urlscan.io logo urlscan.io
SecurityTrails logo

ampl.ink Open in urlscan Pro
2606:4700:3036::681f:496d  Public Scan

Go To Rescan Add Verdict Report
URL: https://ampl.ink/jEXxr
Submission: On November 08 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3036::681f:496d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ampl.ink.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.
This is the only time ampl.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3036::681f:496d (United States)

ASN13335 (CLOUDFLARENET, US)
ampl.ink
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:d17 (United States)

ASN13335 (CLOUDFLARENET, US)
amp-cdn.net
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:6c00:19e::11bd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
autolinkmaker.itunes.apple.com
2    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
4    35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    143.204.215.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-115.fra53.r.cloudfront.net
markhor.organicfruitapps.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 172.40.190.35.bc.googleusercontent.com
api.skimlinks.mgr.consensu.org
3    35.244.255.22 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 22.255.244.35.bc.googleusercontent.com
x.skimresources.com
2    136.144.49.28 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
loadeu.exelator.com
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
Domain Requested by
12 ampl.ink ampl.ink
4 p.skimresources.com ampl.ink
3 x.skimresources.com 3 redirects
3 t.skimresources.com ampl.ink
s.skimresources.com
2 sync.crwdcntrl.net 2 redirects
2 loadeu.exelator.com 2 redirects
2 r.skimresources.com 1 redirects ampl.ink
2 s.skimresources.com ampl.ink
s.skimresources.com
2 www.google-analytics.com ampl.ink
www.google-analytics.com
2 fonts.googleapis.com ampl.ink
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 stats.g.doubleclick.net www.google-analytics.com
1 markhor.organicfruitapps.com ampl.ink
1 autolinkmaker.itunes.apple.com ampl.ink
1 fonts.gstatic.com fonts.googleapis.com
1 amp-cdn.net ampl.ink
32 16

This site contains links to these domains. Also see Links.

Domain
instagram.com
youtube.com
soundcloud.com
music.apple.com
open.spotify.com
youtu.be
itunes.apple.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-08 -
2021-07-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
linkmaker.itunes.apple.com
DigiCert SHA2 Extended Validation Server CA-3		 2020-09-16 -
2021-09-17		 a year crt.sh
organicfruitapps.com
Amazon		 2020-03-26 -
2021-04-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2019-10-04 -
2021-10-07		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://ampl.ink/jEXxr
Frame ID: 978CAD625139F30957E3D9DC2CD0BC0F
Requests: 29 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.07759551536165521
Frame ID: 46360E165D05BB12E73446CC46771455
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

32
Requests

100 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

13
IPs

6
Countries

1214 kB
Transfer

1329 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01EPMYVYP39WW5Q8TGBNWKQFWZ&persistence=1&checksum=9b8136d6b0496b8fa30cad8a158d20e44d5795e2b7b3404093a0e2e8b6f5e6fd
Request Chain 29
  • https://x.skimresources.com/?provider=exelate&gdpr=1&gdpr_consent= HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=1 HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=1&xl8blockcheck=1 HTTP 302
  • https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=2b65a9e9bc23b4b929db4361d3ce80e1 HTTP 302
  • https://p.skimresources.com/?provider_id=2b65a9e9bc23b4b929db4361d3ce80e1&skim_mapping=true
Request Chain 30
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id= HTTP 302
  • https://p.skimresources.com/?skim_mapping=true

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jEXxr
ampl.ink/ 		28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56edc65196468f8803227d5ed44f508899fca430b2076a2e98b4d09007d891

