ampl.ink Open in urlscan Pro
2606:4700:3036::ac43:c75a  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MM0Dp Show response ampl.ink/	13 KB 6 KB	299ms 263ms	Document text/html	2606:4700:3036::ac43:c75a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c75a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 070a94ce5c6b8eecf18a13a100a531f6568d5413961a6584378284a78acb7060 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgZNQDxFQFpoGti9Cb3HI6J0HGxsc90zbmAN9n4oSpq0M9HI1Q34ub7mBHYQfEIUAUxc9vUaJJXl7oTHoI%2FAW%2FGz3fDEbFMlnYPMixz05WgMVfNsx19nZu9ajjaiSkUq2ewXaQA7uQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b2935213d6a05dc-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	standard.css amp-cdn.net/css/templates/bio/	9 KB 3 KB	177ms 99ms	Stylesheet text/css	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amp-cdn.net/css/templates/bio/standard.css?id=bb0aa823f11ba0b186b1 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef74fd98c3bae8ea02c22140e667be2d8958023551f61632278adb4bffc61ee2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 29 Oct 2021 09:03:11 GMT server cloudflare x-amz-request-id F7YNH6068CX8SEK9 etag W/"bb0aa823f11ba0b186b1b63d6ec0a5f3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRqo%2FkRAPKlfC9%2FzG2jouonDy37D5ag9b4L%2Bbd9vY39E%2B1C4CywueotKrxRBVXGyxRzR5aHZeRfbo8aqCzgDUTLhoBwm7cZ%2FJeHiXZTyL36YiJKVyXJpRBscGuWTmF0jwzasojxLuR0V"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b293523dfb16949-FRA x-amz-id-2 najZM24DlhlW+6uzLdf91ZJBXisE+H43qN9WFTQt/IjO/BTuy8kJ11PDOGqG2B7V+V5+L1Czn1o=
GET H2	200	css2 fonts.googleapis.com/	371 B 801 B	83ms 26ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rock+Salt Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7a0ba8152bad507ab2dd1c97a61963d3ab2bbdf2a5a31c114894b097e763b726 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 23 Nov 2021 09:00:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 23 Nov 2021 09:00:30 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 23 Nov 2021 09:00:30 GMT
GET H2	200	rw.js Show response r.wdfl.co/	15 KB 5 KB	127ms 9ms	Script application/javascript	2600:9000:225e:7400:1b:348c:b140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.wdfl.co/rw.js Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0143ac8f286390c5145f0097712cfa87353bd129b389e31db8ec32f2f6ebeb19 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:18:44 GMT content-encoding gzip last-modified Thu, 18 Nov 2021 23:25:17 GMT server AmazonS3 age 2507 etag W/"84fd6846d5b010a8643a245fcde6debe" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 da78abc509aafffb42eec33ca2dc60d5.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA60-P4 x-amz-cf-id ccj57XnGUZq85lT9ktkU1RQxT2PPwAQKnT4xJye-BKVHcjRgVe6iCw==
GET H2	200	4328009ea2b653d61d0f4973a00a384c53772dc3191578 amp-cdn.net/images/	19 KB 20 KB	187ms 185ms	Image image/jpeg	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amp-cdn.net/images/4328009ea2b653d61d0f4973a00a384c53772dc3191578 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb3784a2b71c456b4e4bf00989fd40f7aad442d5c0a9099c9b9d68bed34108e7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:31 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Q0DR4KK7EAJBD3GT content-length 19691 x-amz-id-2 l8YxppoJ+eUjBuIwu9k9nxovZl36jKEA3Wpq23S1MW4EDjGwesbMuwdrNn96tCknx5WRTyzlVY4= last-modified Tue, 26 Oct 2021 05:00:44 GMT server cloudflare etag "7c552d270e6ec53d2847024f5ad00573" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2dHT7BJtK%2FtnJaJ0Ja%2FQ80duSlWFTx35AhSTSiklloM0dsxIOBuiOiNO17lxqu0KKAjx534YF%2F3hseqfQFuyp7VP5%2BtqnvTTYy%2FUMRsS67CsplHL6o9MdBHbeIQvp9BiurcxDCLigu5"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 6b293524ea906949-FRA expires Wed, 27 Oct 2021 05:00:40 GMT
