mtcarpg.com Open in urlscan Pro
2606:4700:20::681a:545  Malicious Activity! Public Scan

Submitted URL: http://www.mub.li/fML6s/
Effective URL: https://mtcarpg.com/CITIZEN/login/ses/index
Submission: On May 24 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::681a:545, located in United States and belongs to CLOUDFLARENET, US. The main domain is mtcarpg.com.
TLS certificate: Issued by E1 on May 16th 2022. Valid for: 3 months.
This is the only time mtcarpg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
28 1
Apex Domain
Subdomains
Transfer
28 mtcarpg.com
mtcarpg.com
185 KB
2 mub.li
www.mub.li
2 KB
28 2
Domain Requested by
28 mtcarpg.com mtcarpg.com
2 www.mub.li 2 redirects
28 2

This site contains links to these domains. Also see Links.

Domain
investor.citizensbank.com
Subject Issuer Validity Valid
*.mtcarpg.com
E1
2022-05-16 -
2022-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://mtcarpg.com/CITIZEN/login/ses/index
Frame ID: 6055941086E70D891A1C6FD4EAED50DB
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Online Login | Citizens

Page URL History Show full URLs

  1. http://www.mub.li/fML6s/ HTTP 301
    http://www.mub.li/fML6s HTTP 301
    https://mtcarpg.com/CITIZEN/login/ses/index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

185 kB
Transfer

255 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mub.li/fML6s/ HTTP 301
    http://www.mub.li/fML6s HTTP 301
    https://mtcarpg.com/CITIZEN/login/ses/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index
mtcarpg.com/CITIZEN/login/ses/
Redirect Chain
  • http://www.mub.li/fML6s/
  • http://www.mub.li/fML6s
  • https://mtcarpg.com/CITIZEN/login/ses/index
24 KB
8 KB
Document
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001a3545ac36ba896ca04bf292d9c5d27d327cf8a8d5da8c339e8c9583a5b0d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
710224f87ab78fdd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 24 May 2022 01:09:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txbFoQn6WMBCP4fK78yBwl08sSSzNBsPHsAgFiWUxQ1m1MP%2FTvGw3dRBpktfBNEe4LyE7v4sXJXM5QHq0Xl9WUAs8BwSQcO9xpuFrf3lBfmFbhjVonzeGMSu5%2B2vpTAyU6pueHVb4tl6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
710224f6cd8d9028-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 May 2022 01:09:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mauBh6TgQVabwr2%2Byk1AVE6bKGkPIxkKyiJy0Y23AGfqLnpvVPmv8l7mxbaY9ZgmrLeicQgaFa9nQisO2QTT0ffP98vV%2B9BOYPxqojFDhxFSTQBo6bLeqlGXtyAC%2BZWsynn7bwReEe6"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
expires
-1
location
https://mtcarpg.com/CITIZEN/login/ses/index
vary
Accept-Encoding
jquery-ui-1.10.3.custom.min.css
mtcarpg.com/CITIZEN/login/ses/files/
19 KB
4 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/jquery-ui-1.10.3.custom.min.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 10:24:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=223M%2FP4U5A3mT8DTInLilTIpHYg0%2BrF5cblh5T4RmgTO27MO9hiyjLg3Sxj3xi1mSRG%2B7p45EHqwX2YS9Is4IOSpCQF4a%2FnS0DTuzx7toNmY3GkdNNWgx4nf%2BWUUZx%2F9f1KiqAmvAUNa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
710224fcfe458fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
normalize.css
mtcarpg.com/CITIZEN/login/ses/files/
3 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/normalize.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee4bf1066a402e569e3c07d745369aaef82c73ea3895a39666469572f46e077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9922
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYK%2BP4R9WelNfRnwZPc0isSxK7s%2FR6P5urvTy25JuGHkarviMDNtrn8szPp8j6LKUoOaePnIPdiPDJ6rZCWhjNaFJjNKLEChhk0dcWZZOicqx%2FFB1cAbLO9k0RWkA7D3oUMuo3CFSo9o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe468fdd-FRA
