mtcarpg.com Open in urlscan Pro
2606:4700:20::ac43:4b38  Malicious Activity! Public Scan

Submitted URL: http://www.mub.li/fML6s/
Effective URL: https://mtcarpg.com/CITIZEN/login/ses/index
Submission: On May 24 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::ac43:4b38, located in United States and belongs to CLOUDFLARENET, US. The main domain is mtcarpg.com.
TLS certificate: Issued by E1 on May 16th 2022. Valid for: 3 months.
This is the only time mtcarpg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
28 1
Apex Domain
Subdomains
Transfer
28 mtcarpg.com
mtcarpg.com
185 KB
2 mub.li
www.mub.li
2 KB
28 2
Domain Requested by
28 mtcarpg.com mtcarpg.com
2 www.mub.li 2 redirects
28 2

This site contains links to these domains. Also see Links.

Domain
investor.citizensbank.com
Subject Issuer Validity Valid
*.mtcarpg.com
E1
2022-05-16 -
2022-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://mtcarpg.com/CITIZEN/login/ses/index
Frame ID: 77E852CDDAF22378544DDDE0EA68F224
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Online Login | Citizens

Page URL History Show full URLs

  1. http://www.mub.li/fML6s/ HTTP 301
    http://www.mub.li/fML6s HTTP 301
    https://mtcarpg.com/CITIZEN/login/ses/index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

185 kB
Transfer

255 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mub.li/fML6s/ HTTP 301
    http://www.mub.li/fML6s HTTP 301
    https://mtcarpg.com/CITIZEN/login/ses/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index
mtcarpg.com/CITIZEN/login/ses/
Redirect Chain
  • http://www.mub.li/fML6s/
  • http://www.mub.li/fML6s
  • https://mtcarpg.com/CITIZEN/login/ses/index
24 KB
8 KB
Document
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9fc332d173735dd2b9c62efbef88dc4fbc4510443c5cff3a91dc6c6e5eef28b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
710272f5f89d9238-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 24 May 2022 02:02:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHdC21yfa1jm7sDgmdnA8HW0S%2BaKFlh9kTHAC7ZrizdQMToQ%2BBLLfHlZQYmMXTBMdynt3eRSwB4eVO16BR0hPHfgQAc0Qf%2FmOkHw1nW%2BFjTmbZufR4ffBDbp9lawslxQBQlmRmQNifcc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
710272f43972910a-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 May 2022 02:02:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikjv48Gt%2BbVn42YMw2tAK2RY1WfBPuwohzQc1iNesM6j6ua84tXiOixj68L5ca4rxFwbCPhQHOD8g8ZLzPxZXuMka2BYNfTVakhyLeTDvzNmxnnuSEx1TmK%2BY0tiRfsiZUB1CjFvuNE%2F"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
expires
-1
location
https://mtcarpg.com/CITIZEN/login/ses/index
vary
Accept-Encoding
jquery-ui-1.10.3.custom.min.css
mtcarpg.com/CITIZEN/login/ses/files/
19 KB
4 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/jquery-ui-1.10.3.custom.min.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 10:24:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1HdgaP%2BYVwFl5ZsgGQQevbsnrlTsRJF7rDDKOD1RuGaQM8SrG6NDGfomMjQLBaWrdbiK4tHhqwVSifpd3KYP90DcrffGf%2FSj%2FCKh2XT6bVVABf4lfN5OjgNrGAMvk6840ECt7%2F1ua%2Ff"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
710272f87abc9238-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
normalize.css
mtcarpg.com/CITIZEN/login/ses/files/
3 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/normalize.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee4bf1066a402e569e3c07d745369aaef82c73ea3895a39666469572f46e077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9922
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrZndAFDsmZnj1v1fsz9sGTUE1EuiVJ3a%2Bdqu6uuz4STLCxzZNjL1vD8h11qP3X0YdG6s81%2F%2BeVvCJEhG57y70qFL9LUQnqEO8TkpQ0vRnGmTb5M3S%2FkBlzph%2F6JymbqzMdRA3nEzLy%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f87abf9238-FRA