GET H2	200	facebook-light.svg amp-cdn.net/assets/logos/	341 B 656 B	20ms 18ms	Image image/svg+xml	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amp-cdn.net/assets/logos/facebook-light.svg Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c913b3507331aa2a868780c828567e2264f711c25ab5b4f0de7dc86488ee6e83 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6529 x-amz-request-id X1FQRHA0G9BHZQP2 x-amz-id-2 2idLlAUkAzF2xxFFK9yigp8Q+J/3pFiflm1T/w4tw+dJkwQHBCQNFao6hKeDdK12LqYbbLGojnw= last-modified Thu, 28 Oct 2021 08:42:41 GMT server cloudflare etag W/"07e6d6363a866f93674956857b6efe35" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiIaoBv%2BiFZyimTZFsXLD03S9JlsxEV%2FcOCbYQulfaRIR3PZozMB12moEQAdF1XLKKeY6pEWCTI3llgofQw3ApH6jCNqgNBKyQKEju0m7Hxf7zp8TwzeO%2BV66%2FbA5t6dPHeWMPbL5X8s"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 6b293524ea976949-FRA
GET H2	200	instagram-light.svg amp-cdn.net/assets/logos/	1 KB 1015 B	20ms 19ms	Image image/svg+xml	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amp-cdn.net/assets/logos/instagram-light.svg Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1484f9825ed3bb1eae8a3228a7d7bbe958ed1bbb53a3b7b869c9d59f967be90a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249 x-amz-request-id 5HJ0XPXXK45H6GYY x-amz-id-2 NRtfNKJP3BNFR45U9ND4wbwy3tta1bYRYM5y42bCbdZsLFM5aISZizCIyqhJdLMnyrwdtgw7DYA= last-modified Tue, 27 Apr 2021 10:18:04 GMT server cloudflare etag W/"925f1319fdc75e97179598d978b018cd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH%2BnDjdhqVZmijzELrwcEJ%2F7MbsMImwj6B%2BWyykfP%2B64pe6h2gTF1csaVWHYB28cHjxafvjZTiPqlOxxZXbtDFyxaF7FBMn0hFNncAG94lBUVAwys5BvfNrkjVD%2FSa4%2BsobiaMIgVO%2Bj"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 6b293524ea9b6949-FRA
GET H2	200	tiktok-light.svg amp-cdn.net/assets/logos/	376 B 655 B	32ms 30ms	Image image/svg+xml	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amp-cdn.net/assets/logos/tiktok-light.svg Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a678dff6b50f1da027ff4c0c4eee96b7e8ea00e9b9e1f28d5bbe6a32177b075 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6460 x-amz-request-id MAN4DKEJHH6MSXT8 x-amz-id-2 Zq5DM16tz5JEWlMRMVWhxeGyxyoTa7oYxCK1X2oVIDTV8cF1jflIpdeQwdDlor/ssjJyQjwPCNA= last-modified Thu, 09 Sep 2021 11:30:30 GMT server cloudflare etag W/"f19542e9d1f5766c16b59dafeda34233" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFT3XIR5p09cVvyqd0xKr1nbAf3AG1qdu1gqgOoukxCJep0UravLfF3QCUlhK3UfaIGk5o4BmqkRJv%2FOPV5VDky%2F2%2BlITpEomLQ2T13iIFM5a6QQqvYEHLcHFXZC82c%2B4LPqPcsZDKyA"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 6b293524ea9f6949-FRA
GET H2	200	notification.js Show response amp-cdn.net/js/templates/	742 B 1 KB	44ms 8ms	Script application/javascript	2606:4700:20::681a:d17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amp-cdn.net/js/templates/notification.js?id=1b720b95ee2d0d327163 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e314b90a1f49f56cc5c30494df99345bbf361d4a45bd095a3b42ccaa4ba2df8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7035 x-amz-request-id BZYG6S29M040P2FY x-amz-id-2 rptvvbJMnercSmdmcLXorlDej9aop9grD2EblQY6221pPlR5zKr2WAXLUnfLjdVj46j5hySx19k= last-modified Mon, 23 Aug 2021 14:35:32 GMT server cloudflare etag W/"1b720b95ee2d0d327163c15e85e2eb13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg7LbP7WW00uCunpWJUO7saMCauquiV3f2zBzzLlvTWeukC1jUt6lkY%2BwbBYvBs5rvHOsi6cGhcJJYexZm7glfnvNRZv6%2BcFC6Hf3HIH6Jo9zxUKEl6VK62JzaUrgkTeEaf7NGHbr4VY"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 6b29352438ad6949-FRA