cf-bgj
minify
main.css
mtcarpg.com/CITIZEN/login/ses/files/
39 KB
9 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b9cb044a0a9178a5defc5c39ed5f0ff5d43650c503a07e90f2a1b2cad93635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3413
cf-polished
origSize=61479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:33:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrEGL6kJRY2Iu6Buk4FmztawmSMNiJNB7glhiBaBNzq7GC7LXuCH3dblRmAXvh6ymeliClKm88%2BHwEAAM6nbnWeS1Cr9uKx7nRveqA6Uws9pbeSptvAKM8RUXPPN2UBuUKLLH3x%2FOGdq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe478fdd-FRA
cf-bgj
minify
flows.css
mtcarpg.com/CITIZEN/login/ses/files/
6 KB
2 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d363b7a9f7aebbbfc48c251056541f239faf77b9e6a05a7c06278759ffaa70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=8579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:36:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0uu7QLSAO5LWB5fbmDognkdypbYOzGElPKdbAXRNf073e5m4xn%2FCFamfdIZ013d%2BJx20WQYAVKEB%2BqcImaVDfeDDLbwsyBFSlNq8m3CYZs2O2wiPyGYKb6eeDGpzTUyenhjvzij%2F2Us"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe488fdd-FRA
cf-bgj
minify
ad-containers.css
mtcarpg.com/CITIZEN/login/ses/files/
4 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/ad-containers.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e55db9999be517689f0460bee0e8f91731d2a75f20827001a5decda912955fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=7985
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCCCCCxL53VH0fHv1dFd7qjBpRnlcF6qx5g%2Bt%2FOy9%2FhENjTiT8p6q7CYFW5FcwDD6AEjdqCYTuuoApTtBg%2FBnzRKwIG8byZszLkU7glcck%2Bmn%2BL8S7xnv6KKb7slbkbAOLHhQZynNOdk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe498fdd-FRA
cf-bgj
minify
citizensns.min.45702.css
mtcarpg.com/CITIZEN/login/ses/files/
4 KB
1 KB
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizensns.min.45702.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb876bfec4928c3f25584db9439de41377e659d0d0e438c1df326205e70bc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5981
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBRASyTKuu2DSM3GU5b72VC%2FazN5qxWlrzex9C8ml%2F76UiMpi8VzkikxAxZFEIUqU7aEUK7D4dQeBldnck13r18HYkpBXHzccyOICDN4%2BKKLtoOfutcu%2F%2FdjsZLPWlXlmqGqD82ItPZy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe4b8fdd-FRA
cf-bgj
minify
CTZ_Green-01.png
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
3 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/CTZ_Green-01.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca8631f2990f3d91e75611b527a695d1d0afe9748d59c4e1c620f8bcab13818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=5277
content-disposition
inline; filename="CTZ_Green-01.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2412
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF0rcFqHVbuQ3v9mTvChyUUaqeGNK%2Bta1d5KsSREUHQo70Z73u3kCkvEsOW0RTVIEZCBOeM3lFGhM%2F9Ejnkl%2BvE2bjrBbf0pKoElgLCoudLv%2BoC0LQigzH8sOdbxxVyVOTf%2FyLr7oPvs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fcfe4e8fdd-FRA
cf-bgj
imgq:100,h2pri
feedback.png
mtcarpg.com/CITIZEN/login/ses/files/
344 B
704 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/feedback.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31578d5390057afea53fcf69ede0185a8e382f92fb3eb9be3e2eec0a0f7832bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="feedback.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
344
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fCU0I82eWZDu9JyKWv77cpFA%2BUPS0YcRFWXC5el5%2FQq6%2BvAx2eesUO%2Fr9XjXEeX42tH2J8dZe0q%2BuDrG4OLRnsVS%2FBlaNowuY8X5BaSlj%2Be9Xe9%2FW%2FCiB68MpCa1M3ziNRQPHOQiy0h"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fcfe4f8fdd-FRA