cf-bgj
minify
main.css
mtcarpg.com/CITIZEN/login/ses/files/
39 KB
9 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b9cb044a0a9178a5defc5c39ed5f0ff5d43650c503a07e90f2a1b2cad93635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=61479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:33:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veAHkbelEPWeT%2FNO6vNMm%2F1h33CmoEN%2BKHqUFXhriAxCt5grOclBaorhzcBAiiqTrREpvTQsxj0%2BJhPwfQlnQ5EiO7tro8lHoolHXAJ%2FiMo11GNpyifHZ8QTFh72YG5%2FtzqsEXHBD3Wl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f87ac09238-FRA
cf-bgj
minify
flows.css
mtcarpg.com/CITIZEN/login/ses/files/
6 KB
2 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d363b7a9f7aebbbfc48c251056541f239faf77b9e6a05a7c06278759ffaa70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=8579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:36:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZxbrJAW%2FmS6kjWQ20izal6s9FFLCd%2FXWNtvQsw7r7vLhXJgnQ7vgGMWh0XDESza7ftVv0vs5gObk%2Fe9cdHOueIsFPJuGHqOqEQHJzK7VIHchzrXo1tHJTGHxu6OlkhVfaNlNU%2BwJXT3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f87ac19238-FRA
cf-bgj
minify
ad-containers.css
mtcarpg.com/CITIZEN/login/ses/files/
4 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/ad-containers.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e55db9999be517689f0460bee0e8f91731d2a75f20827001a5decda912955fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=7985
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Exz%2BVe6OyD6qXzTVmWRohgP3JcD7E2Q0M2pn16HnvLuMOGBIogDGJmXYfb3u3gMedl0lh4sc0jEq%2FcfoZdAHjI4rrxdFpoxoE9N9VbjYVvLUqUPF6WvYFwdDu2wC6koaTWmuovX5hjk5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f87ac49238-FRA
cf-bgj
minify
citizensns.min.45702.css
mtcarpg.com/CITIZEN/login/ses/files/
4 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizensns.min.45702.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb876bfec4928c3f25584db9439de41377e659d0d0e438c1df326205e70bc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5981
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJdH%2Bs0ohMYomfebanSyLjEiOhnmMZmfYen9kDIx9ZQu598rbst5whI776Nv9KbBnsklt05lKZk2%2BlvzIBDOHtXknZIw4Nf5nvYRLG1W03ffX1aRisoH7mbr2DBNZdQMvjRA2aMN0t82"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f87ac59238-FRA
cf-bgj
minify
CTZ_Green-01.png
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
3 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/CTZ_Green-01.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca8631f2990f3d91e75611b527a695d1d0afe9748d59c4e1c620f8bcab13818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=5277
content-disposition
inline; filename="CTZ_Green-01.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2412
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kQnsMfQ31hZKMCNBpj9zqY%2B5SadOgoaTnqV0NkSLRG%2BvP%2BmdnbGQ96aTK%2F75SSLOAltQlQPvuwkWB%2Ft3IDCIp2DGXUPPplV94vbtzrrAUnB%2Fwff86WsTjqc10CusGfbPqBT4nmysVjm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88acb9238-FRA
cf-bgj
imgq:100,h2pri
feedback.png
mtcarpg.com/CITIZEN/login/ses/files/
344 B
698 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/feedback.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31578d5390057afea53fcf69ede0185a8e382f92fb3eb9be3e2eec0a0f7832bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="feedback.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
344
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrqPQyvo6PyAxMlNDhAA3yqrf42pclIvJNV49b%2Bx3JWjt1EvoylsycpB%2Fyb3ABcaVMwaGT1REsXMLSIza7wuIGqPfMdw%2BKXxzdv4Xslashp%2FC7RI%2F4sH9feCLpBLw4VV20oHnsgAbBe5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88acc9238-FRA
cf-bgj
imgq:100,h2pri
equal-housing.gif
mtcarpg.com/CITIZEN/login/ses/files/
96 B
450 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/equal-housing.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9a95c20565efe7b26cd9f86f05ab6ef675c5c0d024ed2262307bce82dc8b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=gif, origSize=1134
content-disposition
inline; filename="equal-housing.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzPkGgWla3zwioSk5e%2Bpb1NuLZG76hdK7u3qge2k9rP5DlrFhagIT1cXyUWkNVmhqIChh6skWp422sk9umLQAgIYhKr25twzZAIPfhXJdjtSQa%2BYDgPiB6%2BveMlCLHmAD1CXYrRuWiur"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88acd9238-FRA
cf-bgj
imgq:100,h2pri
footer-follow-facebook.png
mtcarpg.com/CITIZEN/login/ses/files/
322 B
688 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-facebook.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e127d6698ece3db37cc5d916370109d6576eca772fb065e4e29abbe174305749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=395
content-disposition
inline; filename="footer-follow-facebook.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
322
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9%2FZaDnA0cn%2Fw36SdXLq43RJG8jA%2BucaK6RF9ah8r2dBXonaIajnlKhkd4oWf%2FA33Dtgff3M6fgYQrmGPmjkbqsyslzT%2BODhT%2BJ00bohxq21r77rP%2BeLaJZCja4JdaaJvZsv3758APjc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ace9238-FRA
cf-bgj
imgq:100,h2pri
footer-follow-twitter.png
mtcarpg.com/CITIZEN/login/ses/files/
388 B
961 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-twitter.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b61e3d7ab8609e4f612dc03e5cd0847e107c855d847714c9c9c7d5ec219363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3295
content-disposition
inline; filename="footer-follow-twitter.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
388
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4GS2%2Blnm84kA3E7u243Rh0xwOAfzcbQUvRqwXVo5erBKZqbx0FmdGlZN5T0OiXYQka43IlRPxzkqULdaWLSAvx3i67diQ9gNYRMOkek%2FRPC%2FU%2Foxn9njyFk7qjV4iJbvoucE5qog5Pe"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ad09238-FRA
cf-bgj
imgq:100,h2pri
footer-follow-linkedin.png
mtcarpg.com/CITIZEN/login/ses/files/
374 B
738 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-linkedin.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f2dbc4cde03f46f030b18d76bf09c57c8967ce9d4741ebc1890eb0e555585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3239
content-disposition
inline; filename="footer-follow-linkedin.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
374
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW%2Bab6PUX%2Breoq4DQZxFby8hPtM9p4A3xm4vIXQGzh6yj4FfXjZDSedwE5nvbCl295xG0WFvAEMyYL6Mdo8vfRp7yyOHiXgNTPwrAJ42ZGn2n8lJbECkDgBIYmHCKYni8PsJ1jwNkTDv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ad19238-FRA
cf-bgj
imgq:100,h2pri
footer-follow-youtube.png
mtcarpg.com/CITIZEN/login/ses/files/
394 B
962 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-youtube.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b712cc39f8e1b51ee7166aab637459fddb41bee8241c4fda0cbefd4e0d51b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3278
content-disposition
inline; filename="footer-follow-youtube.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=We7pDHRhbf4UOnBa3YqY2vfP9POr4CXzHMcqnt0JQ5dAAr2Tr3l%2FGggbmG92NpK4ImzCuscM7Ox1mF7gsZhW8cemXEVDXpcux5oiJlrpOllBVbUYHw6qPaBx%2BrJQnRbn4jotfBH6btz7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ad29238-FRA
cf-bgj
imgq:100,h2pri
elh.gif
mtcarpg.com/CITIZEN/login/ses/files/
724 B
1 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/elh.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547a4de2ef052f708d6a89e73278fbf75113a660c644a5aab4d8734b70503c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=gif, origSize=1433
content-disposition
inline; filename="elh.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
724
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKDKYHKifNYyi5tjQxyu0YcTLw%2FUDzRc9wVtLNI12hp7t3%2F9ZNg57i%2BvO0Payh0%2FJEaJwYMcvGrLWYK8MZVOznMqHPwLiP3HGq5yZBlmZWy13KcJIBlTzix%2BJHDeHtmO7oJVJBWAgVqV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ad49238-FRA
cf-bgj
imgq:100,h2pri
fdicFooter.gif
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
2 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/fdicFooter.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84858a434f7d7af069af33b37987ab6801a859520cfb29486239f0d3c77ae6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=gif, origSize=2245
content-disposition
inline; filename="fdicFooter.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1688
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5RdsRP%2BTyBW2uGnA2rc6FQi03yKps3fLpRXIsIGpTJF22vKX5eJSXfH%2B0AxW8KvCyv2ZhdX%2BWS3k%2B1mvNGqorcn24qveziIdiqmZgw54%2FWtAXRMakMist9wDcFIbKhNPYEfXCsnlgha"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f88ad69238-FRA
cf-bgj
imgq:100,h2pri
sec-3-6.css
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
888 B
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/sec-3-6.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9df9fcb2236ab70643373b1d7b4c0b10cb79560ec2792a8489ee3048b8fd55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1641
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMGISWlapDOn33OqmdgmumqN6xMBCAD43d6kD1Djh%2BqK9wUJqeagZSiBFPgaSEvEakV%2F4I7TEHNqIsPAMOSsMNdUus9FjmYt0mnM1h4BOJx9v2GFUhC%2FqrGX600hYVKP2j4ESSoswlil"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710272f88ac69238-FRA
cf-bgj
minify
rocket-loader.min.js
mtcarpg.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://mtcarpg.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 19:29:40 GMT
server
cloudflare
etag
W/"6283f7a4-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBRzp54DjKObzd0wF6KGtKL%2BquwpBjgh%2BiPrdlUL5kqGlVr7d8FZOMuBfp8pzNkcjjTNo8EF16rvbb9DdQFQmKPmf%2FxJuiQxCGT18MS5JYQGu9%2BM9bjLSmo7W5z%2FT0FNG4QA5i3kOOYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710272f88ad89238-FRA
vary
Accept-Encoding
expires
Thu, 26 May 2022 02:02:26 GMT
icon-secure.png
mtcarpg.com/CITIZEN/login/ses/files/
128 B
734 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/icon-secure.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c150a9322ff035c0b9489d3093a7af4af2bbfe171e8dcdc00f57407cbc5f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=292
content-disposition
inline; filename="icon-secure.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
128
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CBLrvPEooL7C2%2B83USHm%2FH28MyiCi8BNRuOWdEo1vbdb0%2Fhg7rv5KWzBgN2TWf1WzcqSu6SkK%2B2E%2FSUlBxwQitYdD75yNEY0heHeoYzS6COHqXvt2yiqwLJqWx4CYG224phYVLkRLNX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958df9022-FRA
cf-bgj
imgq:100,h2pri
flows-tooltip.png
mtcarpg.com/CITIZEN/login/ses/files/
150 B
797 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/flows-tooltip.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa4fc5fe2b8da6c79d87fa0439dde7b5de3bae4c7e1c29c99d16ea072bb5b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=364
content-disposition
inline; filename="flows-tooltip.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drBS%2BJzaNn7iyxG7bF8SGtRGApTXhEEaowYk1O4WA92iqTCL8bo4jX%2F9hYmaMQNdvUomrorxRkV%2B4DVVeY5%2Fd%2F2VEIirsEWFP0Wv4ELmsrU3W%2BnJqHeqSJ1FzmT7M%2FQa7%2F3hqkfmQUFf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e09022-FRA
cf-bgj
imgq:100,h2pri
arrow-button-white.png
mtcarpg.com/CITIZEN/login/ses/files/
96 B
709 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-button-white.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971404ae7791e52ceddfe8ce363b9ccc4308dcd89038ad884b0c1f98045e6a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=1017
content-disposition
inline; filename="arrow-button-white.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Idv%2Bsvvwt4Z8vr02p%2Bjo3S5MJEuXQKL5JsKk%2FopcKdtI4yLb%2FVeicJ7dLtXsnuZzOh4C0D%2BeDmpMC9Kh8qfaVaAqfGy2e8jApOSwV0Jf1lgb19hsxr7B5XTFCbVG%2F6XEpM%2Fj8DuzWeA3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e29022-FRA
cf-bgj
imgq:100,h2pri
arrow-down-blue.png
mtcarpg.com/CITIZEN/login/ses/files/
100 B
712 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-down-blue.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1964b54703b6c127946b79ccba37045bd217767c14284d8e040c9bed0702522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=1054
content-disposition
inline; filename="arrow-down-blue.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyICnUuhGTpd6iHPqd%2FaWIJIcYaS8%2B7su75CV6%2BHUmnhZBWUUpUOYBWiwRh0p39xX33K%2BGhkVyOHvI1ftzN5R2PZsiEhs3TetdfggsCPjrB5BW24jE0RW1PmmOwWp0Xj2XYPI%2Bly%2FJg%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e39022-FRA
cf-bgj
imgq:100,h2pri
arrow-right-orange.png
mtcarpg.com/CITIZEN/login/ses/files/
76 B
689 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-right-orange.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1940d7c46934032d9a4a9eda49a54c7c3517b1c699a87b2b9e1ae548b02c9ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=165
content-disposition
inline; filename="arrow-right-orange.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LKE4YolpQ9BI0k7xKhJC%2FBmLuzHOemgUxnQQffi7WRvShkrvq0Abbh%2F0l%2BHhKIVse0oK7Afic4Wz5UYLGSWRC68rDQyM%2Bdh%2F9IlT%2BhmPOSHPneO0zR2yyUXSbs2P6jhTK8j4AZE14rE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e49022-FRA
cf-bgj
imgq:100,h2pri
citiolb_icons.woff
mtcarpg.com/CITIZEN/login/ses/files/
18 KB
19 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citiolb_icons.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18524
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V68eAYzeKsgXUrhkzrnWrPuVcGsblDYDLiUsap%2Bf5sYkqdf6i0b3B3f6Y2RqSW%2FeQz%2B5N8HPTA8ggUJTWeAJxNB2Ibq537CIusZzYLi6Rz0xDklz3ua6esdLzuKMsYVFGmEJEkgFmzcD"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e59022-FRA
citizen_roman.woff
mtcarpg.com/CITIZEN/login/ses/files/
31 KB
32 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_roman.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31968
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5va8XLtPFXIKWz0zTEtS44rOEA2D4C6e2yVU%2FkdY9Q4nlWA%2FVJjzRq0bNZrE9b%2FLfxNjSfRDoxKuLeFlbNgmj5bpGiQn92xr8H9jSGziLVJ5IiT6ugMmmPUqc1dbApiYfb3lJXt0bnw%2B"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e69022-FRA
citizen_book.woff
mtcarpg.com/CITIZEN/login/ses/files/
31 KB
32 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_book.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31864
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjSZrjxHSRgziiehG9vlTbaj4ONMwkwjLGDh%2BruYmtrmZ7pj4FzrPYkrATDaSDDG6A%2BTRo7E%2Bd3Cj01t2bl4P9eRP0scDdxUfIW4UWk%2Bq5PHgJNHeq6hzRtoIwmoAZvmpdBRyZSu%2BFvi"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e89022-FRA
citizen_bold.woff
mtcarpg.com/CITIZEN/login/ses/files/
29 KB
29 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_bold.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29304
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d09v06alKPCb9lRIaPldCG7m6HAlNyrZ7cWYHF5AMCvNArMSWt3UsLst5yUpvNnOHxaDjvRpZ0Xf64ucWmPHfNDGDCmO%2F9JU8oaHtOID4%2F9Sg4IS5qh7%2FJEXhEEuDk5kyqy32Q%2BqPOKN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958e99022-FRA
citizen_extrabold.woff
mtcarpg.com/CITIZEN/login/ses/files/
27 KB
28 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_extrabold.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4b38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 02:02:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27852
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnS4MrcX4OqqF%2BZa8hfLXWGf1ZljGdBl4qHQVzUFf2%2BFw0hduQ1mQS8ZQW82D8ikArtQYDrsQ%2BELpWWAwrCJwW8Bg2QsFAmUZUSnJ84qoYFZejFkyYWGFMJUpau1oqcrUvqABVR%2Bb%2BKR"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710272f958ea9022-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __cfQR boolean| __cfRLUnblockHandlers

2 Cookies

Domain/Path Name / Value
www.mub.li/ Name: XSRF-TOKEN
Value: eyJpdiI6IklTdG01dmRpRWZvL245cEdBSDRFK3c9PSIsInZhbHVlIjoiemZHWmlDaEFiSDA5R3d2NUwxV2RCeGg1VndxT3A4M3ZNSGNzektWZTlZZE9DeGx0cWd1R0dNTmdIczVhdUswK2JOWWVBT0xUV21RUTNhMGRuS2NaY3FFcmhldFFzQVFsa3FmTjJwODlLYVQxaFh6cVZRUWczbXZ1UGZlS2kwTWQiLCJtYWMiOiJkZjdlOWEzNTY2ZjhiYWJkNGU4OTAzZDY5Y2E1N2Y5OGM5NjJlZWRiN2Q5MDAwYmQ0YmUwMmJlMjkzNDM1MGMwIn0%3D
www.mub.li/ Name: mubli_link_shortner_session
Value: eyJpdiI6IjlZOHprZ05pYkhpTlBTUEg4SHY1NEE9PSIsInZhbHVlIjoiUnZFMUMvZWMwcW1taHpzcTFmOEg3RmUxWmt0T00zcTIrZi9ZN3doNm1Qbk1SNDBtdTI4cm80TDQzc1AvWkhScDExd1AxVjA2YXY5YytVMVlqSGdkWU9kZW93TExUVExBcmRQbk1nR0h5Wnh0OXVxTkFEQnRhODVqcStZTnpPYVIiLCJtYWMiOiI5NzNjZWQ3MzQ1NDExODY0NjIwMjI2MDA0OTA3ZmIwMmM0ZmNmODgzMWMwYWQ0NjBhZTM4N2ZiMmVmOTU0ODNhIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mtcarpg.com
www.mub.li
2606:4700:20::ac43:4b38
2606:4700:3033::ac43:cdb0
03d363b7a9f7aebbbfc48c251056541f239faf77b9e6a05a7c06278759ffaa70
06c150a9322ff035c0b9489d3093a7af4af2bbfe171e8dcdc00f57407cbc5f24
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
1940d7c46934032d9a4a9eda49a54c7c3517b1c699a87b2b9e1ae548b02c9ecd
1fa4fc5fe2b8da6c79d87fa0439dde7b5de3bae4c7e1c29c99d16ea072bb5b02
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
2b712cc39f8e1b51ee7166aab637459fddb41bee8241c4fda0cbefd4e0d51b41
2ca8631f2990f3d91e75611b527a695d1d0afe9748d59c4e1c620f8bcab13818
31578d5390057afea53fcf69ede0185a8e382f92fb3eb9be3e2eec0a0f7832bf
547a4de2ef052f708d6a89e73278fbf75113a660c644a5aab4d8734b70503c39
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
5ee4bf1066a402e569e3c07d745369aaef82c73ea3895a39666469572f46e077
62b61e3d7ab8609e4f612dc03e5cd0847e107c855d847714c9c9c7d5ec219363
6e55db9999be517689f0460bee0e8f91731d2a75f20827001a5decda912955fb
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
84858a434f7d7af069af33b37987ab6801a859520cfb29486239f0d3c77ae6b9
8b9a95c20565efe7b26cd9f86f05ab6ef675c5c0d024ed2262307bce82dc8b62
971404ae7791e52ceddfe8ce363b9ccc4308dcd89038ad884b0c1f98045e6a21
a9fc332d173735dd2b9c62efbef88dc4fbc4510443c5cff3a91dc6c6e5eef28b
b1964b54703b6c127946b79ccba37045bd217767c14284d8e040c9bed0702522
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
bcb876bfec4928c3f25584db9439de41377e659d0d0e438c1df326205e70bc6a
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3b9cb044a0a9178a5defc5c39ed5f0ff5d43650c503a07e90f2a1b2cad93635
de9f2dbc4cde03f46f030b18d76bf09c57c8967ce9d4741ebc1890eb0e555585
e127d6698ece3db37cc5d916370109d6576eca772fb065e4e29abbe174305749
e9df9fcb2236ab70643373b1d7b4c0b10cb79560ec2792a8489ee3048b8fd55c