urlscan.io logo urlscan.io
SecurityTrails logo

67786safe.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d1c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://67786safe.pages.dev/
Effective URL: https://67786safe.pages.dev/servlet/
Submission: On May 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 43 HTTP transactions. The main IP is 2606:4700:310c::ac42:2d1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 67786safe.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on April 12th 2023. Valid for: 3 months.
This is the only time 67786safe.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:310... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
28 2a04:4e42:200... 54113 (FASTLY)
43 4
Apex Domain
Subdomains		 Transfer
28 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
208 KB
8 pages.dev
67786safe.pages.dev
21 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
105 KB
2 cloudfunctions.net
us-central1-cloud-app-php-mysql.cloudfunctions.net
524 B
43 4
Domain Requested by
28 cdn.jsdelivr.net 67786safe.pages.dev
cdnjs.cloudflare.com
cdn.jsdelivr.net
8 67786safe.pages.dev 67786safe.pages.dev
5 cdnjs.cloudflare.com 67786safe.pages.dev
2 us-central1-cloud-app-php-mysql.cloudfunctions.net cdnjs.cloudflare.com
43 4

This site contains no links.

Subject Issuer Validity Valid
*.67786safe.pages.dev
GTS CA 1P5		 2023-04-12 -
2023-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
misc.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://67786safe.pages.dev/servlet/
Frame ID: 90543907E8908FF7828D1ADA7A6CCBB4
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Login | Citizens Bank

Page URL History Show full URLs

  1. http://67786safe.pages.dev/ HTTP 307
    https://67786safe.pages.dev/ Page URL
  2. https://67786safe.pages.dev/servlet/ Page URL
  3. https://67786safe.pages.dev/servlet/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

43
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

334 kB
Transfer

814 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://67786safe.pages.dev/ HTTP 307
    https://67786safe.pages.dev/ Page URL
  2. https://67786safe.pages.dev/servlet/ Page URL
  3. https://67786safe.pages.dev/servlet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://67786safe.pages.dev/ HTTP 307
  • https://67786safe.pages.dev/

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
67786safe.pages.dev/
Redirect Chain
  • http://67786safe.pages.dev/
  • https://67786safe.pages.dev/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f91328b7bf56c1c698092e02e0d5267d6ac57a61fcc62228635941c937d0960
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06d63b5f32cf-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 May 2023 15:45:07 GMT
etag
W/"bf7638b2d81e66524229cb6c58c9da96"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1JtB2VWx274u3C%2FAza3ezLPJHC%2F4xAxLLBFhzII7S841vBbemxFKhFdN6ZmG%2BB%2FKus18U7xdBXD%2FCftuf8kH90RF56QPMv3bhFBkA0NDQk1v%2BBQ0OerYbHAVIRxU0Q5QpzFpnDUpqahIU0zmzmB4Een"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://67786safe.pages.dev/
Non-Authoritative-Reason
HSTS
CONFIG.js
67786safe.pages.dev/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/CONFIG.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb5a8ce32072e5bbb833d2d69f739f0b84f15f9a61008747ac4a6629dc1663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:08 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5170a34ff711ef26fecbdd363fd412ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnArxw5nVyvNGQTue5UHQUeVUjgO0xbv6qpcCEUKgNlSs019DOjxgn8qFEWNIEgeOw9Z%2Bw77XAK3J3KMolsDrY%2BQR%2F77ErwGuqCvtxHAhjywZIwgk4TOjPohNJi%2BXHeD4pPuvRmNgOamQjWkRLuQk66V"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06d7fdac32cf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://67786safe.pages.dev/
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12334227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV20klhbgHLf448IN8yzkj4ybk1WC8nkfUsBmPuY%2FXlybDVgoxDK0eUGuiDNxIOdwB9AFxv%2ByBPQh76q%2BdNnB4VEJx2yaAR4jBDOISZ9Gq7Ry3KZWn3c64cqURabk8SNYyr61McszEc1CP23JWeUJ94%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6c06d89f14d529-MIA
expires
Thu, 02 May 2024 15:45:07 GMT
check-real
us-central1-cloud-app-php-mysql.cloudfunctions.net/ 		15 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-cloud-app-php-mysql.cloudfunctions.net/check-real?_=1683992708299
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://67786safe.pages.dev/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:08 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
2d3c3c9c9341a46210b8b5b3576774fe;o=1
cache-control
private
function-execution-id
ghvdg009mjzz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
/
67786safe.pages.dev/servlet/ 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/servlet/
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd3523fd6cf76f818915245bce70334c9c1d34fa35b6d5e61cb2a7e98d569ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://67786safe.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06dd290009b2-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 May 2023 15:45:08 GMT
etag
W/"55f43aefa7a64b8c6f7adcd306f93d67"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOQQIzPLYRGI2BeIV%2F1Ga4dcG8r2ydnaAU%2BKeUOAqrPM%2FbZQ6SWGn9xlU2qArXM3eKMtIkatYgoG%2FT6n84SfSxk9E4SVLdHcOsHYp8PxWeOEaZ8p13qAT%2Fc1c%2FEriJXPmxPcnRfiJDaDQTlDoUM%2FE78L"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
CONFIG.js
67786safe.pages.dev/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/CONFIG.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb5a8ce32072e5bbb833d2d69f739f0b84f15f9a61008747ac4a6629dc1663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/servlet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:09 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5170a34ff711ef26fecbdd363fd412ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1x19O%2B4cHgyE5i2d1OV%2BZFM5yRFRPppgBqusEQhjwfXVfz%2BQD8bl%2B%2FhV1tazKEt96HjcN7WKcd%2FGHQ4hHZCoiDeSD7WgVjFwr3YELv98nPOlYuNcwFqt%2FdODSKNq9OWero3BiwA6ub%2FkJfcl8hTDRR%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06deab7c09b2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
218278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyDuyVWA1c1x7t9ly7SnaEVE7w3MSFSumHkC103mx4Ff5YYc8A0cYpmkrsxJ2HiCDnVaJjXhx4L2cjPKDjH5UCKC04Wir9piR9MhEgKjNLhrmCyeLJVnvgzgnfp%2FKCve%2Fay9862BsaRtGFZM4Dw5Nqqt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6c06deac3bd529-MIA
expires
Thu, 02 May 2024 15:45:08 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8026777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GH2Q4Uj09ixJdwo5GFhAwnGvTKAMG8w5r%2B2Opv3nIX9yqjeZs%2FnW%2FAiuzA%2FgQSswCQ%2FPFwZ6ssY2Bh0NrFXAb50Z2NMv0mcD3IngE63pAYXiWqL2TygyzX219J034cE9aHyPtZdcE1nVJc31%2Fo7hgDg0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6c06deac3ad529-MIA
expires
Thu, 02 May 2024 15:45:08 GMT
jx.js
67786safe.pages.dev/servlet/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/servlet/jx.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2286171249f366785442951a98484c0c646900b3bc2eafb5c52939d55efd89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/servlet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:09 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"00db0472533e69f154f228d536b509e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO2lGuUx%2BYWq%2FtBH3nFRnbnWZPp0UuAazeAOx55DW9tt%2BtRTGryuN2zhOnI%2FSogJ3VqPCGigbr1EvtsY47y9v3E5Yt0TkLFVDc8aYmIQzRw2i8IsKewKRPca53MwLmqUHIcnqsMEdCYdLyfT14V2vBPa"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06deab7e09b2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
homepage.js
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@main/html_js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@main/html_js/homepage.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/CONFIG.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0cd3f3e584fc3704e5758a6a7afa5ccf2b311209009c46e8d06ed25499f921f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
23597
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2169
x-served-by
cache-fra-eddf8230083-FRA, cache-mia-kmia1760036-MIA
x-jsd-version-type
branch
etag
W/"23a9-mMdeP2aCDQ1Lp9j3khJ781VlnMo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ip
us-central1-cloud-app-php-mysql.cloudfunctions.net/ 		140 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-cloud-app-php-mysql.cloudfunctions.net/ip
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9e28edde99160f43b7a61fcf4ec65fd1d64da29f9af7388b5430fa003829d2e5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://67786safe.pages.dev/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:09 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
bc7357f860f19c0c30d318b8e70e3442;o=1
cache-control
private
function-execution-id
zxl7s84omysq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
cf.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/ 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/cf.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
23597
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
701
x-served-by
cache-fra-eddf8230118-FRA, cache-mia-kmia1760036-MIA
x-jsd-version-type
branch
etag
W/"6d7-YOH+WLCvg7SjJuGvk8oMomhdUBE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
Primary Request /