cf-bgj
imgq:100,h2pri
equal-housing.gif
mtcarpg.com/CITIZEN/login/ses/files/
96 B
654 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/equal-housing.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9a95c20565efe7b26cd9f86f05ab6ef675c5c0d024ed2262307bce82dc8b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=gif, origSize=1134
content-disposition
inline; filename="equal-housing.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKeCfZyyOxOHOL3PmOqdjLbUTFcsq1qRSHeg5%2BhaaTpJBIcA1plpXix8ECWWNquT2BIM81v110ij559rFCLeYD7Op4S6P%2FpR8RQMcQ%2FM%2F3xiwUqJEuXdVL4Pt6bjFyMNP9KGNuKOddwA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fcfe518fdd-FRA
cf-bgj
imgq:100,h2pri
footer-follow-facebook.png
mtcarpg.com/CITIZEN/login/ses/files/
322 B
886 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-facebook.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e127d6698ece3db37cc5d916370109d6576eca772fb065e4e29abbe174305749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=395
content-disposition
inline; filename="footer-follow-facebook.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
322
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnDvkSprvgiOVpl5z%2BnLzl%2F8MpjQLsOewv9bvN4dNIRFoSTqxLDNXvo4O0kQaQOfIZv8XxI0wlyFhjpancsBear1BE7v1pGVaHai91w5CwWscibngf%2Be1gI9bHuQ%2BO5JFp%2F3OqYEChHP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e538fdd-FRA
cf-bgj
imgq:100,h2pri
footer-follow-twitter.png
mtcarpg.com/CITIZEN/login/ses/files/
388 B
756 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-twitter.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b61e3d7ab8609e4f612dc03e5cd0847e107c855d847714c9c9c7d5ec219363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3295
content-disposition
inline; filename="footer-follow-twitter.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
388
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B%2BbQphN1fliua1Cr8QPbAdMpJaQiBPhuKM31JoFoR%2B3eop167BN%2FHLhEvGhhs2d9FRdCoirhoceV7jm0SQwGh9zDHJOno3ReLGUG83%2FvGnO6%2FQVEH0fnABM%2BQuIHmllbsUzPFNn%2ByMI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e548fdd-FRA
cf-bgj
imgq:100,h2pri
footer-follow-linkedin.png
mtcarpg.com/CITIZEN/login/ses/files/
374 B
812 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-linkedin.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f2dbc4cde03f46f030b18d76bf09c57c8967ce9d4741ebc1890eb0e555585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3239
content-disposition
inline; filename="footer-follow-linkedin.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
374
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDiTNuHsP2D9hRx60AQDr0AidDg%2BoMwAHg27mrM4MJfD92OMse7Gnp3DyJLcRya2%2BVAQ4bWvCN2Ddl1oAm2Ou%2BIaZ2B3u6PGL3kNREkczU93%2BnBcNQKwLX%2BwTueFyzB89wv2pF48Royw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e558fdd-FRA
cf-bgj
imgq:100,h2pri
footer-follow-youtube.png
mtcarpg.com/CITIZEN/login/ses/files/
394 B
755 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/footer-follow-youtube.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b712cc39f8e1b51ee7166aab637459fddb41bee8241c4fda0cbefd4e0d51b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3278
content-disposition
inline; filename="footer-follow-youtube.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8It31C7zQbVmsSoDtV2eLG0T6q%2Fhz4g6m956KmwbF1S5nNA07UUROnk1y1xl2tblj3OxAL1czxS%2Fn6rDnGAjPVHm9N16Sy3sLy5n9c4KBqQZ0t3J8dx6UhSsKO22QJPdSSOtnqPd%2BlB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e578fdd-FRA
cf-bgj
imgq:100,h2pri
elh.gif
mtcarpg.com/CITIZEN/login/ses/files/
724 B