Request headers

:method
GET
:authority
ampl.ink
:scheme
https
:path
/jEXxr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 08 Nov 2020 22:15:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8b2bec98e6d77796f85e16915e19fb551604873746; expires=Tue, 08-Dec-20 22:15:46 GMT; path=/; domain=.ampl.ink; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6Ild5V1ZoRVVJbmE4WWU4SGdZNGI1blE9PSIsInZhbHVlIjoieGJwVDV4T3BkZCtaTWJmTGgxb3NsckJTZHFGUVwvcmhFR3pGK3hnbzZ0SzF5RWx1ZWVJS1NCYzI5dUt1dWR5T2MiLCJtYWMiOiI4ZmIzY2QzN2I2ODU4OGI1YjgxZGRhZjNiY2I4YTBlZjhlZmQ1YWE0NzdlZWU5ODFjNDVhOWVkMjY2NTU3MTU0In0%3D; expires=Mon, 09-Nov-2020 00:15:46 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjMreWpjWTNWREd4Tkd4NCtcL0FRa1wvdz09IiwidmFsdWUiOiJ4TlNVNmgwV1RveDVYK1pBaUVXbkdtczRaTEJLNGNZV0tFNk53UFdjVWRobGdva3F5VFFZWklnamtlTHB5cjNuIiwibWFjIjoiZWE1YWYzZDM0MDA2MDc2NjIyYzE3ZjhhODIwZDMxNmUyZWE4YWNhMWI0OTY4ZjE0Nzk4YTQzNjhkNThkMzgwZCJ9; expires=Mon, 09-Nov-2020 00:15:46 GMT; Max-Age=7200; path=/; httponly
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-request-id
064b8711b20000d709432ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QN8TLNvUpXejY%2BTPisREUg9XnO%2FqcaNBwB6ipcJ6xvmdOa58Z5s9a0HgfI8c7ymwZN2G8OOYm2EYepFGvXfWtfMY2aZwwXKOALYUOKY8Y4Rm1Uls2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ef2a795edfed709-FRA
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e87bfde8bd7a1a7ca26e8667ce624108b0fe20145e2f9b35a0d8d07db8b3c49d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Nov 2020 22:03:54 GMT
server
ESF
date
Sun, 08 Nov 2020 22:15:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Nov 2020 22:15:46 GMT
icon
fonts.googleapis.com/ 		574 B
442 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
426f61abc23d6e3d3828bae17092c8db3301629ac8190174fbfa37f3c76f80a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Nov 2020 22:15:46 GMT
server
ESF
date
Sun, 08 Nov 2020 22:15:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Nov 2020 22:15:46 GMT
soundcloud.api.js
ampl.ink/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ampl.ink/js/soundcloud.api.js
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e70557e48982f3c1fa91548d4c5f5b0306d6a5ca4cdc9c4afd02b3a3ee744b

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-1297"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WAROt7m5dmet4yqoz3v0DGvl9t8328DSzKL3G3XfgFVKgvWzj5Ag7YyYTQl7BvWe6iECLC44JTFpZQOUHRnPg9yKwniznKnKI%2F01S%2BJxlf95XL07vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ef2a7967f02d709-FRA
cf-request-id
064b87120f0000d70983259000000001
340440527c8627f6725bc35e590a5e82e73ee2c11f2342
amp-cdn.net/images/links/ 		920 KB
922 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amp-cdn.net/images/links/340440527c8627f6725bc35e590a5e82e73ee2c11f2342
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1d7a2d772353baca4f164427d30d7fd80bc6d1a4e2ed3724b813413e9cec70

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2D74D06F19B27E89
status
200
content-length
941909
x-amz-id-2
Gd2rZI+DTV4F+qLNLOyl5VAdvv98PU7Dbwcy/k71kT8YAOxxojHfnOm7NO9M1o6+EctihIrgwUk=
last-modified
Thu, 08 Oct 2020 21:52:33 GMT
server
cloudflare
etag
"25be3f78620238e2652c3ccee2a1bf9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LNTvdF%2F1SITHgeGX4wSekgpVna8%2Fy0neYj4XjEMr1SprxABikPYKQx9OkmrEUG%2FIRSzbiJ5Rgo6XLMjZDuSad3f4nl79coDh5CuNQ9zO9JMsoBbP8wRULA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-request-id
064b8712510000dfbb60983000000001
accept-ranges
bytes
cf-ray
5ef2a796e943dfbb-FRA
apple-music.svg
ampl.ink/images/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/logos/apple-music.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba7600be604f0cf3d45783c80186a5f3da0706c2d4b434c2c6992235eb8ab32

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5679
status
200
cf-request-id
064b87123c0000d709ab943000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c1YNe2rWnSVZvLKJNmh7SdM9mban6jincq1H%2FEfX2FehMT%2FXG11%2FDFBUFGK%2BEWgN4FLwseUiiWYZ5BK1akl5ES049MOxAVTSXIhjB9dCmRhXkvjY8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf93d709-FRA
spotify.svg
ampl.ink/images/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/logos/spotify.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11da06ed56669a26265b129df73cb37a93db5641528f46f76a8425f0268fbbd

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4018
status
200
cf-request-id
064b87123c0000d7096381c000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-1036"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cc%2BYy11Ytej2QjXrMHanF2MfNn3oulfziUk8lAD1DFjylHtKy%2FnTKCGf8henJ4hPElqKeHTM3CSt0iHt7rQUghGPHhT44QoybbGdc5Gje40bY6s%2FWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf95d709-FRA
soundcloud.svg
ampl.ink/images/logos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/logos/soundcloud.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3cd046bc67ac96b880fa2910911faac7683f95883aa97490b9a7aab6fa08da

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3568
status
200
cf-request-id
064b87123c0000d709858f0000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-1442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5hOiVaxTocJLuxvikskCJEYZg%2F7fCfJPIQ8NdHYassryjDrW9nHDXTz%2F%2FMnGJQpgeW8Z6FWwC0FzVFZe0pBaRUSafsbKnQLMQSLU5STXQXFmgfjC7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf96d709-FRA
youtube.svg
ampl.ink/images/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/logos/youtube.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72e9c77958c36b464248f2efc6323ea6f349352c3066d4d34898ce4e20525bdf

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
604
status
200
cf-request-id
064b87123d0000d70968b9c000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-bb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dlWNNmF73mqRGq8rvTeN4q9UYmH1XNP1kV%2FueAZlcUPcWwYOBn3j0DIgBXRuFjLilEkNjF4dZdeia7vr7M667wmkaGxePugHrMlqsTAI2%2BQ8Bk6DXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf97d709-FRA
itunes.svg
ampl.ink/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/logos/itunes.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cf180067d178d42ad5c7ff72d4ff15f4bb0a1d23c395d920c018f6dd168349

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
604
status
200
cf-request-id
064b87123d0000d70993175000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hPUNQf15uhyC0xMUEACnDqaG0Z%2FRz4DoHRopHayumQYwzyExroMcklcKwOZC9K3srxRatu6hgBGyQoFIPmuIVHQ3NXJsz4HCuS8QmUFju%2B65GHyhsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf98d709-FRA
apple-music.png
ampl.ink/images/icons/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/icons/apple-music.png
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8c5ca65d69843f3ed7a551ab80db60657a5160eded325b3ad9061fdd801467

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1813
status
200
content-length
19586
cf-request-id
064b87123d0000d70980a91000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
"5e96d122-4c82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TaexjvxNqGMmBBOZ84YrAqSGdojRL754qZ7OiRAKAQmsyIsnV8Tn4odivyziJ8L76IylePp543S4NtemvjNkucNogxZUdkF73r%2BC%2B%2FVyBMu7d1qH%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ef2a796cf99d709-FRA
amplify.svg
ampl.ink/images/ 		1 KB
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ampl.ink/images/amplify.svg
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ed2a3044de1eda80e55d38b0679afc73ab11c5b488c42023f4cdb058b08500

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
604
status
200
cf-request-id
064b87123d0000d709b61ed000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-47c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XTh7z8PH5ggWZmsMKK3%2F1w3jztdtLL%2Bax3E1MyCjO%2BOqimImLNVXQW6JYUp81hu61SVXPn1nEYvOKZIeDdTi9%2FIZ6eLHBq75Ty73jEQrkn7%2Fkjd0vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
5ef2a796cf9ad709-FRA
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3599
date
Sun, 08 Nov 2020 21:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 08 Nov 2020 23:15:48 GMT
133044X1595725.skimlinks.js
s.skimresources.com/js/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/133044X1595725.skimlinks.js
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fc06d3ab50cf2b4cf9a42bf4685af28a748bf11e23ac1850f71d094bd236ba5