GET		912335de4bca92e3b6bce133d333057e.js cdn.cookie-script.com/s/	0 0
GET H2	200	133044X1595725.skimlinks.js Show response s.skimresources.com/js/	49 KB 19 KB	134ms 33ms	Script application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://s.skimresources.com/js/133044X1595725.skimlinks.js Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 93497b7e240354544b84ce6248a9e1900e2fb0b8030e2b2b9ed9acae6d795c3a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:30 GMT content-encoding gzip last-modified Mon, 01 Nov 2021 09:27:42 GMT server AmazonS3 x-amz-request-id W6PG7ZHA5FX4QV0V etag "346f71357a74d0ad453e452e06cf17a0" x-hw 1637658030.cds031.ml1.hn,1637658030.cds212.ml1.c content-type application/octet-stream cache-control max-age=3600 accept-ranges bytes content-length 18775 x-amz-id-2 gOBxm9KaNmSeMHzdPeGJ9ywm+HoonqhZpdjXOWHNUpfYpuUgpVmxUJ0lnFqO6cZdo6p5DXRv42w=
GET H2	200	css2 fonts.googleapis.com/	7 KB 735 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap Requested by Host: amp-cdn.net URL: https://amp-cdn.net/css/templates/bio/standard.css?id=bb0aa823f11ba0b186b1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 356744ef2c5f7b7c49d6908d5857ab072e87ced6c8aa0a4ec79d6fa6c719a890 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://amp-cdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 23 Nov 2021 07:05:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 23 Nov 2021 09:00:30 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 23 Nov 2021 09:00:30 GMT
GET H3	200	MM0Dp ampl.ink/	13 KB 13 KB	207ms 188ms	Image text/html	2606:4700:3036::ac43:c75a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ampl.ink/MM0Dp Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c75a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/MM0Dp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:31 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBY6s3ReYBfDzvOeFmdjfEXQk328N6y2O0ev9dZxBcnq7eYe6GgaP%2BjnHoO5vAhLQ%2FobeVJuFq%2B8E3uCD%2F2ImWRH%2BNKF1IcENhP1a3Y1hgXuYpk99LluA1%2F2QNG44dfrg29t%2F6wU0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-cache, private cf-ray 6b29352558204a5c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	MwQ0bhv11fWD6QsAVOZrt0M6.woff2 fonts.gstatic.com/s/rocksalt/v11/	57 KB 57 KB	74ms 13ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rocksalt/v11/MwQ0bhv11fWD6QsAVOZrt0M6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Rock+Salt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4bf535841a8802813b460c5d34fd515f62628a933ff140251e3023ad781b94fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ampl.ink Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:20:57 GMT x-content-type-options nosniff age 574773 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 58620 x-xss-protection 0 last-modified Tue, 01 Sep 2020 04:54:16 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 16 Nov 2022 17:20:57 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	102ms 41ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ampl.ink Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 07:59:11 GMT x-content-type-options nosniff age 3679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 07:59:11 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	69ms 9ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ampl.ink Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 21:15:27 GMT x-content-type-options nosniff age 42303 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19868 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:31 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 22 Nov 2022 21:15:27 GMT