1 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/elh.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547a4de2ef052f708d6a89e73278fbf75113a660c644a5aab4d8734b70503c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=gif, origSize=1433
content-disposition
inline; filename="elh.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
724
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCaD8x6TvR0t7aaCO7bNhC94e2c1oobDTJwcVtdW1%2BFTlMzpjW8tDNWOCTeKzVZj8yeXpp19DoKuT7RYLtskE%2FwZc7lXM3o3jVRHVAP%2FMGPPEijrEsKOKbreBGf3DUfDXUwOSejmjuBQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e588fdd-FRA
cf-bgj
imgq:100,h2pri
fdicFooter.gif
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
2 KB
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/fdicFooter.gif
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84858a434f7d7af069af33b37987ab6801a859520cfb29486239f0d3c77ae6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2441
cf-polished
origFmt=gif, origSize=2245
content-disposition
inline; filename="fdicFooter.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1688
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEVam7ce1RdvRKfqd1ySr1dFh724SjDBA9DeVEr0R7TwXY2xKV7HQxXP7DVxWsoIk%2Fv0oIWKHFoi7%2BpLHMo0XcZKtRJmOjTHAS92Fvt8s9yWq0tasHmIYei4NsVzaL%2BJemV3TGj2fAwQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fd0e5a8fdd-FRA
cf-bgj
imgq:100,h2pri
sec-3-6.css
mtcarpg.com/CITIZEN/login/ses/files/
2 KB
971 B
Stylesheet
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/sec-3-6.css
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9df9fcb2236ab70643373b1d7b4c0b10cb79560ec2792a8489ee3048b8fd55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1641
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DbPPBN3cdFjSXER1pl5y68Wh5WVhx6lFjkZoUi6lprZCqwA3fOIFAtJiw4Sq0rYYf2zATt3HXU3gYxHSEdf025eVniQTkiX8rNEMC18ylkYcApsqBWrCwuqjx2nZikecU3%2FiHSdJpWs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
710224fcfe4d8fdd-FRA
cf-bgj
minify
rocket-loader.min.js
mtcarpg.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://mtcarpg.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 19:29:40 GMT
server
cloudflare
etag
W/"6283f7a4-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiev4%2FTPbe8on%2BU3rVuGGJeB8PCDFZJriMxjYfxxFtLCVmFksbuhk9n4WbbMcQt1L0Q6MLIZ2v%2FZnfdurC%2BksKv%2FsdxFp5uNn9EJgCne7BRZtgJzupilTriA79ylkv6EGq8IJekWpwF0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710224fd0e5c8fdd-FRA
vary
Accept-Encoding
expires
Thu, 26 May 2022 01:09:11 GMT
icon-secure.png
mtcarpg.com/CITIZEN/login/ses/files/
128 B
735 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/icon-secure.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c150a9322ff035c0b9489d3093a7af4af2bbfe171e8dcdc00f57407cbc5f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=292
content-disposition
inline; filename="icon-secure.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
128
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:25:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqBzXb%2F3Pi%2FCxTQjdYaAEZuJUrJLorTte58lqrczsTPbuZUR0YlD06slXS%2FauE9wt25UZXWrhtMblFcbXGm%2FoiT80bTQNyCzdxbYf2wgaFAG6DbaWpUcXTrrAwPPToXOXNwjljN%2BHme6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd285c6e-FRA
cf-bgj
imgq:100,h2pri
flows-tooltip.png
mtcarpg.com/CITIZEN/login/ses/files/
150 B
799 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/flows-tooltip.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa4fc5fe2b8da6c79d87fa0439dde7b5de3bae4c7e1c29c99d16ea072bb5b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=364
content-disposition
inline; filename="flows-tooltip.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOdVHCnrGkTp%2BMNQyCvBeODHx34Wzg09izNEdm%2BqjFrE9NKdg%2B1XE44FHsyDYERpDH51uC8q%2Fu%2F%2BxWJzXqo2ejFuso3HLYh4akP9T5YuutZfJszQ0%2Fer4U41Vd0zCpXPH9WLN%2FBsY9MX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd2b5c6e-FRA