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 13:06:44 GMT
server
AmazonS3
x-amz-request-id
45EEEC305FA0A894
etag
"21c516309de0ffcba7a5f070debda088"
x-hw
1604873747.cds005.pa1.hn,1604873747.cds207.pa1.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
22956
x-amz-id-2
9rpQaAVH3yXTXjNuI6cMhG/5+7B+KskaVGgyFUTPw3F2Vy/mh/b7090dtXFaWfjKU7KSorr6cRE=
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ampl.ink
Referer
https://fonts.googleapis.com/css?family=Montserrat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:14 GMT
server
sffe
age
212104
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Sat, 06 Nov 2021 11:20:43 GMT
Montserrat-Light.woff
ampl.ink/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ampl.ink/fonts/Montserrat-Light.woff
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b62494b1c0bfa26b6e7f8a1de6cb15d257df7ca8ce862cab12d6c2a15e8c72

Request headers

Origin
https://ampl.ink
Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1813
status
200
cf-request-id
064b87123f0000d70943a5f000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
W/"5e96d122-7be0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hdd1x5kUfRY%2F7U28%2FQGcjpk5231%2FZ96huWb3Adas%2BvJLnJj03fHu3rh5qOb8FLsfTBv6lVdORDQbQ9J6dg5CjtrH13EghOHRcvfNwEtlJtyvmuOCRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
5ef2a796cfa2d709-FRA
fa-brands-400.woff2
ampl.ink/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ampl.ink/fonts/fa-brands-400.woff2
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Origin
https://ampl.ink
Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4857
status
200
content-length
76548
cf-request-id
064b8712400000d709a9191000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
"5e96d122-12b04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uMyU%2Fm%2BSEVhBMubEeRVyl0hduAAtmyV31HFRiazPg2pgVyjwjfIscfYpjYjZnr22WwXFrv8KMhtRuiKsgpOuwdcPBZT7jqnnaTHYARIEB67G9mAzPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ef2a796cfa4d709-FRA
fa-solid-900.woff2
ampl.ink/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ampl.ink/fonts/fa-solid-900.woff2
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Origin
https://ampl.ink
Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6714
status
200
content-length
76120
cf-request-id
064b8712400000d70969b86000000001
last-modified
Wed, 15 Apr 2020 09:17:22 GMT
server
cloudflare
etag
"5e96d122-12958"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eIUN9p9E11FsFLBS%2BWM7UHV5JZkZg36uVYzObNXJ92mfC0XtwYX7b2mxeyd6NhHVaDLxu2ABMfhkteBVBaKsMl43CPL20Ps5HYBDUbQDhnK0nmM64Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ef2a796cfa5d709-FRA
itunes_autolinkmaker.js
autolinkmaker.itunes.apple.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://autolinkmaker.itunes.apple.com/js/itunes_autolinkmaker.js
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19e::11bd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
1970d843afd475b62bafc2f7855644734e33aaa3f7b813eeb35f00dfae69d0e2