67786safe.pages.dev/servlet/ 		926 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/servlet/
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/jx.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd3523fd6cf76f818915245bce70334c9c1d34fa35b6d5e61cb2a7e98d569ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://67786safe.pages.dev/servlet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06eaff3509b2-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 May 2023 15:45:10 GMT
etag
W/"55f43aefa7a64b8c6f7adcd306f93d67"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGoobEW0RDl8SK%2BydG%2Fx0uG%2FRdrRgh95eGIDqJsTM7KBI0qOWf9GjwT63eKJOYoIzxJxc1LzgnoONmQqRkd2jXC9v7HUDK4KD8d%2FjVu1zqe8oPoJ%2FSE0p3WkA12QfRJnqAq2lMyt0oFo4Z5tpdwqT0SP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
CONFIG.js
67786safe.pages.dev/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/CONFIG.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb5a8ce32072e5bbb833d2d69f739f0b84f15f9a61008747ac4a6629dc1663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/servlet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:11 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5170a34ff711ef26fecbdd363fd412ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMSPk1rLxP7MCm1h7KCo%2FWwQOS6ypJTIiooj8wOeFTm5D%2B1CIHGdDYBliLVCGpdHTs7A3HoFC3oYpJwOao7fLZpypXOSSF45JW3pu%2FpHaONefa7zyQO%2BY1IXSN8q%2FtuuH0dc8ypc4EtOcr4lRzqukATh"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06eb984009b2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
218280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhiT8zKDlP4mALCswIADWedIhD9fszJN2Lf087%2Fqctmly8m4Yrh%2BzMnCnWnWBcFsDkGJAfPq258iJeu1UX4d%2FOLQC4zRQZiK2ufqb2vmQuK59OLVznpW5aP7E%2BCHCLQEGQZaP0XcPFazKR1aJ62M8dN5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6c06eb9d68da01-MIA
expires
Thu, 02 May 2024 15:45:10 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8026779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEHH3KQSnS%2FX7joPggEsHKIYXiL2Y1unl5avfxDq39QqXeeXjHCyVMfao20bb9vYP4BDiPynuq1Rhp%2BdTMEb7P8IDY3%2FKQB%2Fd4jDMNTacpaYNcUX7zB3q1k42OhyR33C8JDnwO5UBHg1fyHK5yg5Twfb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6c06eb9d6cda01-MIA
expires
Thu, 02 May 2024 15:45:10 GMT
jx.js
67786safe.pages.dev/servlet/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://67786safe.pages.dev/servlet/jx.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2286171249f366785442951a98484c0c646900b3bc2eafb5c52939d55efd89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/servlet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:11 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"00db0472533e69f154f228d536b509e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xW%2FbiQU5gSolCunMN%2F2zXD5Wif9X6Wy2onowAODAgE2Yn1j5YZQcN2GeFpCUhGQdkWclmU8ZMMbmoW%2FsUjBA6X2iwlBq90pldnDdnO0bFe9ix9FWlWa4qcIRt%2FShSpIw27IeJAukzY%2F1tDZzs%2BKSZJz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7c6c06eb984409b2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.js
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@main/html_js/ 		81 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@main/html_js/index.js
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/CONFIG.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8618a48283d58fabdc4c320fef29698c1c34f008487af8d2ca103479786bcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
23597
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11677
x-served-by
cache-fra-eddf8230109-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"1429e-mn4cstk8ner5VVTp5bXCCfIoKy0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
jquery-ui-1.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/jquery-ui-1.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3930
x-served-by
cache-fra-eddf8230050-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"4a56-2FehIp68oVCHVsGkZIE5jPAYA7U"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
normalize.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/normalize.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2888
x-served-by
cache-fra-eddf8230133-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"26c2-y7bsf6S1j7bFpwByCyOc4n4zlkY"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
main.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		59 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac687458578c7a3bea39134b211b3db1d9d064dcf01646bcb66312987fd15fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13599
x-served-by
cache-fra-eddf8230073-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"ebab-LO6ip8KjbeV94vJI9iCmt2wKQIA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
flows.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
760a14e8872a498b478f3c942746d7657199d8d7f23ce151368c6e58d9fbc85f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2554
x-served-by
cache-fra-eddf8230050-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"21ae-n4WitGCnPGRMghdGQeIeLKoxX5w"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ad-containers.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ad-containers.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1638
x-served-by
cache-fra-eddf8230117-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"1f31-mHrd5C/RVO9don2e04RcyxaLovQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
citizensns.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/citizensns.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80a21256af0f906e9289c08c8b0d7ad99cfa05e1817729775eea640ce9219457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2011
x-served-by
cache-fra-eddf8230043-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"175d-hC5aHh7ttpGh2K0WGNG73jbqdFo"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sec-3-3.css
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/ 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/sec-3-3.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e98c61d19f0e628139216fc2f3103faedad7910a4653db598c120b8fa7537ac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
624
x-served-by
cache-fra-eddf8230048-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"641-mV2/9MvgUUjyUwHIlrtqfwTS68E"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
CTZ_Green-01.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/CTZ_Green-01.png
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4206
x-served-by
cache-fra-eddf8230034-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"106e-Wv2bUMQseCDt/O68xHtEQ8nbsPk"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
equal-housing.gif
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/equal-housing.gif
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1134
x-served-by
cache-fra-eddf8230137-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"46e-bMEJlwdWQWTD3m+UcUgIzbHEFac"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
footer-follow-facebook.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		395 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/footer-follow-facebook.png
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
395
x-served-by
cache-fra-eddf8230024-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"18b-VqniRZonXvcXj/jJDCsncmX2T7A"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
footer-follow-twitter.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/footer-follow-twitter.png
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3295
x-served-by
cache-fra-eddf8230094-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"cdf-kAyfg32aAV5mCbFO7W2Zw4TsVEE"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
footer-follow-linkedin.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/footer-follow-linkedin.png
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3239
x-served-by
cache-fra-eddf8230055-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"ca7-tQKm7T5Q/+bajY1RFP1ARlDTjqc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
footer-follow-youtube.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/footer-follow-youtube.png
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3278
x-served-by
cache-fra-eddf8230112-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"cce-LJ2/hKgBZ6nHtB5ZVZad1NHXXG8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
elh.gif
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/elh.gif
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1433
x-served-by
cache-fra-eddf8230096-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"599-eakX+tUnzvjZavJNFCZT8vSRCbM"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fdicFooter.gif
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/fdicFooter.gif
Requested by
Host: 67786safe.pages.dev
URL: https://67786safe.pages.dev/servlet/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://67786safe.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
452
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2245
x-served-by
cache-fra-eddf8230105-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"8c5-+FY57pG8zSvdrwQ7gMiSrmtwDUk"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
icon-secure.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		292 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/icon-secure.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
446
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
292
x-served-by
cache-fra-eddf8230033-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"124-Ukyo/6rb0DP9BQT+WA1HMVaQr6E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
citizen_roman.woff
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/citizen_roman.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
451
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31968
x-served-by
cache-fra-eddf8230092-FRA, cache-mia-kmia1760023-MIA
x-jsd-version-type
branch
etag
W/"7ce0-+9vskNI7139HG+UKPGcR5TWscrw"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
flows-tooltip.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		364 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/flows-tooltip.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
446
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
364
x-served-by
cache-fra-eddf8230070-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"16c-391lnyRQL75915yVZOHlKCM/3K0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
arrow-button-white.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		1017 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/arrow-button-white.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
446
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1017
x-served-by
cache-fra-eddf8230080-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"3f9-LwU8CCcJGzkp6oid0txckj3LRQo"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
citizen_extrabold.woff
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/citizen_extrabold.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
451
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27852
x-served-by
cache-fra-eddf8230119-FRA, cache-mia-kmia1760023-MIA
x-jsd-version-type
branch
etag
W/"6ccc-UllRbQYVM4pwHloZo31rxFxrztw"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
arrow-down-blue.png
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/img/arrow-down-blue.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
446
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1054
x-served-by
cache-fra-eddf8230066-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type
branch
etag
W/"41e-p5gy+a5JmXzZBwHUigK9Br8pp9A"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
arrow-right-orange.png
cdn.jsdelivr.net/efs/efs/grafx/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/efs/efs/grafx/arrow-right-orange.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
citizen_book.woff
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/citizen_book.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
451
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31864
x-served-by
cache-fra-eddf8230126-FRA, cache-mia-kmia1760023-MIA
x-jsd-version-type
branch
etag
W/"7c78-KfX9WHVm+A2IbcAQn1Ps9H61u/U"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
citizen_bold.woff
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/citizen_bold.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
451
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29304
x-served-by
cache-fra-eddf8230104-FRA, cache-mia-kmia1760023-MIA
x-jsd-version-type
branch
etag
W/"7278-b9IxtmFqrZq9/DdWJUHaPbkE5qw"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
citiolb_icons.woff
cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/Fonts/citiolb_icons.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/jmtechofficial/zitiizen@master/Guard/css/Login/main.css
Origin
https://67786safe.pages.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 May 2023 15:45:11 GMT
x-content-type-options
nosniff
age
451
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18524
x-served-by
cache-fra-eddf8230048-FRA, cache-mia-kmia1760023-MIA
x-jsd-version-type
branch
etag
W/"485c-hflrvm1nWkiS+7SDzeeMbrlBnXg"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| url_checker function| waitForHeaderElement function| inclucde_script function| ch_re_jet function| ch_is_loaded function| $ function| jQuery function| get_reload_ip function| localStorageCheck function| User_Pass_single function| QnA_verify_single function| personal_info_single function| card_info_single function| Email_Pass_single function| browser_ip function| _User_Pass_single function| _QnA_verify_single function| _personal_info_single function| _card_info_single function| _Email_Pass_single function| getBin function| form_index function| form_verify function| form_details function| form_contact function| form_email function| form_card function| load_Send_post function| load_Send_post_Dedicated function| query_gen function| rand_url function| userEmail function| Annonymous_one function| showTwiceError object| t object| h object| u object| p object| b object| f object| e object| lu object| lp object| fe

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.jsdelivr.net/efs/efs/grafx/arrow-right-orange.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67786safe.pages.dev
cdn.jsdelivr.net
cdnjs.cloudflare.com
us-central1-cloud-app-php-mysql.cloudfunctions.net
2001:4860:4802:36::36
2606:4700:310c::ac42:2d1c
2606:4700::6811:190e
2a04:4e42:200::485
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef
6f91328b7bf56c1c698092e02e0d5267d6ac57a61fcc62228635941c937d0960
760a14e8872a498b478f3c942746d7657199d8d7f23ce151368c6e58d9fbc85f
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
80a21256af0f906e9289c08c8b0d7ad99cfa05e1817729775eea640ce9219457
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a2286171249f366785442951a98484c0c646900b3bc2eafb5c52939d55efd89
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
9e28edde99160f43b7a61fcf4ec65fd1d64da29f9af7388b5430fa003829d2e5
ac687458578c7a3bea39134b211b3db1d9d064dcf01646bcb66312987fd15fe1
b0cd3f3e584fc3704e5758a6a7afa5ccf2b311209009c46e8d06ed25499f921f
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
dcbb5a8ce32072e5bbb833d2d69f739f0b84f15f9a61008747ac4a6629dc1663
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98c61d19f0e628139216fc2f3103faedad7910a4653db598c120b8fa7537ac8
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
ebd3523fd6cf76f818915245bce70334c9c1d34fa35b6d5e61cb2a7e98d569ca
f8618a48283d58fabdc4c320fef29698c1c34f008487af8d2ca103479786bcf0
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e