cf-bgj
imgq:100,h2pri
arrow-button-white.png
mtcarpg.com/CITIZEN/login/ses/files/
96 B
708 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-button-white.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971404ae7791e52ceddfe8ce363b9ccc4308dcd89038ad884b0c1f98045e6a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=1017
content-disposition
inline; filename="arrow-button-white.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjLRGaEK%2B9M9Eg28mzkupp46QD4pX5dCQx6Eyy5hSv%2BAbCe6iznWROAjWbZCKovl6E9iCkyQSKlUS%2Bz6Z5dN9bJZpkQv91C%2BZNKXWfnJHzxpa8q3TgfJhUbhshtyBTI8sXUlXP9HaxnT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd2c5c6e-FRA
cf-bgj
imgq:100,h2pri
arrow-down-blue.png
mtcarpg.com/CITIZEN/login/ses/files/
100 B
704 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-down-blue.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1964b54703b6c127946b79ccba37045bd217767c14284d8e040c9bed0702522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=1054
content-disposition
inline; filename="arrow-down-blue.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7oAQerTDfCwWhSj5FLiXkUS1UtmVGR4RoDW0YX2Rf93VLliDgNLwXwWmdSeNIBeffG%2B2zvTbYxWkD8VB4uTKOjUGpQbOtKoJb1w7mQxMMc66wQeuTSbK0QxNSr0qoG9cVA9Mdo1XcQv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd2d5c6e-FRA
cf-bgj
imgq:100,h2pri
arrow-right-orange.png
mtcarpg.com/CITIZEN/login/ses/files/
76 B
683 B
Image
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/arrow-right-orange.png
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1940d7c46934032d9a4a9eda49a54c7c3517b1c699a87b2b9e1ae548b02c9ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=165
content-disposition
inline; filename="arrow-right-orange.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZbxlqD0Oosdee3CQrv9kFwi6Gq0bx9t2N1q%2BVMFk4GTvr6Mk8CyXmMJ0ZsRv%2FsNErxb4tKXWnV%2BZqGDXmar78Lg52a3oNaajcTti8p22V3BpsQI4CEz2FXfjIbBoCVA8dpmxj1fiuYa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd2e5c6e-FRA
cf-bgj
imgq:100,h2pri
citiolb_icons.woff
mtcarpg.com/CITIZEN/login/ses/files/
18 KB
19 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citiolb_icons.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18524
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuhkLWXJoEhuzPM5KqaHlRTDMJsze3zICytreYhvA9J2%2B5bAM1R11r35sGhcRt%2BoqEe60qNDqgFLf1V7ezT9Oi5GOqti2QxoVepibGDld1A45JPynVY%2FEwfAi2t3F%2FToNW1YOh34r04v"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd2f5c6e-FRA
citizen_roman.woff
mtcarpg.com/CITIZEN/login/ses/files/
31 KB
32 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_roman.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31968
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:26:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkG6Fl2JHnowg%2Bp8Vhpz%2F%2FVe0Wtf1IO5GffPTUevlXWIT2Tc67heKW9IFVnO6kGkCWgUajSKIvG3qtSLcvZtiNaqiLHe6v9QsMUzoaCG2DgWLmn7XR9LsQ7d9k0NzIphg8marp%2FDT8Zt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd305c6e-FRA
citizen_book.woff
mtcarpg.com/CITIZEN/login/ses/files/
31 KB
32 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_book.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31864
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX2%2FIZxqiOF17Yb5M4pUZa2t5wkyhdzbx5Y44a5x%2Bv17NwMcWlVdaTEvqHTzXK34mz9QQqLj8iagpqXVv01%2F1%2Fyr5ZeETEsKJn2WSejbtmF9JlelfvR06dU4pZQ14PoKf0vBQN6q8HLr"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd315c6e-FRA
citizen_bold.woff
mtcarpg.com/CITIZEN/login/ses/files/
29 KB
29 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_bold.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29304