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
gzip
last-modified
Wed, 13 Feb 2019 23:44:30 GMT
server
Apache
etag
"054d7c0df453e0e393ac9d064729e6f9:1550101470"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
accept-ranges
bytes
content-length
6160
collect
www.google-analytics.com/j/ 		4 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=394728514&t=pageview&_s=1&dl=https%3A%2F%2Fampl.ink%2FjEXxr&dp=%2FjEXxr&ul=en-us&de=UTF-8&dt=Ofekniv%20%26amp%3B%20Latika%20(Bad%20Dream%20-%20Single)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=470005960&gjid=393687098&cid=1364785952.1604873747&tid=UA-89385820-1&_gid=1744478434.1604873747&_r=1&_slc=1&z=1201280403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 22:15:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://ampl.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01EPMYVYP39WW5Q8TGBNWKQFWZ&persistence=1&checksum=9b8136d6b0496b8fa30cad8a158d20e44d5795e2b7b3404093a0e2e8b6f5e6fd
190 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01EPMYVYP39WW5Q8TGBNWKQFWZ&persistence=1&checksum=9b8136d6b0496b8fa30cad8a158d20e44d5795e2b7b3404093a0e2e8b6f5e6fd
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
a8def20b1d268ea9ea7f23c60c57dcdd1ae1eed404f12c1a61cd5edc70a898e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ampl.ink
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
https://r.skimresources.com/api/?xguid=01EPMYVYP39WW5Q8TGBNWKQFWZ&persistence=1&checksum=9b8136d6b0496b8fa30cad8a158d20e44d5795e2b7b3404093a0e2e8b6f5e6fd
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ampl.ink
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame 4636 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.07759551536165521
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
206
date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=5.587762575134743
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=5.587762575134743
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
/
markhor.organicfruitapps.com/analytics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://markhor.organicfruitapps.com/analytics/?e_c=page&e_a=load&e_n=alm-visitor&idsite=15&url=https://ampl.ink/jEXxr&cvar=%7B%222%22:%5B%22at%22,%221000lJ7F%22%5D%7D
Requested by
Host: ampl.ink
URL: https://ampl.ink/jEXxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-115.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		1 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-89385820-1&cid=1364785952.1604873747&jid=470005960&gjid=393687098&_gid=1744478434.1604873747&_u=IEBAAEAAAAAAAC~&z=1783384258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Nov 2020 22:15:47 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://ampl.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/ 		22 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://ampl.ink
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://ampl.ink
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
iab
api.skimlinks.mgr.consensu.org/ 		772 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.skimlinks.mgr.consensu.org/iab?nocache=1604873747170
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
gunicorn/20.0.4 /
Resource Hash
3af1040f40683c251264df004d2ff25d93970cb1300258008256db650dd106fa

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
gunicorn/20.0.4
status
200
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ampl.ink
access-control-allow-credentials
true
alt-svc
clear
content-length
772
Consent_A_de.js
s.skimresources.com/js/GDPR/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/GDPR/Consent_A_de.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/133044X1595725.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f338a397aa25f82534f0a743a358447f744605466350f4160d47ee0a4644957e

Request headers

Referer
https://ampl.ink/jEXxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 13:20:31 GMT
server
AmazonS3
x-amz-request-id
3NBWCP9P6R3H7K6W
etag
"0a9dc53cdb08c6081fd9b06f48a4fcf6"
x-hw
1604873747.cds005.pa1.hn,1604873747.cds043.pa1.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
7541
x-amz-id-2
Xwbs1rqwvpa8cOn/O9GOQRMBwxrIK04mvsUu2y21E+i3hig5GsOxEWKDg6fptgOuvEcJAy6c9Qc=
/
p.skimresources.com/ Frame 4636
Redirect Chain
  • https://x.skimresources.com/?provider=exelate&gdpr=1&gdpr_consent=
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=1
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=1&xl8blockcheck=1
  • https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=2b65a9e9bc23b4b929db4361d3ce80e1
  • https://p.skimresources.com/?provider_id=2b65a9e9bc23b4b929db4361d3ce80e1&skim_mapping=true
43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/?provider_id=2b65a9e9bc23b4b929db4361d3ce80e1&skim_mapping=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43

Redirect headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
nginx/1.16.1
status
302
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?provider_id=2b65a9e9bc23b4b929db4361d3ce80e1&skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
/
p.skimresources.com/ Frame 4636
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=
  • https://p.skimresources.com/?skim_mapping=true
43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/?skim_mapping=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43

Redirect headers

date
Sun, 08 Nov 2020 22:15:47 GMT
via
1.1 google
server
nginx/1.16.1
status
302
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| SC boolean| clickedLink object| serviceLinks function| redirectHandler object| _merchantSettings function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| skimlinksApplyHandlers boolean| skimlinks_revenue_forecast