POST H2	200	/ Show response r.skimresources.com/api/	150 B 336 B	65ms 17ms	XHR application/json	35.190.59.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.skimresources.com/api/ Requested by Host: s.skimresources.com URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.59.190.35.bc.googleusercontent.com Software openresty/1.11.2.5 / Resource Hash 69092ab4aa753f508fd34565ac75a6e664e3f82772abd6c8fcd8e819cbc92187 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://ampl.ink/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 23 Nov 2021 09:00:31 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.11.2.5 strict-transport-security max-age=31536000 content-type application/json access-control-allow-origin https://ampl.ink vary Accept-Encoding access-control-allow-credentials true alt-svc clear via 1.1 google
GET H2	206	robots.txt t.skimresources.com/api/v2/ Frame 1308	0 102 B	65ms 18ms	Image text/plain	35.201.67.47 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8657186354260675 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 47.67.201.35.bc.googleusercontent.com Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:31 GMT via 1.1 google server Python/3.7 aiohttp/3.5.4 alt-svc clear content-length 0 content-type text/plain charset=UTF-8
GET H2	200	px.gif p.skimresources.com/	43 B 244 B	102ms 34ms	Image image/gif	35.190.91.160 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://p.skimresources.com/px.gif?ch=1&rn=4.17238033476555 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 160.91.190.35.bc.googleusercontent.com Software Skimlinks Pixel 1.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:31 GMT via 1.1 google server Skimlinks Pixel 1.0 p3p policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" alt-svc clear content-length 43 content-type image/gif
GET H2	200	px.gif p.skimresources.com/	43 B 102 B	110ms 41ms	Image image/gif	35.190.91.160 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://p.skimresources.com/px.gif?ch=2&rn=4.17238033476555 Requested by Host: ampl.ink URL: https://ampl.ink/MM0Dp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 160.91.190.35.bc.googleusercontent.com Software Skimlinks Pixel 1.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ampl.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 09:00:31 GMT via 1.1 google server Skimlinks Pixel 1.0 p3p policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" alt-svc clear content-length 43 content-type image/gif
POST H2	200	page Show response t.skimresources.com/api/v2/	22 B 335 B	50ms 24ms	XHR application/javascript	35.201.67.47 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://t.skimresources.com/api/v2/page Requested by Host: s.skimresources.com URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 47.67.201.35.bc.googleusercontent.com Software Python/3.7 aiohttp/3.5.4 / Resource Hash fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ampl.ink/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type text/plain Response headers pragma no-cache date Tue, 23 Nov 2021 09:00:31 GMT via 1.1 google x-content-type-options nosniff server Python/3.7 aiohttp/3.5.4 access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8, application/javascript access-control-allow-origin https://ampl.ink cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 22

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn.cookie-script.com