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAGMVFlliNe0CYzCW4i1WUsyOYc%2Fbku9YBWmmtYIbhQx5FXbRsOqhEz2mc28Nu45V61hFhDY%2ByiXaJxxB%2FKaeYKBN%2F6600AF2OKfL8XYSSoKU%2Folk62FVoI2ajBhrzkFGmNxAqPdtEEO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd325c6e-FRA
citizen_extrabold.woff
mtcarpg.com/CITIZEN/login/ses/files/
27 KB
28 KB
Font
General
Full URL
https://mtcarpg.com/CITIZEN/login/ses/files/citizen_extrabold.woff
Requested by
Host: mtcarpg.com
URL: https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtcarpg.com/CITIZEN/login/ses/files/main.css
Origin
https://mtcarpg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 01:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27852
x-xss-protection
1; mode=block
last-modified
Thu, 23 Dec 2021 10:27:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuYZQv67MbGpNvmAbYP5TyZwJT5ID6HKGqI526dU7UD%2BsYD9qEOokntpV3%2Bfg6Kos9LsCrIwrcaqC9DMKro3Zdh4ZxzOf2yXv4K3suCZjJAk7VxZVDOk0PiiCtnRbqT2k0ucjfelmF4W"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
710224fddd335c6e-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __cfQR boolean| __cfRLUnblockHandlers

2 Cookies

Domain/Path Name / Value
www.mub.li/ Name: XSRF-TOKEN
Value: eyJpdiI6InRUK293cThXWmx0NGdXd3d1emZHMmc9PSIsInZhbHVlIjoic21yZ0FaYVB4RS9nb2N5V1VkdCtFV0NnazY1eFJCNVBkTXU2YllIdkQ2Z1lQenY0VGhsTXU3aXVjUmZuU29RbHVSanl0SkVKNWN1NU5UNWxKamJYTU1jL0haWDdlR2VVeUhWK0FTcitKQjRhR1M0VWZhWlRCTXhGbk0ySkc0OXkiLCJtYWMiOiIzYjllMjc2OWI2ZDIxY2Y4ZjM0ZjAzNWZlZTYwYzdlNzZiZDI1NzVhYmE0NjE0MmRlZWVkNzQ0OTYyOGQ2ODBkIn0%3D
www.mub.li/ Name: mubli_link_shortner_session
Value: eyJpdiI6IktpYk5UaU1BdGpkV3JrcGtXRVIrMkE9PSIsInZhbHVlIjoiNmdobTljMDQ3YUNtVXVYdVVFMHIxTjRHc1J4Nkk2bytYVzdKSWliMTNsK252ckEveG1KVjlPMjhqRmhUc25ySHlveVh6ZG5sZSs0SWt0bFRvTU1xQWpnRytQNGJ5a1d4ZVFvckcrRlBRdUdjaHFFSXVPdVJaR2RMOC9wc2dDRGMiLCJtYWMiOiJkOTk1MDYwMTI0ZTA4ZWMzZmU1NDgwODE2MDlhNDBlYzQ2MmNmODgxZDliY2I0N2RkYWFhZTk3OTY4YjdiNTAyIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mtcarpg.com
www.mub.li
2606:4700:20::681a:545
2606:4700:3037::6815:5d39
001a3545ac36ba896ca04bf292d9c5d27d327cf8a8d5da8c339e8c9583a5b0d8
03d363b7a9f7aebbbfc48c251056541f239faf77b9e6a05a7c06278759ffaa70
06c150a9322ff035c0b9489d3093a7af4af2bbfe171e8dcdc00f57407cbc5f24
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
1940d7c46934032d9a4a9eda49a54c7c3517b1c699a87b2b9e1ae548b02c9ecd
1fa4fc5fe2b8da6c79d87fa0439dde7b5de3bae4c7e1c29c99d16ea072bb5b02
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
2b712cc39f8e1b51ee7166aab637459fddb41bee8241c4fda0cbefd4e0d51b41
2ca8631f2990f3d91e75611b527a695d1d0afe9748d59c4e1c620f8bcab13818
31578d5390057afea53fcf69ede0185a8e382f92fb3eb9be3e2eec0a0f7832bf
547a4de2ef052f708d6a89e73278fbf75113a660c644a5aab4d8734b70503c39
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
5ee4bf1066a402e569e3c07d745369aaef82c73ea3895a39666469572f46e077
62b61e3d7ab8609e4f612dc03e5cd0847e107c855d847714c9c9c7d5ec219363
6e55db9999be517689f0460bee0e8f91731d2a75f20827001a5decda912955fb
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
84858a434f7d7af069af33b37987ab6801a859520cfb29486239f0d3c77ae6b9
8b9a95c20565efe7b26cd9f86f05ab6ef675c5c0d024ed2262307bce82dc8b62
971404ae7791e52ceddfe8ce363b9ccc4308dcd89038ad884b0c1f98045e6a21
b1964b54703b6c127946b79ccba37045bd217767c14284d8e040c9bed0702522
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
bcb876bfec4928c3f25584db9439de41377e659d0d0e438c1df326205e70bc6a
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3b9cb044a0a9178a5defc5c39ed5f0ff5d43650c503a07e90f2a1b2cad93635
de9f2dbc4cde03f46f030b18d76bf09c57c8967ce9d4741ebc1890eb0e555585
e127d6698ece3db37cc5d916370109d6576eca772fb065e4e29abbe174305749
e9df9fcb2236ab70643373b1d7b4c0b10cb79560ec2792a8489ee3048b8fd55c