urlscan.io logo urlscan.io
SecurityTrails logo

download-campaign.com Open in urlscan Pro
27.96.32.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2UNwQag
Effective URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Submission: On December 18 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 41 HTTP transactions. The main IP is 27.96.32.211, located in Japan and belongs to VECTANT ARTERIA Networks Corporation, JP. The main domain is download-campaign.com.
TLS certificate: Issued by FujiSSL Public Validation Authority - G3 on April 15th 2020. Valid for: a year.
This is the only time download-campaign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 157.7.107.49 7506 (INTERQ GM...)
5 27.96.32.211 2519 (VECTANT A...)
2 2 150.95.131.42 7506 (INTERQ GM...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
32 2606:4700:303... 13335 (CLOUDFLAR...)
41 5
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    157.7.107.49 (Tokyo, Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-49.virt.lolipop.jp
line-ads.xyz
5    27.96.32.211 (Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 27-96-32-211.ipq.jp
appollo-plus.com
download-campaign.com
2    150.95.131.42 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-131-42.a07c.g.tyo1.static.cnode.io
appollo.jp
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
32    2606:4700:3035::6818:6e7f (United States)

ASN13335 (CLOUDFLARENET, US)
pocketmonster-gogo.com
Domain Requested by
32 pocketmonster-gogo.com download-campaign.com
3 download-campaign.com line-ads.xyz
download-campaign.com
2 cdnjs.cloudflare.com download-campaign.com
2 appollo.jp 2 redirects
2 appollo-plus.com appollo-plus.com
1 ajax.googleapis.com download-campaign.com
1 line-ads.xyz
1 bit.ly 1 redirects
41 8

This site contains links to these domains. Also see Links.

Domain
appollo.jp
Subject Issuer Validity Valid
line-ads.xyz
Let's Encrypt Authority X3		 2020-11-20 -
2021-02-18		 3 months crt.sh
appollo-plus.com
FujiSSL Public Validation Authority - G3		 2020-04-15 -
2021-04-22		 a year crt.sh
download-campaign.com
FujiSSL Public Validation Authority - G3		 2020-04-15 -
2021-04-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Frame ID: B41A73A47125CBEE318DD0C990E22147
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2UNwQag HTTP 301
    https://line-ads.xyz/cz/dfaJl Page URL
  2. https://appollo-plus.com/rand_rl/545-6718-6719.html Page URL
  3. https://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title= HTTP 302
    http://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title=&decode=1 HTTP 302
    https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

41
Requests

100 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

9196 kB
Transfer

9372 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2UNwQag HTTP 301
    https://line-ads.xyz/cz/dfaJl Page URL
  2. https://appollo-plus.com/rand_rl/545-6718-6719.html Page URL
  3. https://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title= HTTP 302
    http://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title=&decode=1 HTTP 302
    https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2UNwQag HTTP 301
  • https://line-ads.xyz/cz/dfaJl

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dfaJl
line-ads.xyz/cz/
Redirect Chain
  • https://bit.ly/2UNwQag
  • https://line-ads.xyz/cz/dfaJl
192 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://line-ads.xyz/cz/dfaJl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.7.107.49 Tokyo, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
157-7-107-49.virt.lolipop.jp
Software
Apache / PHP/7.4.12
Resource Hash
78120944008f030f94a06fb6311da45e57627011072c30ead3041f1ba4526514

Request headers

:method
GET
:authority
line-ads.xyz
:scheme
https
:path
/cz/dfaJl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:37 GMT
content-type
text/html; charset=UTF-8
content-length
159
server
Apache
x-powered-by
PHP/7.4.12
set-cookie
csrf_cookie_name=ff441fc6072f2caff23b729c481786f8; expires=Fri, 18-Dec-2020 16:08:37 GMT; Max-Age=7200; path=/ ci_session=3j97pkot8538o8cjrp8vj5jsb03g84j4; expires=Fri, 18-Dec-2020 16:08:37 GMT; Max-Age=7200; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Range,Accept-Encoding
accept-ranges
none
content-encoding
gzip
x-cache
MISS

Redirect headers

server
nginx
date
Fri, 18 Dec 2020 14:08:32 GMT
content-type
text/html; charset=utf-8
content-length
116
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://line-ads.xyz/cz/dfaJl
referrer-policy
unsafe-url
set-cookie
_bit=kbie8w-e5019ed7acdb8c48a2-005; Domain=bit.ly; Expires=Wed, 16 Jun 2021 14:08:32 GMT
via
1.1 google
alt-svc
clear
545-6718-6719.html
appollo-plus.com/rand_rl/ 		475 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://appollo-plus.com/rand_rl/545-6718-6719.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.96.32.211 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
27-96-32-211.ipq.jp
Software
nginx /
Resource Hash
70500f28c7c30a2b005e25c5e8e07423f02c8c1e184a809b3f30ad416221dde1

Request headers

Host
appollo-plus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://line-ads.xyz/cz/dfaJl
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://line-ads.xyz/cz/dfaJl

Response headers

Server
nginx
Date
Fri, 18 Dec 2020 14:08:40 GMT
Content-Type
text/html
Content-Length
316
Connection
keep-alive
Last-Modified
Fri, 25 Oct 2019 06:38:21 GMT
Accept-Ranges
bytes
Cache-Control
max-age=1
Expires
Fri, 18 Dec 2020 14:08:41 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
545-6718-6719.js
appollo-plus.com/assets/s-545-e/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appollo-plus.com/assets/s-545-e/js/545-6718-6719.js
Requested by
Host: appollo-plus.com
URL: https://appollo-plus.com/rand_rl/545-6718-6719.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.96.32.211 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
27-96-32-211.ipq.jp
Software
nginx / PHP/7.1.33
Resource Hash
ae775e0b14df4bc10a94b570bc48e8db411220016a84011e63cb9f12fd276a88

Request headers

Referer
https://appollo-plus.com/rand_rl/545-6718-6719.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 14:08:40 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
2032
Expires
Fri, 18 Dec 2020 14:08:41 GMT
Primary Request /
download-campaign.com/tk/changer8/
Redirect Chain
  • https://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title=
  • http://appollo.jp/api/lp/?acd=5s_s_qYsDIQtuA&title=&decode=1
  • https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
17 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Requested by
Host: line-ads.xyz
URL: https://line-ads.xyz/cz/dfaJl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.96.32.211 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
27-96-32-211.ipq.jp
Software
nginx / PHP/7.1.33
Resource Hash
8933141fd639fd215bb9ac95270a1fac01c1297923e086c58768fa4abb386c6f

Request headers

Host
download-campaign.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://appollo-plus.com/rand_rl/545-6718-6719.html

Response headers

Server
nginx
Date
Fri, 18 Dec 2020 14:08:45 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
2495
Connection
keep-alive
X-Powered-By
PHP/7.1.33
Cache-Control
max-age=1
Expires
Fri, 18 Dec 2020 14:08:45 GMT
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 18 Dec 2020 14:08:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Location
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
style.css
download-campaign.com/tk/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-campaign.com/tk/css/style.css
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.96.32.211 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
27-96-32-211.ipq.jp
Software
nginx /
Resource Hash
b61397b4b867c05179579d7cf4e91892e565dd6aad4d4620d9050ab86d0f268b

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 14:08:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Sep 2020 17:23:29 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=16588800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3662
Expires
Mon, 28 Jun 2021 14:08:46 GMT
swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.3/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.3/css/swiper.min.css
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f476606c821fd23ba0fcae1845e3e45ae39f6040921de2d96698ad7d1e922f3e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
664771
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2583
cf-request-id
0717c78c6700002488ea155000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-4d3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4mrjOCbqWL8U8HBxivcAUaX7xHuJPsm2eksbzT6mcsH%2FdBA3Y8OWO%2Fbvg05iYMZxCvnaJ3jvuA0MpzV1ZIwzgymb9D2gxyswnKZFsOozvhLCFQO8HkQFIAYPbPw6H2qYNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
603975270f9e2488-FRA
expires
Wed, 08 Dec 2021 14:08:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 12:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5898
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Dec 2021 12:30:26 GMT
icongirl006.jpg
pocketmonster-gogo.com/lpimg/tk/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/icongirl006.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57e00b044955c8299d0ac524dbe42f81039e2d629d48467ec53face79dc7e49

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Jul 2020 15:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJz1qCdjgSzAupUwQh4ocn5rGFO%2FANZkbyp7WW56niVKLENdHFneMoFM6nxD5G7TzioC2MFt9X1aTa5mjSC5funL3%2FBGwQE1MmUz7Zp2uLFou9%2FH6VnUxy01%2Bd2ZiY2IUPdF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975276ef51f55-FRA
content-length
5536
cf-request-id
0717c78c9d00001f55130dc000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
icon_ad.png
pocketmonster-gogo.com/appicon/and/yotsuba/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/appicon/and/yotsuba/img/icon_ad.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7507a22870bfcf32dbded28e6e842c56b675b9c26dc59d1c698d1d8eae9aaa10

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Jul 2020 09:04:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KojGN8aaGdBI9oyNswgZhw6U5xo8tiXQ5w%2BraHN%2BTfZYHYr2ety8P5bR1LkQ5oFF0GjHTonI7pJOk09oNw%2F83iDiwV%2BhKd%2FtGt77J10tggBZPqvK47JtImsdFMRn0E0usEJX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975291abe1f55-FRA
content-length
7044
cf-request-id
0717c78dad00001f557d0df000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
icongirl007.jpg
pocketmonster-gogo.com/lpimg/tk/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/icongirl007.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9cbdbcfac9cf2596b2d5271c113937a3fc7f619c4bcf848fcc20caac08e5a4

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Jul 2020 15:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JHb6R2vxKeopr9dUw0x%2FTi%2Fy52L8guuTEkKolmoPF0m2XIDm7MUnGF87LrlNWLJ7eP%2Fa751BFwrIANz%2FIDvT%2FoePCJeRnekFI0LMYt4Ck6sUxFjyw8GTLOHGyElHF8Xd9hGR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ad61f55-FRA
content-length
6212
cf-request-id
0717c78db600001f5521821000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
icongirl008.jpg
pocketmonster-gogo.com/lpimg/tk/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/icongirl008.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7441b21b997b17cb6835554c808e077dcf181214d235fef4a0a709381daf7e7d

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Jul 2020 15:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xHr4K4aGQMXq%2FuriNIJ6Tzf18YGzSv86%2BPFQAXyY3i%2FjWe%2BjCSNY%2F9w%2BlXhRqW2et2YsECgUM8akKDAapN0q5EeE228r2D2sYz%2Bs%2F1ohmbuT5g4DMQI3jYWuS0Ok26GQjT33"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ada1f55-FRA
content-length
3966
cf-request-id
0717c78db600001f5518850000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
icongirl009.jpg
pocketmonster-gogo.com/lpimg/tk/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/icongirl009.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac813dd779f4e1748bfd348a3e9c27cca43a9e42cdadda5c32cfba9c00797eb

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Jul 2020 15:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MF%2Box97Qex0wiLUtjHLXKI9y8v9QALBHpbgHweAgC6EHuBMIjG%2FTrX2eKphbP1Z1nDd5wzHBJ%2Bv3RHUZsfNoVS5CUqhODTIZBheJ4jcphyvFBb%2BtSLdZUTT4LLQXnnunJUpD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292adb1f55-FRA
content-length
3314
cf-request-id
0717c78db900001f555ea9d000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
icongirl010.jpg
pocketmonster-gogo.com/lpimg/tk/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/icongirl010.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24e1d2d2b6ea1e2314dc15d6c15ec0722ce7207f8899ba2be0cd85ce0a5f58e

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
191033
content-length
3682
cf-request-id
0717c78db700001f550e220000000001
last-modified
Wed, 22 Jul 2020 15:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SXFYIwTq6CUimAylckHoO%2FLXDKm2sJwADe0ZdZdkTHI4tGoemcyyn0JSBP18gTOMCCRX%2FWgQsRGKJ%2F847rdndjLMw%2BYgE%2FvqB%2BYHEa73aAUIgzrNssGP6XjIW71CAiGV0GI8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292adc1f55-FRA
expires
Wed, 23 Dec 2020 09:04:51 GMT
girl001.jpg
pocketmonster-gogo.com/lpimg/tk/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl001.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d511de7bfad4e38351dad1e294c61d7d2efe121d7060e8c13ddd07ba3c2dcfa

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
79115
content-length
7708
cf-request-id
0717c78db700001f55320df000000001
last-modified
Sun, 19 Jul 2020 18:07:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFjrypArL7GxiLRS1nPlFBoRiHZF1OR2OChjgbrHo55OMOReb5B0YaJMXutQtqNnLK4EXyQQZsRBQaZQe2sF7cGFhJD%2Bv5BOIekdAU68z6oieyFneO13lQsl%2FRHwhj5a3Ryv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292ade1f55-FRA
expires
Thu, 24 Dec 2020 16:10:09 GMT
girl002.jpg
pocketmonster-gogo.com/lpimg/tk/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl002.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c069ab31fb2bc911719a5ae1bd98f76e83fdfd0c2aed93eb7000b672c69042

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NmyTVTnUFaFuRJrJ0BOKyChqYEV0Sp51RjbRVvsvETjfdHZuajrd0bwiKCQosA5vjEs%2BbwQCEzkwI3P56T57OcAs%2BnR%2BNTlMhEpNxe9Iclb%2FYZPnifcYNvI%2B57R4lM1B47Bw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ae01f55-FRA
content-length
8009
cf-request-id
0717c78dbd00001f555ea9e000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl003.jpg
pocketmonster-gogo.com/lpimg/tk/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl003.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c60280828181b63ffc88b5cae14ee46160cd0bf7fbf0997347cca51918bb063

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2BGOyH3404Lg90WAxRxxuevc0fe85Jz5wujH0yNrc4GIYsPSmACoHxnVNrL4EmbD8u2ZeX5Oxk%2FXaU92YF0tT%2B25SxIQRl4PSkQS0xivF6CBfFBBGUBPeIxB6taYlYOc25Qq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ae21f55-FRA
content-length
8996
cf-request-id
0717c78db900001f553e1a1000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl004.jpg
pocketmonster-gogo.com/lpimg/tk/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl004.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dac1c80557db003f8af7b1da2c8baed32eb64000600559d24df48531930ba66

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3GMPjc57R3%2FrXjHnsu8OhgqQjL0pGxVWSqmo1mmwwHptneb6Rv0vko3Ptq6s9GOnBqnkldf%2FktravJ1vQB4atQYLz4GcxdT%2B9Uc4jy4lz%2BKC7C%2FqfDapbYlbgwt4F6fEATp4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ae41f55-FRA
content-length
6536
cf-request-id
0717c78db900001f554a9f7000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl005.jpg
pocketmonster-gogo.com/lpimg/tk/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl005.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7348d6da6855c1fa52373fdf99219be1faaa86bffa163c45f7beb8b26843df10

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5KxryJXNJV2q7eHHcXduruQXwlSOgtl3fodg0tkJmeZ3wPP1pw6JoEBFsQJa7jRL%2BjaEQwL8PzjJtXlYIbBtsEOc0brxn2lA8BDIggwKr86Nm0gHAex9qT36ayJehLkPGOE7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ae61f55-FRA
content-length
8764
cf-request-id
0717c78dbb00001f5578158000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl006.gif
pocketmonster-gogo.com/lpimg/tk/ 		326 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl006.gif
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16f3a343130bf287f4133df00563ef80b67f7b57a18725d28175a5853b3f3bb

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IakyPzX6Tx01JnjMNuHThCOBJmX3kzVjNGr5cq55r0YRmqA0sHyJkbSJdHFozo2W2rlUn6ATFpR%2FtkF%2BKZ8T7f9BO%2BwmEGc3f8PabVZ%2B%2Fl2mkcoo%2BQ%2FY%2BtIUe%2F%2FxAVH4Ck9H"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292ae91f55-FRA
content-length
334079
cf-request-id
0717c78dbb00001f552f999000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl007.jpg
pocketmonster-gogo.com/lpimg/tk/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl007.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a81dee45a3c5b6b9f7d14d031812e2fad175d3e2096357da0a7750d9e0b6a0

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Aa5vUAZqjz5pilXOxX1%2Faar36aVxRzfh6O%2FjhLC5qqF%2F58jgS55VAnCC9ps2mExlix3VUu0Yv8Hr8VEtqlet%2BfBbK9yHca68SWLb%2FVKwkgtw9UzsCgFu9Ti%2BYf5tXn3Mtp07"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292aeb1f55-FRA
content-length
8855
cf-request-id
0717c78dba00001f5525182000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl008.gif
pocketmonster-gogo.com/lpimg/tk/ 		381 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl008.gif
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc49cd6a2843e47bcde760c2188cd8a75f5ffd6e96341dc6d97944b18c5722f

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
237171
content-length
390021
cf-request-id
0717c78dba00001f55613db000000001
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iGueBgP4sBd6w3JkGJRfmWDMR1%2Bs7o%2FgkUxDTJtTkdR26NrT9Ny4KJX7oTYK2%2Fo54OW01YAuM1LlNidP%2BKVEwbhpHnVr4KTys8zq80lxEw%2FI9LTe7%2B7wJSnA8P7HAeZP7Bpx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292aec1f55-FRA
expires
Tue, 22 Dec 2020 20:15:53 GMT
girl009.jpg
pocketmonster-gogo.com/lpimg/tk/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl009.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5bafb87bb1f7f63f20d75837271d806f2c9abbf2b37c4cb9936b07d15e9857

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
79115
content-length
11415
cf-request-id
0717c78dc100001f552f99a000000001
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FsUUOhcFuhWJLYKwbn28Nic7OZMoyakOIbIIsrC1v5glOuMwMcSzEL5ImHA1tnx%2FjTEry%2FZ9iBqmGMTDB4xBtz11G2p80LWgsm0RDmbTTGQWewnOrxZThCB4mFDmAwRbUZlS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292aed1f55-FRA
expires
Thu, 24 Dec 2020 16:10:09 GMT
girl010.gif
pocketmonster-gogo.com/lpimg/tk/ 		763 KB
765 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl010.gif
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f78e001c6f932ae76fa92a9c75a36b45defef2bd5467fa8340319d84d35dff8

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TaBndxWq2nLPAQQA33chZ5T7GZho5eqeG6lhsmSzdYnv91SvLDplM9PTn%2BGiiODbwLXWOidvJpSexAYcA9ojgF3fbEdWBkR1Lol3E5jM4EvoV3oLGxdcah9fmn6N%2FQzVtnAk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af11f55-FRA
content-length
781703
cf-request-id
0717c78dbc00001f5548307000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl011.gif
pocketmonster-gogo.com/lpimg/tk/ 		591 KB
592 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl011.gif
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4b695b42db60dcd45e81dea544e6712c1f177b17be84be9f1c68c2a1736f99

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rEXHoH8PwBNb%2BpZwdu2jGp7ECMND%2BUwRU16Ifc90K1xy%2BTurmdgHGN6ZoZeBdy%2BC2GcBpHiA%2Fq0Xjvoo7GpAmCM1FnbdCfeenec%2BZ%2BAKcfsZ1OGWXfoswZR3YruRkba%2BUoK6"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af21f55-FRA
content-length
604885
cf-request-id
0717c78dbc00001f552a328000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
girl012.jpg
pocketmonster-gogo.com/lpimg/tk/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/girl012.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4270b76c225b720003f912ad93c3d4f9046b5f8eaa87609b952d083ee6decdc8

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vHXixk5wnIzdLW2ckD%2FRZX6ue5IevW5kKVb4UBp1ZE5aVs0OuuxEv3XRMM5Gm0m9qzQEzemwudv71kRP4RUKMpoOfQwWWxEhzvK0%2FY2TJzIb3nWanh6%2BIFB%2FtQwo%2BEiCKjGY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af41f55-FRA
content-length
12044
cf-request-id
0717c78dbc00001f557f36f000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
error.png
pocketmonster-gogo.com/lpimg/tk/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/error.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ec232e0a9a6843307569e261752022e775cec8df1439c0edec265cfde98c6a

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:07:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T0JFEFsvdfqzoW7G5eBG59ysxZLmgPLhgsrnO258xR49K2laruG%2BGBddLFJ86XvW27vfdHRE3aAr37%2B%2Bb1P3Uy%2FlUTGl0E2FeXNsZ8VIdSRks7v5of0QuPNkwFdyUUOs1Zr0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af51f55-FRA
content-length
11362
cf-request-id
0717c78dbd00001f5540a3e000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
download-and.png
pocketmonster-gogo.com/lpimg/tk/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/lpimg/tk/download-and.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d007b14adf051ed85bf718ef336ec3a890dded3df2744550c66d283feae1fa

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 18:25:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h0rfJGphvfER3vHGrrefxF1N9oN9Oq93Gs25HCStxn3ojgWNe7r%2FnfMUnZnA6kg%2F4tZaYhEiibHLqmJ9d%2B51W634A8FulFUWvPsA32rFgzFoPZ6iVWQHWQaTNsS8ZMeLhe5Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af61f55-FRA
content-length
49211
cf-request-id
0717c78dbd00001f5557b5b000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.3/js/ 		120 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.3/js/swiper.min.js
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
41620
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27194
cf-request-id
0717c78c750000248850a1b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-1df6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iTc3O9fUlTUsBCCFr%2B4mMbL6Etinp1wq8W9rnaS3I2VgxWfBaU5WG8rlYwvU6eeZ9w9LzPiSUy0duFq4MpbMZbs%2FEyntdmfuXhQFEsREluYXnS6otceNYd39yPTfacodbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
603975272fc32488-FRA
expires
Wed, 08 Dec 2021 14:08:44 GMT
heart_white.png
pocketmonster-gogo.com/temp_img/heart/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/heart/heart_white.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b092b806a604cd3391b4bc2ae594fad084ae3f80f65a7e4d09b1c5b429b32977

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Jul 2020 03:30:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XPpYKhdECqg2ZCBm7LKtbGwcOEjfZEwRkA%2Be0y0ATj4JdqNdo0N9z2jPdHbnqhNPM5pqEPSHBhH1u%2FsDuqGGg8OWZJf5yMEjMF5pqrZhTYbm4yHFGPqd729kZ4PNOoIRNNHd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292af71f55-FRA
content-length
1520
cf-request-id
0717c78dbd00001f55050e0000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
h_pink.png
pocketmonster-gogo.com/temp_img/h/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/h/h_pink.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8cc986aa42634c0bc5be60f02adbbf2c4720d3ccef4b1895f94226ab8cb1ae

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Jul 2020 04:55:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fru044eVgF3i3%2B4vAn0%2FHoYp6%2BI0rSykrCn1Nsht4FxGKfeFOjclDBtkV5WACiR%2BC96ajom9qN%2F9Eoc9s6tRXtR%2FSUp8DeBtbzJiM1Bmtxj%2Fg%2BoIC6ZrwgGsVJQydzGvOb6%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292afb1f55-FRA
content-length
2076
cf-request-id
0717c78dbe00001f555324e000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
slide_blue.png
pocketmonster-gogo.com/temp_img/slide/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/slide/slide_blue.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e7541c965b1a42a138ee631865f0227592b3777cb7a0841628241e20746a30

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Jul 2020 02:23:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FdmPW2igvQEAqtMTqauwt0bGr%2BUeV06kT%2F0hr8CYKOqnKWqrahjZKYJLD5qGKXoLLpVCTNnFHQ1MNH55QPcQtXhBw5vw5o3BpVJcNwYH6p7YpxxK1FK%2FAOP6XzlGikkP%2FLJj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
603975292afc1f55-FRA
content-length
4851
cf-request-id
0717c78dbe00001f550e221000000001
expires
Fri, 25 Dec 2020 14:08:45 GMT
tits.png
pocketmonster-gogo.com/temp_img/r0205261200/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/r0205261200/tits.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252eeaafaec16f21da8b1ca468b8da30ee2138acf50439bb6c05c9f7e82ee6c6

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
31501
content-length
11104
cf-request-id
0717c78dbf00001f55242c8000000001
last-modified
Tue, 26 May 2020 05:54:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nuhbUJpIFa3eQZaFUlPznuUn%2FnktcVYjj86WpSts6UxitibNpR8LZ3M5I%2F4Xa%2BJdeLTceIG7JP%2Fr56RVeo%2Bd4XGy0XVrXbGdNYFocLyA%2F02KBe6XwRIhe09VyWIsyH4jg8nX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292afd1f55-FRA
expires
Fri, 25 Dec 2020 05:23:43 GMT
mark.png
pocketmonster-gogo.com/temp_img/r0205261200/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/r0205261200/mark.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa11d55fb0be4b3ec38364daf4aafd5b9748611e730e70c826afb3b57cf3c0e5

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
31501
content-length
1268
cf-request-id
0717c78dbf00001f554d2fa000000001
last-modified
Tue, 26 May 2020 03:02:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BoA9jZAY7Wu7pCzahTzHARSZfcacKnUncucf2dD0W22zouoCcdS%2BnnO1dIt9wHEF%2FKbc1F0aWJhzrHJrGbq8CBFOpgX377OnoNCrK1KBMYyd3sC590xrDlSlUOvva%2BlqEt2C"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292aff1f55-FRA
expires
Fri, 25 Dec 2020 05:23:43 GMT
splash.png
pocketmonster-gogo.com/temp_img/r0205261200/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/r0205261200/splash.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76c5a08c8f74b5396e39cfb74c235275f98a650a6c40a03f7fe00f44f644b8a

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:44 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
193716
content-length
1355
cf-request-id
0717c78dbf00001f5521822000000001
last-modified
Tue, 26 May 2020 03:02:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fcD3Co4Msqp3nJOTCIi6mPm07CFGQTZ8uw00PrWNYLGx9%2FbKhUV3fEVZ7IHBX1GHHvua8oYmZFnsMmEzTbo4OU1gFNTn43w8n%2FHdZLNNqh8nq9XOFv77VwouorI7mz2aiF1W"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292b021f55-FRA
expires
Wed, 23 Dec 2020 08:20:07 GMT
heart.png
pocketmonster-gogo.com/temp_img/r0205261200/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pocketmonster-gogo.com/temp_img/r0205261200/heart.png
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48cd73c32659ebbc428ab24c19258202ef6c20be500aaf0cd812e186305fb53

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
358821
content-length
1035
cf-request-id
0717c78dc000001f557a0b9000000001
last-modified
Tue, 26 May 2020 03:02:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gMJfNsSOd2tAji92Kpwh0xE8ssmncvf6GDHjZGrSpRE5LZe%2BzQmdS4CUjTdMV3wV4ArTuBB%2BJO69l6mhAWQK%2Bc2M7zqwpjizbIZ6FvIGoW4e5SwSXZ3AeKsNJUkJS6q0Vuez"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
603975292b031f55-FRA
expires
Mon, 21 Dec 2020 10:28:24 GMT
bg.jpg
download-campaign.com/tk/img/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-campaign.com/tk/img/bg.jpg
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.96.32.211 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
27-96-32-211.ipq.jp
Software
nginx /
Resource Hash
c0002eff799520af6243b88416d25fbd43639a056ab3cd611fa995861f453991

Request headers

Referer
https://download-campaign.com/tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 14:08:46 GMT
Last-Modified
Sun, 19 Jul 2020 17:48:45 GMT
Server
nginx
ETag
"5f14877d-10e1a"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69146
Expires
Fri, 25 Dec 2020 14:08:46 GMT
06.mp4
pocketmonster-gogo.com/video/tk/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://pocketmonster-gogo.com/video/tk/06.mp4
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3be5578a61406258c45f41bb399b159f75265dfb994beacf74f4b1bc1a95e8

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JeZjfjjrR9EB7JjFjYDgkHdn544a9OUajRuZKcHbcKwsCkFK6SHTI8RrWOeIT%2FwNlzEGiVhx%2FHe45vpg9M%2B6KlwUyQnbLfKF3Z%2Fk%2BewSDckOXr8V5ytXAgKStrDgvXoRRHbe"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-1542647/1542648
last-modified
Wed, 22 Jul 2020 14:17:47 GMT
cf-ray
6039752a2d381f55-FRA
Content-Length
1542648
cf-request-id
0717c78e5500001f550597f000000001
07.mp4
pocketmonster-gogo.com/video/tk/ 		900 KB
901 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://pocketmonster-gogo.com/video/tk/07.mp4
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1e2c672e6ade75e03aa0737194ceef0e22ec23d0978e4d68b0ca2665bc34de

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Dec 2020 14:08:45 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z7uhjjtXRMeDVIns6WBhvi9sLE%2ByqTZIt5OTAHo9QV5POgMP7jrd6TH2dAmqgRewHWJDexspKUXf9KBP0rhRKFE0HPpNDhTgsafiZy%2BrrQwB2nk16TAOqrlIl%2FNkxnpL17bq"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-921182/921183
last-modified
Wed, 22 Jul 2020 14:17:47 GMT
cf-ray
6039752a2d3a1f55-FRA
Content-Length
921183
cf-request-id
0717c78e5600001f5540a4f000000001
08.mp4
pocketmonster-gogo.com/video/tk/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://pocketmonster-gogo.com/video/tk/08.mp4
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2723c0195e0e9524bed6ea4cbce2d7286bcb9053532f8e4cb1e8510935f92fa0

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=djC14e%2BpDW57URAEqusjVSH5CQJpnJvkw%2BXCXmt0nifwf2mmKDtMCEQDBwwH0TInCVDd3n8RmE643lP8YOvWY6tXGwTRBB9DymUhcSGSueJ7RCU1Bs85AlDTHUWosoJks3%2F2"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-2998549/2998550
last-modified
Wed, 22 Jul 2020 14:17:48 GMT
cf-ray
6039752a2d3d1f55-FRA
Content-Length
2998550
cf-request-id
0717c78e5600001f554d309000000001
09.mp4
pocketmonster-gogo.com/video/tk/ 		988 KB
990 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://pocketmonster-gogo.com/video/tk/09.mp4
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b185f5ac8e8d742f334b03ffd6a9a8d85bfcc337ae5c35d0f5716e9813c06e89

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P1bv6spJo%2F%2B2Tu30OjZVK%2BnN%2BF0OOcrkg6R65YyCPRdWhP89URebxZX01V8iYjZHvKFRJcqB%2BQX8dIUfKpyjbalSXG7JpC4GLeQMQp%2FiNtdgYngeYMEGKDUWlwSpl8otE7PD"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-1011787/1011788
last-modified
Wed, 22 Jul 2020 14:17:48 GMT
cf-ray
6039752a2d421f55-FRA
Content-Length
1011788
cf-request-id
0717c78e5700001f556f98a000000001
010.mp4
pocketmonster-gogo.com/video/tk/ 		467 KB
468 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://pocketmonster-gogo.com/video/tk/010.mp4
Requested by
Host: download-campaign.com
URL: https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6e7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89a1f298fc2bb80e8c478e4c1791606a0678146d1e2bda958ba3e00bad98fa5

Request headers

Referer
https://download-campaign.com/tk/changer8/?acd=5s_s_qYsDIQtuA
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Dec 2020 14:08:46 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xq10UneHJ9iQk7ohvqGnXMvTPBuh%2BZWi6AWFO2i4hDQdVi5eIL9bLWFs9z4IHgoQkN1v2KsvAIabqphbmnYTGT9wEHpx0z1v6A%2BAvIT77beG4AqAuHlIcLjUvkjkIJBxOsln"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-477882/477883
last-modified
Wed, 22 Jul 2020 14:17:43 GMT
cf-ray
6039752a2d461f55-FRA
Content-Length
477883
cf-request-id
0717c78e5700001f557235a000000001

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Swiper object| mySwiper

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appollo-plus.com
appollo.jp
bit.ly
cdnjs.cloudflare.com
download-campaign.com
line-ads.xyz
pocketmonster-gogo.com
150.95.131.42
157.7.107.49
2606:4700:3035::6818:6e7f
2606:4700::6810:125e
27.96.32.211
2a00:1450:4001:825::200a
67.199.248.11
0dac1c80557db003f8af7b1da2c8baed32eb64000600559d24df48531930ba66
1f3be5578a61406258c45f41bb399b159f75265dfb994beacf74f4b1bc1a95e8
20ec232e0a9a6843307569e261752022e775cec8df1439c0edec265cfde98c6a
252eeaafaec16f21da8b1ca468b8da30ee2138acf50439bb6c05c9f7e82ee6c6
2723c0195e0e9524bed6ea4cbce2d7286bcb9053532f8e4cb1e8510935f92fa0
29c069ab31fb2bc911719a5ae1bd98f76e83fdfd0c2aed93eb7000b672c69042
2b5bafb87bb1f7f63f20d75837271d806f2c9abbf2b37c4cb9936b07d15e9857
2b9cbdbcfac9cf2596b2d5271c113937a3fc7f619c4bcf848fcc20caac08e5a4
3cc49cd6a2843e47bcde760c2188cd8a75f5ffd6e96341dc6d97944b18c5722f
41e7541c965b1a42a138ee631865f0227592b3777cb7a0841628241e20746a30
4270b76c225b720003f912ad93c3d4f9046b5f8eaa87609b952d083ee6decdc8
56a81dee45a3c5b6b9f7d14d031812e2fad175d3e2096357da0a7750d9e0b6a0
5c60280828181b63ffc88b5cae14ee46160cd0bf7fbf0997347cca51918bb063
5d511de7bfad4e38351dad1e294c61d7d2efe121d7060e8c13ddd07ba3c2dcfa
70500f28c7c30a2b005e25c5e8e07423f02c8c1e184a809b3f30ad416221dde1
7348d6da6855c1fa52373fdf99219be1faaa86bffa163c45f7beb8b26843df10
7441b21b997b17cb6835554c808e077dcf181214d235fef4a0a709381daf7e7d
7507a22870bfcf32dbded28e6e842c56b675b9c26dc59d1c698d1d8eae9aaa10
78120944008f030f94a06fb6311da45e57627011072c30ead3041f1ba4526514
80d007b14adf051ed85bf718ef336ec3a890dded3df2744550c66d283feae1fa
8933141fd639fd215bb9ac95270a1fac01c1297923e086c58768fa4abb386c6f
8f78e001c6f932ae76fa92a9c75a36b45defef2bd5467fa8340319d84d35dff8
9ac813dd779f4e1748bfd348a3e9c27cca43a9e42cdadda5c32cfba9c00797eb
a24e1d2d2b6ea1e2314dc15d6c15ec0722ce7207f8899ba2be0cd85ce0a5f58e
a57e00b044955c8299d0ac524dbe42f81039e2d629d48467ec53face79dc7e49
a89a1f298fc2bb80e8c478e4c1791606a0678146d1e2bda958ba3e00bad98fa5
ae775e0b14df4bc10a94b570bc48e8db411220016a84011e63cb9f12fd276a88
b092b806a604cd3391b4bc2ae594fad084ae3f80f65a7e4d09b1c5b429b32977
b185f5ac8e8d742f334b03ffd6a9a8d85bfcc337ae5c35d0f5716e9813c06e89
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b48cd73c32659ebbc428ab24c19258202ef6c20be500aaf0cd812e186305fb53
b61397b4b867c05179579d7cf4e91892e565dd6aad4d4620d9050ab86d0f268b
c0002eff799520af6243b88416d25fbd43639a056ab3cd611fa995861f453991
c76c5a08c8f74b5396e39cfb74c235275f98a650a6c40a03f7fe00f44f644b8a
ca4b695b42db60dcd45e81dea544e6712c1f177b17be84be9f1c68c2a1736f99
cd8cc986aa42634c0bc5be60f02adbbf2c4720d3ccef4b1895f94226ab8cb1ae
d16f3a343130bf287f4133df00563ef80b67f7b57a18725d28175a5853b3f3bb
efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a
f476606c821fd23ba0fcae1845e3e45ae39f6040921de2d96698ad7d1e922f3e
fa11d55fb0be4b3ec38364daf4aafd5b9748611e730e70c826afb3b57cf3c0e5
fe1e2c672e6ade75e03aa0737194ceef0e22ec23d0978e4d68b0ca2665bc34de