6 Cookies

Domain/Path Name / Value
.ampl.ink/ Name: _gat
Value: 1
.ampl.ink/ Name: __cfduid
Value: d8b2bec98e6d77796f85e16915e19fb551604873746
.ampl.ink/ Name: _gid
Value: GA1.2.1744478434.1604873747
.ampl.ink/ Name: _ga
Value: GA1.2.1364785952.1604873747
ampl.ink/ Name: laravel_session
Value: eyJpdiI6IjMreWpjWTNWREd4Tkd4NCtcL0FRa1wvdz09IiwidmFsdWUiOiJ4TlNVNmgwV1RveDVYK1pBaUVXbkdtczRaTEJLNGNZV0tFNk53UFdjVWRobGdva3F5VFFZWklnamtlTHB5cjNuIiwibWFjIjoiZWE1YWYzZDM0MDA2MDc2NjIyYzE3ZjhhODIwZDMxNmUyZWE4YWNhMWI0OTY4ZjE0Nzk4YTQzNjhkNThkMzgwZCJ9
ampl.ink/ Name: XSRF-TOKEN
Value: eyJpdiI6Ild5V1ZoRVVJbmE4WWU4SGdZNGI1blE9PSIsInZhbHVlIjoieGJwVDV4T3BkZCtaTWJmTGgxb3NsckJTZHFGUVwvcmhFR3pGK3hnbzZ0SzF5RWx1ZWVJS1NCYzI5dUt1dWR5T2MiLCJtYWMiOiI4ZmIzY2QzN2I2ODU4OGI1YjgxZGRhZjNiY2I4YTBlZjhlZmQ1YWE0NzdlZWU5ODFjNDVhOWVkMjY2NTU3MTU0In0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp-cdn.net
ampl.ink
api.skimlinks.mgr.consensu.org
autolinkmaker.itunes.apple.com
fonts.googleapis.com
fonts.gstatic.com
loadeu.exelator.com
markhor.organicfruitapps.com
p.skimresources.com
r.skimresources.com
s.skimresources.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
www.google-analytics.com
x.skimresources.com
136.144.49.28
143.204.215.115
151.139.128.11
2606:4700:20::681a:d17
2606:4700:3036::681f:496d
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00:19e::11bd
35.190.40.172
35.190.59.101
35.190.91.160
35.201.67.47
35.244.255.22
52.30.140.199
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
11ed2a3044de1eda80e55d38b0679afc73ab11c5b488c42023f4cdb058b08500
1970d843afd475b62bafc2f7855644734e33aaa3f7b813eeb35f00dfae69d0e2
2a1d7a2d772353baca4f164427d30d7fd80bc6d1a4e2ed3724b813413e9cec70
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2f56edc65196468f8803227d5ed44f508899fca430b2076a2e98b4d09007d891
33e70557e48982f3c1fa91548d4c5f5b0306d6a5ca4cdc9c4afd02b3a3ee744b
3af1040f40683c251264df004d2ff25d93970cb1300258008256db650dd106fa
426f61abc23d6e3d3828bae17092c8db3301629ac8190174fbfa37f3c76f80a0
52cf180067d178d42ad5c7ff72d4ff15f4bb0a1d23c395d920c018f6dd168349
53b62494b1c0bfa26b6e7f8a1de6cb15d257df7ca8ce862cab12d6c2a15e8c72
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72e9c77958c36b464248f2efc6323ea6f349352c3066d4d34898ce4e20525bdf
8b3cd046bc67ac96b880fa2910911faac7683f95883aa97490b9a7aab6fa08da
8fc06d3ab50cf2b4cf9a42bf4685af28a748bf11e23ac1850f71d094bd236ba5
9ba7600be604f0cf3d45783c80186a5f3da0706c2d4b434c2c6992235eb8ab32
a8def20b1d268ea9ea7f23c60c57dcdd1ae1eed404f12c1a61cd5edc70a898e1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
d11da06ed56669a26265b129df73cb37a93db5641528f46f76a8425f0268fbbd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df8c5ca65d69843f3ed7a551ab80db60657a5160eded325b3ad9061fdd801467
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e87bfde8bd7a1a7ca26e8667ce624108b0fe20145e2f9b35a0d8d07db8b3c49d
f338a397aa25f82534f0a743a358447f744605466350f4160d47ee0a4644957e
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf