com/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snapwidget.com/js/snapwidget.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:19:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96910
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 11 Jun 2024 10:50:39 GMT
server
cloudflare
etag
W/"66682bff-560f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w77ORMqhjzKEr%2FKR9OgLZRe3FSaOAjRANZ9yepY3ByvmYukK09MJLdN85%2ByBqUTGeOVDKODKVz6j5SYvkpKZF6HdA3FfnwN4nopiE1HaRmCJmEfTgTVHXltkroflHLpA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
896008f6ae2c9746-FRA
d9d58fa5de104ac9aa2931b76fd7499b
www.loom.com/embed/ Frame B993 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.loom.com/embed/d9d58fa5de104ac9aa2931b76fd7499b
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ac00:c:cfd4:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ambassadors.ribbonandink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-security-policy-report-only
default-src 'self' blob: ; script-src 'nonce-abBQx3kr/caj7G6YtPzvX+v9WHhUVPAdSGmk5T0b3sCf46V5' 'self' 'unsafe-eval' 'unsafe-inline' blob: https://bat.bing.com/ https://*.mutinycdn.com https://cdn.segment.com/ https://api.segment.io https://cdn.sprig.com https://connect.facebook.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hs-scripts.com https://js.hsadspixel.net https://js.hubspot.com/web-interactives-embed.js https://js.stripe.com/ https://connect-js.stripe.com https://loomlocal.com https://www.clarity.ms https://accounts.google.com/gsi/client www.google-analytics.com https://www.google.com/recaptcha/ https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404329547/ https://*.loom.com/ https://www.googletagmanager.com https://analytics.tiktok.com/i18n/ https://a.quora.com/ https://snap.licdn.com/li.lms-analytics/ https://www.redditstatic.com/ads/ https://static.ads-twitter.com/ https://edge.fullstory.com https://rs.fullstory.com https://static.cohere.so ; style-src 'unsafe-inline' https://cdn.loom.com https://releases.transloadit.com/uppy/ https://accounts.google.com/gsi/style https://loomlocal.com:* ; img-src 'self' blob: data: chrome-extension: https://*.bing.com https://*.clarity.ms https://*.gstatic.com https://*.mutinycdn.com https://analytics.google.com https://s2.googleusercontent.com https://stats.g.doubleclick.net www.googletagmanager.com https://cdn.sanity.io/images/ https://perf-na1.hsforms.com https://px.ads.linkedin.com https://track.hubspot.com https://www.facebook.com https://www.google-analytics.com https://www.google.com/pagead/ https://www.googletagmanager.com https://analytics.tiktok.com/api/ https://analytics.twitter.com/ https://alb.reddit.com/ https://q.quora.com/_/ad/ https://t.co https://*.loom.com https://rs.fullstory.com ; font-src 'self' data: chrome-extension: https://cdn.loom.com https://fonts.gstatic.com https://use.typekit.net ; base-uri 'self' ; connect-src 'self' data: https://bat.bing.com https://*.clarity.ms https://*.mutinyhq.com https://*.mutinyhq.io https://*.mutinycdn.com https://analytics.google.com https://accounts.google.com/gsi/ *.google-analytics.com www.googletagmanager.com https://stats.g.doubleclick.net https://region1.analytics.google.com/ https://api.segment.io https://cdn.segment.com https://*.cohere.so wss://*.cohere.so https://api.sprig.com https://cdn.sprig.com https://connect.facebook.net https://api.hubapi.com https://cta-service-cms2.hubspot.com https://js.hs-banner.com https://js.hubspot.com/web-interactives-embed.js https://browser-http-intake.logs.datadoghq.com/ https://logs.browser-intake-datadoghq.com/api/ https://rum.browser-intake-datadoghq.com/api/ https://loom-media-production.s3.us-west-2.amazonaws.com/uploads/ https://s3.us-west-2.amazonaws.com/loom-media-production/sessions/ https://loomlocal.com:* https://m.stripe.com https://o398470.ingest.sentry.io https://px.ads.linkedin.com https://*.loom.com wss://www.loom.com https://analytics.tiktok.com/ https://www.redditstatic.com/ads/ https://edge.fullstory.com https://rs.fullstory.com ; media-src 'self' blob: data: https://*.loom.com/ https://cdn.sanity.io ; object-src 'none' ; frame-src 'self' https://js.stripe.com https://www.loom.com https://accounts.google.com/gsi/ https://www.google.com/ https://td.doubleclick.net ; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub18c86b072f3b6cefdae2b56c8b60db94&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Acsp%2Cenv%3Aproduction
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 02:19:35 GMT
etag
W/"2414-oxUnFPylvMHkp6nqEQHBt+WTGjo"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-id
Q-fmJ8-5CcUCzh0yUQinwFRV0TWvdL6W6dt_0e5FqhPwDiLcDLA8Vw==
x-amz-cf-pop
FRA60-P7
x-cache
Error from cloudfront
x-cdn
cloudfront
x-content-type-options
nosniff
p
19807.17hats.com/ Frame AFEB
Redirect Chain
  • https://19807.17hats.com/ruby/embed/lead/form/ggcxkzcvgnshrzssnvzdbtcdcrprcrtd
  • https://19807.17hats.com/p
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://19807.17hats.com/p
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.202.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-202-42.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ambassadors.ribbonandink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache
content-encoding
gzip
content-length
2331
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-type
text/html
date
Wed, 19 Jun 2024 02:19:35 GMT
etag
"667208f8-91b"
expires
Thu, 01 Jan 1970 00:00:01 GMT
last-modified
Tue, 18 Jun 2024 22:23:52 GMT
permissions-policy
fullscreen=(self)
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
no-cache
content-length
162
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-type
text/html
date
Wed, 19 Jun 2024 02:19:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://19807.17hats.com/p#/embed/ggcxkzcvgnshrzssnvzdbtcdcrprcrtd
permissions-policy
fullscreen=(self)
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ambassadors.ribbonandink.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:43:51 GMT
x-content-type-options
nosniff
age
41743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:43:51 GMT
playfairdisplay-italic-webfont.woff
static.showit.co/file/323iIHZzT1SYNziRGTMxpg/52578/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://static.showit.co/file/323iIHZzT1SYNziRGTMxpg/52578/playfairdisplay-italic-webfont.woff
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Origin
https://ambassadors.ribbonandink.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P11
x-cache
Error from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ambassadors.ribbonandink.com
content-length
30
media-server
node
x-amz-cf-id
fL24N-YsLm4nv7BYmx-5eSATkx80oh72SqoMDrPaM57BupB8Yj45eg==
sundays_3-webfont.woff
static.showit.co/file/BRhjZhWjTt-MfaNtwg8GQQ/52578/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.showit.co/file/BRhjZhWjTt-MfaNtwg8GQQ/52578/sundays_3-webfont.woff
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
babf19be7611dc77c0716bd0536e5ea1bdc97e5dbaa3718709b7751b00117000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Origin
https://ambassadors.ribbonandink.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
last-modified
Wed, 14 Aug 2019 18:21:03 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
f877590739f9e2e33ec07c0063b88b72
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-id
hFXnw1-L0YLygc7P9CgSLp2mzZ4FBi9mgXGTs0li92XyyHiVQHYRTQ==
content-length
19840
media-server
node
sebastian_bobby-webfont.woff
static.showit.co/file/gMcOW97kSJOeAd2aAnXSbA/52578/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.showit.co/file/gMcOW97kSJOeAd2aAnXSbA/52578/sebastian_bobby-webfont.woff
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9fb22754d8f33096c22b0315601892b378f8e3fcffd8aa14f666675476e63c26

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Origin
https://ambassadors.ribbonandink.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
last-modified
Sun, 26 May 2019 19:53:17 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
cca4e686c47328cfe1bd9261e48820d0
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-id
H2FAW4qslyFeQG1_VhkkdLh8AjHZ54SlCipnN0qmy9-QHn8Wg8bjiQ==
content-length
55176
media-server
node
308070
snapwidget.com/embed/ Frame B861 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://snapwidget.com/embed/308070
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ambassadors.ribbonandink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
896008fb0c272c4a-FRA
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 02:19:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F426O%2BjLtAIWVVW4Rlht4Hr8t3ipNqa8NUkWfM2tGgkVs6eJLnctOI8VokFUduGpMdBDNQhOoFitpuITTr69zb9X3mCjC7fgT7BkyxGSKWSs0NUUS%2FJU7sA2cmfHm9t%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-robots-tag
all
snapwidget.js
snapwidget.com/js/ 		22 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://snapwidget.com/js/snapwidget.js
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96910
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 11 Jun 2024 10:50:39 GMT
server
cloudflare
etag
W/"66682bff-560f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w77ORMqhjzKEr%2FKR9OgLZRe3FSaOAjRANZ9yepY3ByvmYukK09MJLdN85%2ByBqUTGeOVDKODKVz6j5SYvkpKZF6HdA3FfnwN4nopiE1HaRmCJmEfTgTVHXltkroflHLpA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
896008f6ae2c9746-FRA
487286
snapwidget.com/embed/ Frame 07EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://snapwidget.com/embed/487286
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ambassadors.ribbonandink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
896008fb0c252c4a-FRA
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 02:19:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8ArpHQUAJP3SbiIKEJk%2FDP8NiFEQ8yWsGnAuS1O%2BlcXKAAGEbP983GS6MrWMvHCcnB6TLduyhhCMypiTqHseyvUFI%2FrrObMLF2EYJMgz3imdN3PcKCLJXU1U08FXhU%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-robots-tag
all
katie_durski_creative_branding_portraits_jenna_shriver_photography-086.jpg
static.showit.co/1600/MxjKw37qR-qvqrFFNlywTA/52578/ 		146 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/1600/MxjKw37qR-qvqrFFNlywTA/52578/katie_durski_creative_branding_portraits_jenna_shriver_photography-086.jpg
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
823098ab09964147d36e33229070680851836e4c1f7dd9d51a4cb34a6420dd34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 16:49:24 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
a13229c273ed4330f986682279eb58bb
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
x-amz-cf-id
dyH9dvR6rsbWGkNeuE1O6cli86QZLb5xgpmLp-u5RlkTQjSsQc9LKg==
content-length
149977
media-server
node
ri-logo-2020.png
static.showit.co/400/2Iz5BjtJRwe_6ql954jhmg/52578/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/400/2Iz5BjtJRwe_6ql954jhmg/52578/ri-logo-2020.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8696d3ac5f17a1052e5a4d30ddd48d997330fc2b4e70f81d7bbda26961fca701

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Sat, 17 Oct 2020 12:48:39 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
9154cdcccea6d604ce93e0508c88049a
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
huAuQKtNDwLUe-Oeu5ayOLDECKweUDffoO-qEqfDqZvylwrFIja-eQ==
content-length
19653
media-server
node
screen_shot_2021-02-10_at_8_39_45_pm.png
static.showit.co/200/46_M-JSUTlmgzkCKeFid4w/52578/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/200/46_M-JSUTlmgzkCKeFid4w/52578/screen_shot_2021-02-10_at_8_39_45_pm.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4c7609366303d69626550be8b8bd0deca2cbc34482fcec56b4a7f91e0958f413

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 01:40:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
051bf6ad4185de29b6fbe6a5961bb61e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
OzTaH9gx56TRipnevEYMmm2y3LMYsEiJ_c1QSLwHBp2eW3JxitifhA==
content-length
54206
media-server
node
button-wide-v02.jpg
static.showit.co/400/IC6mOxGySue92rZTkbrHmQ/52578/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/400/IC6mOxGySue92rZTkbrHmQ/52578/button-wide-v02.jpg
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
af087873f81ba5fd1bee441ebb4dc5c398db789e36e4ff78a10da270fce8498f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Sat, 17 Oct 2020 19:15:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
7c5cd66fd9dfd1c51689c171bfa8a1b5
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
x-amz-cf-id
3Z9qDvU--SeAdWDstouidWf5GvQtaYJ-8WLyVjuNQV7ScjK9X6L7aw==
content-length
15266
media-server
node
katie_durski_creative_branding_portraits_jenna_shriver_photography-036.jpg
static.showit.co/800/BQz7EH6dRcGpZgkBNjszTw/52578/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/800/BQz7EH6dRcGpZgkBNjszTw/52578/katie_durski_creative_branding_portraits_jenna_shriver_photography-036.jpg
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6e0928dbd8ede6fc54cb05efcab786440175ca1db4a8464a2ae5cc88be72fb41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 01:41:00 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
603224dc918123d3dc31083159ac7847
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
x-amz-cf-id
t-oUd0Ueju0St5JCaapT8b53eLy5rRTiahQAPCQ5iMV4jpSeH-wVTw==
content-length
71531
media-server
node
designpartner_whitetrans_lg_copy.png
static.showit.co/200/ppgDQu6HQde-emVofORU4g/52578/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/200/ppgDQu6HQde-emVofORU4g/52578/designpartner_whitetrans_lg_copy.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ac236eba3724c9353831614a6e3baafdaed21fd989ac56f63478401446236beb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 23:23:34 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
09b792c824c5c30f7db3ca1cd669fc13
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
w6aBQ6QxxyqLtVY7ie_GYDTMLC2TzZNOz0mEPajEPGUI2wa-hXdZvQ==
content-length
14484
media-server
node
rising.png
static.showit.co/200/xwIm8xMwROKdJrNxyUjr9g/52578/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/200/xwIm8xMwROKdJrNxyUjr9g/52578/rising.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7d9d22574149752acdb3d3ad5a878d066fea08f31977018077bfa9bcbd5d1ffb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 23:23:34 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
5baea6ebb65cf3562862d4db9b6479eb
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
jRHbWSWUVXwrJ-epA0UuhOnOYgkr9PV3Gbviq-R5fJZsEnF0GtU0Hg==
content-length
11334
media-server
node
1002583_313366772137893_1607538567_n_copy.png
static.showit.co/200/zWgUcb_lTZavzZj_FAFnew/52578/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/200/zWgUcb_lTZavzZj_FAFnew/52578/1002583_313366772137893_1607538567_n_copy.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b2eb3803dda891ea10d83959d26a5c8d9ac7497f05e875f9c337e46291b31ee0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 23:23:34 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
1643aabc143df5e7bd13c72816544f8b
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
5HBMXW1D5E-nOc27aTAM7BHT4EWWC-c9HNExz-QedwbXmOj3khkTEA==
content-length
5057
media-server
node
showit-logo-square.png
static.showit.co/200/Stqw9sY3SZ2h7klR6exocw/52578/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/200/Stqw9sY3SZ2h7klR6exocw/52578/showit-logo-square.png
Requested by
Host: ambassadors.ribbonandink.com
URL: https://ambassadors.ribbonandink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
95c9ea53ae9665c098cd6e1ecc9dc9a5c65a857e91663c3a29334f3e045cbaf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Jun 2025 02:19:35 GMT
date
Wed, 19 Jun 2024 02:19:35 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Tue, 13 Aug 2019 01:38:16 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
etag
8b0f25f22995de34b602c91998c69087
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
LZvIehm5axei1JyJtSPlCyGUKVhyQsRtAQu94DQrzvGJ6JDhZYyuTg==
content-length
6085
media-server
node
ampersand.png
static.showit.co/200/p20529bnSeqywq-pAawQCg/52578/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.showit.co/200/p20529bnSeqywq-pAawQCg/52578/ampersand.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fc9ca291999d17725e0695f7372092f9c307e44738c7f9d7ba9d1e8179208938

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ambassadors.ribbonandink.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 14:57:16 GMT
date
Tue, 18 Jun 2024 14:57:16 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified
Sat, 02 Feb 2019 02:54:03 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
age
40945
etag
d141958977b955c8d0006b0d03edd81c
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
x-amz-cf-id
m_3p_2KaAsMclUiCyF5ptM2H6v2lpxBC9H6i4vg6vBlfcsHdTGX73A==
content-length
8675
media-server
node

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| device function| Waypoint function| lazyload function| showit-lib object| showit function| initPage function| iFrameResize object| S5

7 Cookies

Domain/Path Name / Value
.loom.com/ Name: loom_anon_comment
Value: 448d1d1024604ef9921cc9e0c9d5540d
.loom.com/ Name: ajs_anonymous_id
Value: %22e22e551b-af53-4089-9f38-c191fe74347d%22
.www.loom.com/ Name: loom_referral_video
Value: d9d58fa5de104ac9aa2931b76fd7499b
.paypal.com/ Name: ts
Value: vreXpYrS%3D1813371579%26vteXpYrS%3D1718765379%26vr%3D2e4aea461900a57875a1f623fbcfd1bb%26vt%3D2e4aea461900a57875a1f623fbcfd1ba
.paypal.com/ Name: ts_c
Value: vr%3D2e4aea461900a57875a1f623fbcfd1bb%26vt%3D2e4aea461900a57875a1f623fbcfd1ba
19807.17hats.com/ Name: AWSALBCORS
Value: o9paD29lTDOCS8gBQHGDHOYpnoLGWQFYdKvjfvd8hHQgM7MOVnnXN5K/0v2NwX7PavYoyWr54wwZ/wWE+oFXXQ36FucBGGPKlwAB7I1awhPejady+yTibzyrDCDw
m.stripe.com/ Name: m
Value: 6b553d51-a2df-4613-9270-7e60405b85e11cdf78

1 Console Messages

Source Level URL
Text
network error URL: https://static.showit.co/file/323iIHZzT1SYNziRGTMxpg/52578/playfairdisplay-italic-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19807.17hats.com
ajax.googleapis.com
ambassadors.ribbonandink.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lib.showit.co
snapwidget.com
static.showit.co
www.loom.com
104.17.25.14
104.26.9.123
172.67.75.33
18.213.144.148
18.244.18.116
18.66.112.49
2600:9000:275b:ac00:c:cfd4:a580:93a1
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::200a
54.163.202.42
75.101.134.27
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
4c7609366303d69626550be8b8bd0deca2cbc34482fcec56b4a7f91e0958f413
4c932d2bdd52c66f2b4983bd768f02dfd40a4e9dc322370318fced6f43cd2ff9
6e0928dbd8ede6fc54cb05efcab786440175ca1db4a8464a2ae5cc88be72fb41
7d9d22574149752acdb3d3ad5a878d066fea08f31977018077bfa9bcbd5d1ffb
7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f
823098ab09964147d36e33229070680851836e4c1f7dd9d51a4cb34a6420dd34
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
8696d3ac5f17a1052e5a4d30ddd48d997330fc2b4e70f81d7bbda26961fca701
95c9ea53ae9665c098cd6e1ecc9dc9a5c65a857e91663c3a29334f3e045cbaf5
9f4524331f9e2499a7fdad77231f003f8d33d231406957335b9f1d3c368d785b
9fb22754d8f33096c22b0315601892b378f8e3fcffd8aa14f666675476e63c26
a3f9170cdf8de37c23388bf266bde0cadf2fec7c80c843b2bd4f68518cc8627c
ac236eba3724c9353831614a6e3baafdaed21fd989ac56f63478401446236beb
af087873f81ba5fd1bee441ebb4dc5c398db789e36e4ff78a10da270fce8498f
b2eb3803dda891ea10d83959d26a5c8d9ac7497f05e875f9c337e46291b31ee0
babf19be7611dc77c0716bd0536e5ea1bdc97e5dbaa3718709b7751b00117000
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
d19e6661f7429f0c58da1a09b8628c7657a15b58f6bdefd1ea56a6027f45fa2a
f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc9ca291999d17725e0695f7372092f9c307e44738c7f9d7ba9d1e8179208938