URL

https://cdn.cookie-script.com/s/912335de4bca92e3b6bce133d333057e.js

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| csrfToken object| dataLayer string| _rwq function| rewardful object| callbacks function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI boolean| _rewardful_loaded function| Rewardful

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ampl.ink/	1970-01-19 22:54:25	Name: gtkJDkC8ZnufmReACiPkulI82F2Le5vPjgmTo73F Value: eyJpdiI6ImdHdmpaUUhNRFcwYkFyZkhRSys3eUE9PSIsInZhbHVlIjoiS3UyMzB2d2JMQVVhancwNk5sRjhOYXA4Zlc0SUh1Y1F6dmV1bklsNzY4UXFQQms5R0phYTJpRzVZdmZaeDlUU0NYZlFyQ2YveC9KSXlEV1B4eTEyR2FTbjJNdXdzM1ZEZnF0SGlhU2V5bFpmcFdmZ2NsQ1JXMGtTa3pwaFBnb2lJbTFjZHl2ODd0NGhDLzRndDhlY3g0c2tyNkkwaktKdVdpcDdqdUFRWkhUT0lreisrcUJhZU1XREZoVzQvNWFna3J0cHlpMmk3d0RITEdFckJkU1VodjBLc0tLdWJmd3NWWElQdHFzeG9MT0s3YzBsaEswYmZlbmxvR1VCK1NjSUJqRnpWM3ZKNEttUmR0RFVEQkFqbDdUQ1pmREdtMEVaRmFyWXM2OUVWSTBjVWdscUlxRDBTU3FEbjd5NkdlTVVlK2p5cWdSZlc4YXZvcll5UzM0WitaLzh0cTVTRWhvS0Jvdmk4VG96RTkwRlJwQzhPcWtXT1lJa05HUmpXajNFIiwibWFjIjoiMjA5ZmFkMTBiYjljNTI2OTMxNWE0MjI2Y2UxM2Y5MDVmNDY3MTI5OWNhMDM3NjZhYjFiYTdlYWZkYTAxYjFlYyIsInRhZyI6IiJ9
			ampl.ink/	1970-01-19 22:54:25	Name: amplify_session Value: eyJpdiI6IjF4TXJRV2JzbTJMN2RzcVFwNHZzMHc9PSIsInZhbHVlIjoia2Rwdmo5ZmQ0dVd1QTdrenFVaGg3OXc4WHk2WmhtZVBtQno4NUFpQ3dML0I5VUJySkhtOVMzdWNWcHNZMnAxRGUyczlhczdDYms3R0srOGhPUGRtN0xOZzkyRDRFRksyQ3lyOSttK1RBcWFZOU1KUHBkL0MzZmtiRkV1YzBES0UiLCJtYWMiOiJiMmM0YmZjMTg3YmZhZjhkNGRhZmQxMzhjNTYwZGU0Nzg1ZjUyODhmMGQ5YjFhZDk3NWU5ZmIwZDYxYzNjNThkIiwidGFnIjoiIn0%3D
			ampl.ink/	1970-01-19 22:54:25	Name: XSRF-TOKEN Value: eyJpdiI6InMvR2tsd2RQMjAxSTI4bEIrTWlFRHc9PSIsInZhbHVlIjoiYmtBVnZXcTZHWEZQblhCZ2NueERhc1VDQ1lPY3FPS3RGQjJrU3pkQSs1NVVrQzdaQTU3VjVaUGQzbjh1SjN0WUhUNUJMOG1wUFBrd3YySHpnTVRXKzlMZEZqamVhZmNyOUloU05zaU9mQm9HLzEyc2tyOVJzMEJFR3B3a3ArVEwiLCJtYWMiOiJiZWQ4YjM5NDhhN2M0Y2Y0Yzk3YWQ0NmU1MmVkMDAzYjRkN2JmYzQ5OGE2MmRhNmIzYzQ1MTI5MGJiMzFiOWM4IiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookie-script.com/s/912335de4bca92e3b6bce133d333057e.js Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp-cdn.net
ampl.ink
cdn.cookie-script.com
fonts.googleapis.com
fonts.gstatic.com
p.skimresources.com
r.skimresources.com
r.wdfl.co
s.skimresources.com
t.skimresources.com
cdn.cookie-script.com
151.139.128.11
2600:9000:225e:7400:1b:348c:b140:93a1
2606:4700:20::681a:d17
2606:4700:3036::ac43:c75a
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
35.190.59.101
35.190.91.160
35.201.67.47
0143ac8f286390c5145f0097712cfa87353bd129b389e31db8ec32f2f6ebeb19
070a94ce5c6b8eecf18a13a100a531f6568d5413961a6584378284a78acb7060
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1484f9825ed3bb1eae8a3228a7d7bbe958ed1bbb53a3b7b869c9d59f967be90a
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
356744ef2c5f7b7c49d6908d5857ab072e87ced6c8aa0a4ec79d6fa6c719a890
4bf535841a8802813b460c5d34fd515f62628a933ff140251e3023ad781b94fd
69092ab4aa753f508fd34565ac75a6e664e3f82772abd6c8fcd8e819cbc92187
6e314b90a1f49f56cc5c30494df99345bbf361d4a45bd095a3b42ccaa4ba2df8
7a0ba8152bad507ab2dd1c97a61963d3ab2bbdf2a5a31c114894b097e763b726
7a678dff6b50f1da027ff4c0c4eee96b7e8ea00e9b9e1f28d5bbe6a32177b075
93497b7e240354544b84ce6248a9e1900e2fb0b8030e2b2b9ed9acae6d795c3a
bb3784a2b71c456b4e4bf00989fd40f7aad442d5c0a9099c9b9d68bed34108e7
c913b3507331aa2a868780c828567e2264f711c25ab5b4f0de7dc86488ee6e83
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef74fd98c3bae8ea02c22140e667be2d8958023551f61632278adb4bffc61ee2
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf