urlscan.io logo urlscan.io
SecurityTrails logo

lightenacquired.xyz Open in urlscan Pro
2606:4700:3033::6815:2c58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bringsebony.com/AVG1jc3JGW
Effective URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176j...
Submission: On April 08 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3033::6815:2c58, located in United States and belongs to CLOUDFLARENET, US. The main domain is lightenacquired.xyz.
TLS certificate: Issued by E1 on March 30th 2022. Valid for: 3 months.
This is the only time lightenacquired.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 5.61.55.89 58061 (SCALAXY-AS)
1 1 37.252.14.91 58061 (SCALAXY-AS)
25 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
34 4
1    2606:4700:3036::6815:7ba (United States)

ASN13335 (CLOUDFLARENET, US)
bringsebony.com
1    5.61.55.89 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)
primetimetraffic.com
1    37.252.14.91 (Netherlands)

ASN58061 (SCALAXY-AS, NL)
hasoffers.me
25    2606:4700:3033::6815:2c58 (United States)

ASN13335 (CLOUDFLARENET, US)
lightenacquired.xyz
3    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2606:4700:3033::ac43:d0cb (United States)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
event.trk-consulatu.com
Apex Domain
Subdomains		 Transfer
25 lightenacquired.xyz
lightenacquired.xyz
1 MB
5 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 28461
event.trk-consulatu.com — Cisco Umbrella Rank: 74775
3 KB
3 gstatic.com
fonts.gstatic.com
52 KB
1 hasoffers.me
hasoffers.me
418 B
1 primetimetraffic.com
primetimetraffic.com
572 B
1 bringsebony.com
bringsebony.com
537 B
34 6
Domain Requested by
25 lightenacquired.xyz lightenacquired.xyz
4 event.trk-consulatu.com trk-consulatu.com
3 fonts.gstatic.com lightenacquired.xyz
1 trk-consulatu.com lightenacquired.xyz
1 hasoffers.me 1 redirects
1 primetimetraffic.com 1 redirects
1 bringsebony.com 1 redirects
34 7

This site contains links to these domains. Also see Links.

Domain
hasoffers.me
Subject Issuer Validity Valid
*.lightenacquired.xyz
E1		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-01 -
2022-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Frame ID: 5D13270F95F349BED45B6F070BBB308B
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

  1. https://bringsebony.com/AVG1jc3JGW HTTP 302
    https://primetimetraffic.com/index.php?key=94paoef2a5vsc5in4to6 HTTP 302
    https://hasoffers.me/click.php?key=nxUfcetiUw&cid=1ca22g6ikoj6o5f0&campid=1053 HTTP 302
    https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&ucli... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

97 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

1384 kB
Transfer

1526 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bringsebony.com/AVG1jc3JGW HTTP 302
    https://primetimetraffic.com/index.php?key=94paoef2a5vsc5in4to6 HTTP 302
    https://hasoffers.me/click.php?key=nxUfcetiUw&cid=1ca22g6ikoj6o5f0&campid=1053 HTTP 302
    https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lightenacquired.xyz/tmsr1/
Redirect Chain
  • https://bringsebony.com/AVG1jc3JGW
  • https://primetimetraffic.com/index.php?key=94paoef2a5vsc5in4to6
  • https://hasoffers.me/click.php?key=nxUfcetiUw&cid=1ca22g6ikoj6o5f0&campid=1053
  • https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41c66f396840ecbbbeac2fa85804c7947d0a5ecf8c3a4b61e2d5efa4b1d4c4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f8bd9071ac30cb1-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Apr 2022 14:56:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB9PPvRJscu8tGz7UnQYmt2RYaN1Tg4Nsi91mULgWnxdUsPBIHRv6J2AYpCyu%2B%2Fj%2BYBnMMROgeDWJAVAvB1LDGFvkv6y7tVpYw%2FlypISuoRXLgUYG%2ByP29LpiT8w8ZduYlym5%2FRxDY9RlcdW3TAgJW%2F0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 08 Apr 2022 14:56:06 GMT
location
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
server
nginx/1.20.2
strict-transport-security
max-age=31536000
css
lightenacquired.xyz/tmsr1/assets/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/css
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef00920864a7b591d4cbd54da6e216f3f33816448446e1035b626d28ab76d55b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
etag
"1762-5d0ce92a9df80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU0kbX8qvqhl0nGkC0IbguwH8LDoLe5iSlUtSL2xg5QHTKAUKlJZo8REhhtq%2BEn7QFdkMFgu%2Fh5rnFT25tiG8W9lHV0pjlSpgJl2BoVE%2BW1Ead5iEDIDRHM2sbzW29E1%2FN%2FjvJJrst0GEX5KdEQi7jhS"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f8bd9089c650cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5986
styles.css
lightenacquired.xyz/tmsr1/assets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/styles.css
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66ffe70a67cd3d9f2b338074647270e4221a52a7817e9c486f72517514be032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
age
7030
etag
W/"8cc3-5d0ce92a9df80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjHHRMC0btHJmSTB2YoCtiLI1eE13a%2Bxe0d%2Bu658x9%2BDSDaVv9P7Q3uvRGToqoIfoQjhvYrzr5RRQ9TYSvZJqfNcsiEPJMzofWCoA5Uc3UiK%2BNpJSIRO5y8Uqg0BibaSyVaDukoNJUKiZ%2FvYiZDEmqTe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9089c670cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
modernizr.js
lightenacquired.xyz/tmsr1/assets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/modernizr.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7792303c21b31f34ad465f616d340d7d15d77ff875ba6eabba151feed124d9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
age
7058
etag
W/"c89a-5d0ce92a9df80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAa%2BkzDr24tn%2FUulKXT4NtAjvT%2BXh5v4AsikYD%2BGJ17u%2FtURSLcwM0iRD7amjkQ8X%2BUDXFD6Zk2YzesSpXTZOpISPmT%2BFhVJBb02B5i74%2BJgEYW%2Fxady69IMq65e73XYRmyn30VRqMJkvekHjOSTTyse"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9089c690cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
domain.js
lightenacquired.xyz/scripts/ 		640 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/scripts/domain.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25a9111f56c00feb8e3b53ecae0365546939819187e48e2d632a7c71a2486e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 18:28:49 GMT
server
cloudflare
age
31
etag
W/"280-5d57adb8f5d53-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BppXnpqwW55cOU6jQV8elcTcOQn8Nz3G4lBhCRIkwuDEVRcQ6PnYg7JA7H0QaLS9mcJlzr53bjKbpv68OQ5GLi0BX94fwSZk6reGZc2A%2BNM3zuDRqJQWj0lXiZTuJ3E2K1LEEfLULL6def9g%2B9COiO%2Fd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9089c6b0cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
back.js
lightenacquired.xyz/scripts/ 		582 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/scripts/back.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd41542d0827166ee1d09579fb29986851e1b04e5296c213d6e8cbaf13d55c28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Feb 2022 12:46:21 GMT
server
cloudflare
age
7198
etag
W/"246-5d87280ba8272-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJTl7hMSFio5NeoyalwjNdpYyrOlm9WmP9MYEt5kJWoUskza0tMvwSTq3iKueWjjVhjLHX1vhR0VseLoTwxHRu4E%2BN%2BjqeGCwPkP%2FZmbP7ojWG6aEPTLANAp4fa73Cs4olbwY1Unad7mDHioBh9YMgHK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9089c6c0cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
notify.js
lightenacquired.xyz/scripts/ 		377 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/scripts/notify.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876e10d812e1773a36792f77009cfaf8a2879c612a916d850c5ba5e5d4fb5a72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 07:11:39 GMT
server
cloudflare
age
7030
etag
W/"179-5d4d077112b42-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yxk467J9oSkTs5ss3AMiE5GfkwaBIa2tDwxF1gMcywqqYlQiuH4Z%2FmrC1DUBLubdBMotYidkNYQKMXOkyAkuRsOfn8dNICoxzEGSMUkxc6UFgHeRWwXB5mZozIGGKkxvjJJ6TsC4SrKkYCg4nflvTRfV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9089c6d0cb1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us-b2.png
lightenacquired.xyz/tmsr1/assets/isp/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/isp/us-b2.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2733ecc46b8064a683ff3dddb9bb0a9a15687c4e29c2d4561b46f1a93c3c9066

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12149
last-modified
Tue, 28 Sep 2021 15:18:48 GMT
server
cloudflare
etag
"2f75-5cd0fbaef4600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB%2Blf6WGfhKGbBglcJKlaeElf6E0iy6byTu5YLssPr5Yyfd%2BAaiBMLrywD3tkHy5N2Jt01adPt%2FFLb5GRb1%2B%2FmBu29bscN5SRHHLWr0okZudzloqfA%2FMRZXxoWRA3wBcqMHsVIdp6d6TL9z0S5lN5x61"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9096d6d17a5-EWR
flaglogo.png
lightenacquired.xyz/tmsr1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/flaglogo.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1781
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
etag
"6f5-5d0ce92a9df80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcd9BjBEt3oaDfDGcZ3esvHET%2B9H5EbLdS%2BJPsmHlcoilU3uGydljoCTfOoDr2kmtal%2B3i4yE%2Bp1Yz%2BKKcOLDl7UGfRATgVAaL%2BoiHVCLoSuEnRfCIFSm20%2BQaEGb3RyDK46hJCJ%2BonSCXHNhmnapHUj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d6f17a5-EWR
icon-survey.svg
lightenacquired.xyz/tmsr1/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/icon-survey.svg
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8158484eef747442af689f28fd62113557acf3ffc3bb339bb9ae7ba76fc9e4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
age
6852
etag
W/"468-5d0ce92a9df80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7YqrBE5H%2FhtHbfWGMpY14vVNKeVGB475z1jkm%2FsNL6JdgLwBZKCK0TQsXE7EKKhcTH3Nw5qGtTLZkP0z%2Fh7pJ5pJBa9SneiROZXVAPN%2FAjHcJqlg6Ovwfg%2Fl3dkfUSnC8CZBhAvvlaS%2F8x8pmSV96ju"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9097d7017a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
macbook%20pro%2013.png
lightenacquired.xyz/tmsr1/assets/ 		741 KB
741 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/macbook%20pro%2013.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b99f8888a7241536e14e3323aa23566d4be1276b925a706ac01bb8e031cd979

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6879
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
758304
last-modified
Mon, 15 Nov 2021 07:15:26 GMT
server
cloudflare
etag
"b9220-5d0ce92a9df80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QftNzYjyuOvDv%2BgGgNb6hZlIQO1w5As6Ao7p7PYgcHq8gWr9mz9NNhdzBPojLCZpyOzg5eG%2B8DbUFvGfS8wFcbfQPtTe%2F7QFcvVGI378TbJKDMYZ5pc6lS3KDbcRGkqqo6NuqbnBsPTIufDIQyu5FTbh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7217a5-EWR
samsung%20tv.png
lightenacquired.xyz/tmsr1/assets/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/samsung%20tv.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715b02c85ccfa44bb457709e27ae35a2972a681ee6c808fb39fd7908b9b3772f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7084
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
238102
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"3a216-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0vN4UhLR8fBbnf5PKkjANGeScqatXyWr59tAlFtTd%2FT9vRVnpDJDmZKzp%2B1bvJj0F2qf%2FKRF4kiPTe3NMngRbgZlipwQ6oK8g3BF8zvD8gRUmNW9%2FYax%2F%2BSpIzk21CtC2LTmzMTxRg5DE9e9C0F9NfF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7317a5-EWR
Galaxy%20S20%20Ultra.png
lightenacquired.xyz/tmsr1/assets/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/Galaxy%20S20%20Ultra.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a6c770e32f0ebaebd33e64020309846d67c340482a2c2ff2f1085eb9246593

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
188958
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"2e21e-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6h8ogn9yPBXdA0V7KvKtCnzmXL8k4f%2F6nnxcDL165Y2RzAh50X77XBn7rsy%2FifGWvvknxbvVm5t8Har5eSabGuvokI2fAYR71%2BaYFLdwZf3jHmDEOJsZeU3VJm%2FHBdP8ich9WlwkdDtAFbRHXlnDg92"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7417a5-EWR
profile-01.jpg
lightenacquired.xyz/tmsr1/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/profile-01.jpg
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3a78cd7ad555a38f843f1ded6f10be79c9ae8d389bd205136c62ba0b8b2b57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7083
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1246
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"4de-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FVqob9oDbG2atMqHwUknqcnaIFMGxpcEhBbWAFIlV0uYJNNhPdY86MT8qCv%2BeO2i3nK9WbxkgdoLqXh98nbKSgnHk1gAMqSB9wqbuKG9%2FCeAGPYEnEyZZN3UwtRQeDMBgbYnXJd1vtE8huRE23VVeLY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7617a5-EWR
profile-2.jpg
lightenacquired.xyz/tmsr1/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/profile-2.jpg
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d17cc041bce983812a1ed0394dad4aace136531172c6bc762fa2a08043837f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4256
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"10a0-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ9ZPAgH%2FHdr9otHLK2ZjrwuBaMwc0NYNa%2FMe8bacwYbOAOC2wvzMArCdNHdAmvLoGhnmkLzKuuJz7f4TkyAkH71an1nf1%2Bqfp5Hijxr%2Bgl5J23D4vXAd0yqqhg1DfJ6nlwNZVUKaeQP5VmZw4%2FsND95"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7717a5-EWR
badge-satisfaction.png
lightenacquired.xyz/tmsr1/assets/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/badge-satisfaction.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bddbe554b816b913dfec666fdf0c5b1f852c89dd4240d8002b522082fb9ded

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12753
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"31d1-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPo9hkf8ENGfvlWkztjNthBfQ9xqiyjH2DiETHNqDfgQ0eYIiPBnUUs2SgDQac380df%2FwMP69uKyQwmb5%2FNjHZT4pGTSYodGc2QdK1JFfcOYxSIuLkyXqH%2BOb9MrGHArdAad7YWkmX7%2F8GA3Da3BJDqW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7817a5-EWR
badge-secure.png
lightenacquired.xyz/tmsr1/assets/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/assets/badge-secure.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac896f3146ba15d30ddb81b069b3ff306cf2b721180c5f8055bc081221b85b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11314
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
etag
"2c32-5d0ce92b921c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKR73LNFSMONIkz5pd63gixUbhitp0OQvNJ71t6Plwxsk2mHV5wrV71yfdcS0IlDoG7lgVd1mnuWkqeiYuhfduWFRYaKCyEkAyWakwsqQj2hYT10Nw5NGDjV9%2BilVVx7MxqGkbjWbf8UVYwjxMcrri2d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd9097d7917a5-EWR
jquery-3.3.1.min.js
lightenacquired.xyz/tmsr1/assets/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/jquery-3.3.1.min.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:27 GMT
server
cloudflare
age
7149
etag
W/"1538f-5d0ce92b921c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=356TZhb%2FxMgGANrfZf1B09e32ki7dYn2r%2F6C4GY98Hco2hqyjM6qtE8uxRiqbM2vfSIjIrVwhy8LckaG%2Bw7UqFNqoeWxFwNNeuIGUyLLPNOVKcFHix6S93ebniwXdfydSl51gq%2Fa4auTU2JMbQHRBcUt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd908dc9617a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
svg4everybody.min.js
lightenacquired.xyz/tmsr1/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/svg4everybody.min.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:28 GMT
server
cloudflare
age
6852
etag
W/"768-5d0ce92c86400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwHUKq%2BchlSoA9%2FsvYMmJO1QIO7q7irwQWv2LP2iSLuUU2okOehkfYe%2F31pA0fGeu5xLYfH%2FJ5zmAhiyQEAcD7PR%2FuH0pnYLR%2BPHA3Tr0lSD8X3uWmyIqS061o7TuqugHfu4PCn2yJeTK2R16%2B%2BDRfBL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9092d1117a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
init.js
lightenacquired.xyz/tmsr1/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/init.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed22d4b0142c44b4a63a3c232110e6d8360126550ac7101c4d237021fd0b7b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 07:15:28 GMT
server
cloudflare
age
7085
etag
W/"95c-5d0ce92c86400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdOGOwZTVze4m3REsRPNtowjucDOYq4UAN1hbb%2BgTP1XG53Rsl7h8gyIOt20Wxxd2UEz8vhccheqJJD5ZhpSxC75kGqaT%2BmpImlpwynryEc2YErhjnAl7XFAO7Uq8cM7lBXbPnmUD2p2vKFlH5kNQVNV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9094d2c17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
offer_vzn.js
lightenacquired.xyz/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/scripts/offer_vzn.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d1da2bfdb4156e1009e4fd554ca45c3404de13c35d26b165e537d7c8b769c09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 07:23:43 GMT
server
cloudflare
age
7085
etag
W/"10fa-5db42312e5dc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Z%2BPiYILiIoPU%2Fm3jCglPR2g2TE3t%2Bp5L2fZOlU5oJU0HxBHr0Qq%2Fu3HG9MVoRt%2Fr3T8ba1WqwOGg3s7%2B2fUAOxWAjag2grtPFU6TcRfAYlC8RbitpTJNmH9saFqCM4ak4sAc86Ujbd9voyCU4xAQZt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9096d6817a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.js
lightenacquired.xyz/tmsr1/assets/ 		951 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/assets/custom.js
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f58e412e93567521af06003d7d56baf74db643ed36a6eb8c2a940b2fb128045

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 09:31:58 GMT
server
cloudflare
age
6852
etag
W/"3b7-5d0d07af1df80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9fOoLLvUrqqgpiVe3rDx1QVDcYc2nXo6OMiC1n6CFBNf98cdKI8%2BzLDWolA%2FjmOMnPICFl6UXEXyt6uF%2BRleJNBFxRMBoBT%2FqmXMC1e%2Brfl9kKj4akCUvFzwNn9UgyxJIOtsHgp6edVcPfcerdxa%2FoE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9096d6a17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/assets/css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightenacquired.xyz/
Origin
https://lightenacquired.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Tue, 05 Apr 2022 13:46:46 GMT
x-content-type-options
nosniff
age
263360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 13:46:46 GMT
48epxpqd5x
trk-consulatu.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=lightenacquired.xyz
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/scripts/notify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434d9c3488756c8c326cc4bf0a0831b895a7687fee34a2b970a2511bc7453513
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgYFPgqdVR%2BPbHr%2FH2RmSpoHHEeoUmltD6UlUkPoQhzEnNNuZWmHnUuddoSLbWfcAFJnh1V94A7EE%2Fqa6qoq2PjCsZBE%2BpImTVb6s3FqUrrSL%2FqpRMEpeBhfP1da7wsUKKCkFYwDiVuYacwNLNce0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
6f8bd909ca130c9d-EWR
expires
0
icons.svg
lightenacquired.xyz/tmsr1/icons/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lightenacquired.xyz/tmsr1/icons/icons.svg
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590e2796f2345351966ce7398f8bf3bcbae960f7e0e85a8f25ee77393cbdb69a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 16:52:35 GMT
server
cloudflare
age
6852
etag
W/"1a9c-5ce168e445ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1iC5TUnyglBFOqNOtIFPCwHoYlHsvXFL%2Bg8SSeadL8PyZjHoJhIpHA%2Fbiqy89fuV0anvLOEOYc3IWYNEK0HjABI84ZD18w0PeuKart%2BTA7YD1%2FdErwnmAgKPoPwRFMILJtVyXgHsKIcAll7KwT2HAha"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f8bd9097d7a17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-star.svg
lightenacquired.xyz/tmsr1/images/ 		281 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/tmsr1/images/icon-star.svg
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/assets/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a18596096299c24be063ab33982439bfcc7dee568c51e04f51f3d827b4471f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/assets/styles.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
171
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L05PRwua4ERgEnNHJ%2B6LxMsFZq3uJcOAvKkza2JuxuyvJc2Oc45%2F1G41DB9i2VYXAu7XDclEOBATaFdGR5zVF6G%2BcvU6fx4R6vIpa0k4%2BPI%2B1%2B%2FKwT38QHLA%2FSVhd0gWhAgU2oESaRtepBJ4c1ICCAMD"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6f8bd9098da017a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/assets/css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightenacquired.xyz/
Origin
https://lightenacquired.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Thu, 07 Apr 2022 08:30:30 GMT
x-content-type-options
nosniff
age
109536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Apr 2023 08:30:30 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/assets/css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightenacquired.xyz/
Origin
https://lightenacquired.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Thu, 07 Apr 2022 08:07:05 GMT
x-content-type-options
nosniff
age
110941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21080
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Apr 2023 08:07:05 GMT
applewatch.png
lightenacquired.xyz/scripts/products/__newproducts/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lightenacquired.xyz/scripts/products/__newproducts/applewatch.png
Requested by
Host: lightenacquired.xyz
URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a8c5c224fb78634cc12560bbdedf5d4a6ef601bbf46002b3f96d3d2b026f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date
Fri, 08 Apr 2022 14:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43904
last-modified
Mon, 14 Feb 2022 07:19:27 GMT
server
cloudflare
etag
"ab80-5d7f53c965dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brWeIxQ2fxdVDsHfjgipbFazZnlwKCxUvZbESHvs4LtNDoV%2BeZvUl%2BctY5bHXqyYwAB8e2ETfMjNSQpBWqQwAegCJc%2FpTgzflaE3vG%2BtO8J8BkHVR4Qs6bwUnjQcS4wEKYDFQTTfTxeyJqV1Mt2SLXl4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f8bd909cdf217a5-EWR
service-worker.js
lightenacquired.xyz/ 		0
0
yld80jxnem
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80jxnem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightenacquired.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lightenacquired.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f8bd90bbd668cb9-EWR
content-length
0
date
Fri, 08 Apr 2022 14:56:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79axPo81SZlAVZPEDeOPA%2Bi1lJO0LyDPiunfPT4dmImqZ3jbZOGdo7sGWGUNcVkY4m2U9c%2BTWJC4NonceDKQPBMN55RFjg3tCgHIYOjGa7qvgYYvaOABUquj3Y5fsfobb%2FL0vhWxvBtgifdd%2FAEKsVJSHwiLDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
yld80jxnem
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80jxnem
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=lightenacquired.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lightenacquired.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15
Content-type
application/json

Response headers

date
Fri, 08 Apr 2022 14:56:07 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54xc6C2iSc8Q2AVMcEubKmh8zFgiOnbM8BgMD%2FMjuomviysclcdtr3BoOrDhmC0jegSaqL%2BlihDcsIct443buqEEIoBvvAiKHrihkU%2FPgmHXUN%2F%2B4WApnZCfwrFBNvCXZdaGlZDG6i49MNfOfsV6KUjLKlKQkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://lightenacquired.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
6f8bd90c2ae31869-EWR
x-pushplatformapp-params
yld80jxnem
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80jxnem
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=lightenacquired.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lightenacquired.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15
Content-type
application/json

Response headers

date
Fri, 08 Apr 2022 14:56:07 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47o6q4Cyb3nvdrSoe4v8Aa1VjU3U4IOgl2XxRDTeJcgmgy6ECObRaTzlkShL8WwripVAc30Qa3uVZgje2Him4spQmBsvVM27k9m55ptOg7KnyqXAG3AFDpKsOMQJPjuoHQHlZBhFNvjM849m8o1NGJCwiL1HyA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://lightenacquired.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
6f8bd90c2ae11869-EWR
x-pushplatformapp-params
yld80jxnem
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/yld80jxnem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightenacquired.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lightenacquired.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f8bd90bbd698cb9-EWR
content-length
0
date
Fri, 08 Apr 2022 14:56:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okmVsWrSTGfet56zc0mwz5xz7XUqvqwrB8MlC6N9M1%2BldPCo5FTAEeVb1PAT%2FJpmWrl6Eyq5Mi6tCI9XQV98dxlsNcnd1IdqIdg4Yt8prOuQACVnbkiTSPgWfx3pJxUWfaXHDfF%2Fan6KNMTDPMz8RjUveyrUOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lightenacquired.xyz
URL
https://lightenacquired.xyz/service-worker.js

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| months object| days object| time object| d string| dateNow function| socle object| html5 object| Modernizr function| getURLParameter object| x function| $ function| jQuery function| svg4everybody function| getUrlParameter function| getContext function| category object| context object| prodName object| prodImage object| commentImage object| productDesc function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Domain/Path Name / Value
primetimetraffic.com/ Name: uclick
Value: g6ikoj6o
primetimetraffic.com/ Name: uclickhash
Value: g6ikoj6o-g6ikoj6o-2te2-0-4k-e8-g6-20911e
hasoffers.me/ Name: uclick
Value: 176jejwf
hasoffers.me/ Name: uclickhash
Value: 176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6

2 Console Messages

Source Level URL
Text
network error URL: https://lightenacquired.xyz/tmsr1/images/icon-star.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://lightenacquired.xyz/tmsr1/?oid=34&dom=hasoffers.me&lpkey=16b8495343d6005d66&uclick=176jejwf&uclickhash=176jejwf-176jejwf-tw-0-gxwj-k23y-ir8n-1965b6
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bringsebony.com
event.trk-consulatu.com
fonts.gstatic.com
hasoffers.me
lightenacquired.xyz
primetimetraffic.com
trk-consulatu.com
lightenacquired.xyz
2606:4700:3033::6815:2c58
2606:4700:3033::ac43:d0cb
2606:4700:3036::6815:7ba
2607:f8b0:4006:820::2003
37.252.14.91
5.61.55.89
0b99f8888a7241536e14e3323aa23566d4be1276b925a706ac01bb8e031cd979
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ac896f3146ba15d30ddb81b069b3ff306cf2b721180c5f8055bc081221b85b0
1b3a78cd7ad555a38f843f1ded6f10be79c9ae8d389bd205136c62ba0b8b2b57
26bddbe554b816b913dfec666fdf0c5b1f852c89dd4240d8002b522082fb9ded
2733ecc46b8064a683ff3dddb9bb0a9a15687c4e29c2d4561b46f1a93c3c9066
434d9c3488756c8c326cc4bf0a0831b895a7687fee34a2b970a2511bc7453513
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4f58e412e93567521af06003d7d56baf74db643ed36a6eb8c2a940b2fb128045
590e2796f2345351966ce7398f8bf3bcbae960f7e0e85a8f25ee77393cbdb69a
715b02c85ccfa44bb457709e27ae35a2972a681ee6c808fb39fd7908b9b3772f
7d1da2bfdb4156e1009e4fd554ca45c3404de13c35d26b165e537d7c8b769c09
876e10d812e1773a36792f77009cfaf8a2879c612a916d850c5ba5e5d4fb5a72
8d17cc041bce983812a1ed0394dad4aace136531172c6bc762fa2a08043837f7
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d
b25a9111f56c00feb8e3b53ecae0365546939819187e48e2d632a7c71a2486e7
b4a18596096299c24be063ab33982439bfcc7dee568c51e04f51f3d827b4471f
b66ffe70a67cd3d9f2b338074647270e4221a52a7817e9c486f72517514be032
c0a8c5c224fb78634cc12560bbdedf5d4a6ef601bbf46002b3f96d3d2b026f38
c41c66f396840ecbbbeac2fa85804c7947d0a5ecf8c3a4b61e2d5efa4b1d4c4d
c5a6c770e32f0ebaebd33e64020309846d67c340482a2c2ff2f1085eb9246593
c7792303c21b31f34ad465f616d340d7d15d77ff875ba6eabba151feed124d9f
c8158484eef747442af689f28fd62113557acf3ffc3bb339bb9ae7ba76fc9e4a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd41542d0827166ee1d09579fb29986851e1b04e5296c213d6e8cbaf13d55c28
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
eed22d4b0142c44b4a63a3c232110e6d8360126550ac7101c4d237021fd0b7b1
ef00920864a7b591d4cbd54da6e216f3f33816448446e1035b626d28ab76d55b