citi.org.br Open in urlscan Pro
104.236.33.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citi.org.br/
Submission: On January 08 via automatic, source certstream-suspicious (January 8th 2021, 7:03:00 pm UTC)

Summary HTTP 51 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 51 HTTP transactions. The main IP is 104.236.33.150, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is citi.org.br.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.

This is the only time citi.org.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.236.33.150 104.236.33.150	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.224.89.226 13.224.89.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.198.189.172 104.198.189.172	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
51	19

13 104.236.33.150 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

citi.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.89.226 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-226.zrh50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.189.172 (United States)

ASN15169 (GOOGLE, US)
PTR: 172.189.198.104.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

pages.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	citi.org.br citi.org.br	245 KB
7	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	22 KB
6	cloudfront.net d335luupugsy2.cloudfront.net	105 KB
5	gstatic.com fonts.gstatic.com	73 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
2	rdstation.com.br pageview-notify.rdstation.com.br pages.rdstation.com.br	45 KB
2	facebook.com www.facebook.com	530 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	92 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	cloudflare.com cdnjs.cloudflare.com	42 KB
1	google.de www.google.de	108 B
1	google.com www.google.com	108 B
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
51	15

	Domain	Requested by
13	citi.org.br	citi.org.br
6	ka-f.fontawesome.com	kit.fontawesome.com
6	d335luupugsy2.cloudfront.net	citi.org.br d335luupugsy2.cloudfront.net
5	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	citi.org.br d335luupugsy2.cloudfront.net
2	www.facebook.com	citi.org.br
2	connect.facebook.net	citi.org.br connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	citi.org.br
1	pages.rdstation.com.br	d335luupugsy2.cloudfront.net
1	ajax.googleapis.com	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	www.google.de	citi.org.br
1	www.google.com	citi.org.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	citi.org.br
1	kit.fontawesome.com	citi.org.br
51	19

This site contains links to these domains. Also see Links.

Domain
psc.citi.org.br
blog.citi.org.br
www.facebook.com
www.linkedin.com
www.instagram.com
www.google.com

Subject Issuer	Validity	Valid
citi.org.br R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-09-06`	2 years	crt.sh
pages.rdstation.com.br Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://citi.org.br/
Frame ID: E4BC902CEA720BD8CA4DE3005E19B70A
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

19
Subdomains

19
IPs

4
Countries

722 kB
Transfer

1911 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://psc.citi.org.br/
Title: PROCESSO SELETIVO

Search URL Search Domain Scan URL

URL: https://blog.citi.org.br/
Title: BLOG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citiufpe/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/citiufpe/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/citiufpe/
Title:

Search URL Search Domain Scan URL

URL: https://www.google.com/maps
Title: ver no mapa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citi.org.br/ 60 KB
13 KB 472ms
224ms Document
text/html 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9e4d3a9f568cdc916653678b9d0a7261a12898a78bab13339e1fd6cf5ce7f018

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:method: GET
:authority: citi.org.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 08 Jan 2021 19:02:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Cookie
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: same-origin
set-cookie: csrftoken=I3jCpd4gYZ4nT1mW9TQxcQnKubh4xqtnlaPrNA0k2gH30Yav9dPTgoAB6VLn8HpR; expires=Fri, 07 Jan 2022 19:02:43 GMT; Max-Age=31449600; Path=/; SameSite=Lax
strict-transport-security: max-age=15724800; includeSubdomains
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 9 KB
703 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd6484035a4c86343e2a5b1be62d65971f732ba7114d185fb55b000e34acad9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 19:02:43 GMT
server: ESF
date: Fri, 08 Jan 2021 19:02:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jan 2021 19:02:43 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
466 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 19:02:43 GMT
server: ESF
date: Fri, 08 Jan 2021 19:02:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jan 2021 19:02:43 GMT

GET
H2 200 main.005cac816de1a3d4e285.js Show response
citi.org.br/static/css/min/ 80 KB
13 KB 134ms
133ms Script
text/javascript 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.org.br/static/css/min/main.005cac816de1a3d4e285.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9cf75f4a592b22be430866715c8d9d09ecb2569cd405dccc45424b0d49c4d8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:48 GMT
server: nginx
etag: W/"5ff7de90-13e29"
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 CITi.png
citi.org.br/static/images/navbar/ 15 KB
15 KB 198ms
196ms Image
image/png 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/navbar/CITi.png

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

685b40a8898341a58765ebfb9ae63d34c822a9ed5f2b28f3724b482ba6911a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: "5ff7de83-3ae6"
strict-transport-security: max-age=15724800; includeSubdomains
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 15078
x-content-type-options: nosniff

GET
H2 200 close.svg
citi.org.br/static/images/navbar/ 2 KB
1021 B 198ms
196ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/navbar/close.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fdca2f6e011005d4d6c2e8074dae9d9f4e782155236d533e66bf4ef2cd371615

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: W/"5ff7de83-779"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 footer-arrow.png
citi.org.br/static/images/footer/ 3 KB
4 KB 198ms
197ms Image
image/png 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/footer-arrow.png

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7fbe7cbac0f7ce86904f7df0da627b05d661d1050a27368f66150ca3c90b3b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: "5ff7de83-df3"
strict-transport-security: max-age=15724800; includeSubdomains
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 3571
x-content-type-options: nosniff

GET
H2 200 facebook.svg
citi.org.br/static/images/footer/ 1 KB
1 KB 199ms
197ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/facebook.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ee6d4e9549fc80f170858efb2c77d1cafd7b4ab9a86a985f650193899c221fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: "5ff7de83-420"
strict-transport-security: max-age=15724800; includeSubdomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 1056
x-content-type-options: nosniff

GET
H2 200 linkedin.svg
citi.org.br/static/images/footer/ 1 KB
976 B 199ms
197ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/linkedin.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6acccff1baa527b02f1f3befd4b228a786dbc77cc74db152b2096d5e385ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: W/"5ff7de83-514"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 instagram.svg
citi.org.br/static/images/footer/ 1 KB
835 B 199ms
197ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/instagram.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: W/"5ff7de83-488"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 call.svg
citi.org.br/static/images/footer/ 2 KB
1 KB 199ms
197ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/call.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b808835fe4c8a89c71d42b8a4eb384e8e34f253348e98e35683d40f0f6990b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: W/"5ff7de83-7f9"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 citi-preto-texto.png
citi.org.br/static/images/footer/ 58 KB
59 KB 254ms
252ms Image
image/png 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/footer/citi-preto-texto.png

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e31169b0e39e9b508a7101c2b84bea761d2f1eb322d853c14a11ddf75874cfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: "5ff7de83-e947"
strict-transport-security: max-age=15724800; includeSubdomains
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 59719
x-content-type-options: nosniff

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/ 113 KB
35 KB 12ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/TweenMax.min.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1177512
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 34771
cf-request-id: 0784fa3da2000005c832941000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c4b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e2LTL5gyekgdvQXn4rfqhB2pNHuI12F0iYiSY1SC551VMAbFf56kkyzd9UXIQTBWU8KD2yP5TGHVEmwzTnsYotcFptY%2F%2Baz9Y78bHkzDKl4Nm0KzlFNufbeWNkE1MZrvcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60e82ca90f6b05c8-FRA
expires: Wed, 29 Dec 2021 19:02:43 GMT

GET
H2 200 svg-morpheus.js Show response
cdnjs.cloudflare.com/ajax/libs/SVG-Morpheus/0.3.2/ 22 KB
7 KB 13ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/SVG-Morpheus/0.3.2/svg-morpheus.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b5558d8e8d9da629c5145e2055c301f78eef538c57434662a1679652d448c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 157483
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6653
cf-request-id: 0784fa3db3000005c8660c8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-56cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TLAbBY%2FGM5F8DF9pnRLmvKyLIVv%2FnfdT5UP8i3fYmxBenq0AKrBCZSQJhTcvVXmhykBxrTI%2BUMSPCo1om12gL97sL3q3ExBNfKvAnZhs5zGZoGdAGig5FKt9JeyFvn4%2FRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60e82ca91fdb05c8-FRA
expires: Wed, 29 Dec 2021 19:02:43 GMT

GET
H2 200 main.js Show response
citi.org.br/static/js/min/ 368 KB
98 KB 140ms
140ms Script
text/javascript 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.org.br/static/js/min/main.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7ee86944ff2b68dd81b848e5f80040fa9e38e33f67be76a60e3be8deca227fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: W/"5ff7de83-5c0a9"
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 2881c241d1.js Show response
kit.fontawesome.com/ 10 KB
4 KB 46ms
46ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/2881c241d1.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3afc2f34f69378afcd70b64bfb9839c63ebbb0b913a96c7fb51afd6186e387b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
vary: origin, accept-encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 0784fa3e1e00002c3e0a362000000001
x-request-id: FlhXCSGn0MmLUicjGCrB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
cf-ray: 60e82ca9bc962c3e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 869ms
868ms Script
application/javascript 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js
Requested by: Host: citi.org.br
URL: https://citi.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52955c3402961305b1328a34a138e62474ded8c1e9951b3d30de14d050b98bb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cf2Z54FUySBWoNaGAZxznjaumgBAdW9H
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 13:31:34 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"f5186405c0fdcb29aec4b496a9ef0f7f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 08 Jan 2021 19:02:45 GMT
x-amz-cf-id: koz7Ifs3CUn_CC1n46e9qjN3qNbWH2pMYrPmqrao8P57M5_8LuqEsA==

GET
H2 200 main.4e467e6fb71fceffdfc2.js Show response
citi.org.br/static/js/min/ 114 KB
38 KB 198ms
196ms Script
text/javascript 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.org.br/static/js/min/main.4e467e6fb71fceffdfc2.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1102ab57bcb53a99cde75b4d66985df83f0a3a98ab67865446c1618ca573e985

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:47 GMT
server: nginx
etag: W/"5ff7de8f-1c78d"
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=0, public
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
34 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB4D7TG

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55f453eb45b3eeee2c73ff120079ea5b90424a9306c2e9dd43a85a65d5ae911b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35158
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jan 2021 19:02:43 GMT

GET
H2 200 drop-hover.svg
citi.org.br/static/images/navbar/ 239 B
496 B 292ms
292ms Image
image/svg+xml 104.236.33.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citi.org.br/static/images/navbar/drop-hover.svg

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.236.33.150 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3f1cf987ea8a13c40b0605e792e1efb6c539d4d102793e271fcf1fd09478fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://citi.org.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 01:24:35 GMT
server: nginx
etag: "5ff7de83-ef"
strict-transport-security: max-age=15724800; includeSubdomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 239
x-content-type-options: nosniff

GET
H2 200 7cHsv4kjgoGqM7E_CfOA5WouvToJdLm8.woff2
fonts.gstatic.com/s/barlow/v5/ 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHsv4kjgoGqM7E_CfOA5WouvToJdLm8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cea8224616594cbb4d6aa8dac1283ec0974afd4a02ba2356d928ff297ceed77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://citi.org.br
Referer: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 07:17:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:57 GMT
server: sffe
age: 301493
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
expires: Wed, 05 Jan 2022 07:17:50 GMT

GET
H2 200 7cHsv4kjgoGqM7E_CfPI42ouvToJdLm8.woff2
fonts.gstatic.com/s/barlow/v5/ 15 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHsv4kjgoGqM7E_CfPI42ouvToJdLm8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

284bd33318baf4cc14eb00e5b8555c1e6a2aacc50274718c3caa1e38d0b7b36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://citi.org.br
Referer: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 20:27:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:10 GMT
server: sffe
age: 81299
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
expires: Fri, 07 Jan 2022 20:27:44 GMT

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3q-0s51ostz0rdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5601e5d4cc338014e5f5223194aec12081abe7ad4098902063c8107d4ca3af1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://citi.org.br
Referer: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 07:51:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:42 GMT
server: sffe
age: 40252
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14048
x-xss-protection: 0
expires: Sat, 08 Jan 2022 07:51:51 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
fonts.gstatic.com/s/barlow/v5/ 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://citi.org.br
Referer: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:23:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:51 GMT
server: sffe
age: 16736
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
expires: Sat, 08 Jan 2022 14:23:47 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://citi.org.br
Referer: https://fonts.googleapis.com/css?family=Barlow:300i,400,500,500i,600,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 20:38:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:21 GMT
server: sffe
age: 80627
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14128
x-xss-protection: 0
expires: Fri, 07 Jan 2022 20:38:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB4D7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6191
date: Fri, 08 Jan 2021 17:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 08 Jan 2021 19:19:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 35ms
34ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB4D7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12179
x-xss-protection: 0
server: cafe
etag: 494165680877134304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 19:02:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: PiBwUaRM6hoOaPAYX1qAjABNPdeyrT4YXKshulfg1eIgtLTAEMtXOQ6GEMQkrkUa+3w1QQAGLRP9/zN2DHI8Ew==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Jan 2021 19:02:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 22ms
22ms XHR
text/plain 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=565839583&t=pageview&_s=1&dl=https%3A%2F%2Fciti.org.br%2F&ul=en-us&de=UTF-8&dt=In%C3%ADcio%20%7C%20CITi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1849222420&gjid=519820707&cid=197767023.1610132564&tid=UA-106513339-1&_gid=1159225561.1610132564&_r=1&gtm=2wgbu0NB4D7TG&tc=x&z=2065352346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 19:02:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citi.org.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2361519507463613 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2361519507463613?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cd41d9464e2460ba8d1901f4c09eb13ca2bedae965d66a7118a7a9598fab31a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: xXpCsMsRFyb8cf/1YsYXG7b9Xs6a6zhXa7iunByriYYlr2q9yuyuBGAxnNQR6gJ8E/Yd0yz6L0MgZSOgY7XegA==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Jan 2021 19:02:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1065785261
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/876120853/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/876120853/?random=1610132563633&cv=9&fst=1610132563633&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fciti.org.br%2F&tiba=In%C3%ADcio%20%7C%20CITi&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d1b4c2908990e2c1ea8e9d896d65b32cd11c7e44d5553121aef4ade3916e5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 19:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-106513339-1&cid=197767023.1610132564&jid=1849222420&gjid=519820707&_gid=1159225561.1610132564&_u=YEBAAEAAAAAAAC~&z=85676268

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Jan 2021 19:02:43 GMT
content-type: text/plain
access-control-allow-origin: https://citi.org.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/876120853/ 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/876120853/?random=1610132563633&cv=9&fst=1610132400000&num=1&guid=ON&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fciti.org.br%2F&tiba=In%C3%ADcio%20%7C%20CITi&async=1&fmt=3&is_vtc=1&random=604566421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 19:02:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/876120853/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/876120853/?random=1610132563633&cv=9&fst=1610132400000&num=1&guid=ON&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fciti.org.br%2F&tiba=In%C3%ADcio%20%7C%20CITi&async=1&fmt=3&is_vtc=1&random=604566421&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 19:02:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 31ms
30ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://citi.org.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 75606caa7122049e455c8f29e5ce11c7.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-cf-id: zdc2wL1CNPXo4EU50edJfWWkT7qfI2ou0_sy9DM5IPeen8Rmze3l1w==
age: 44722
cf-cache-status: DYNAMIC
cf-request-id: 0784fa3f0f0000dfc33330e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gtb7kMBRZQ%2B3XGF3m%2FIeKvHhzkwr5mM%2FnOqvDEpmBeljsOAUZmW07Tjv1pclgrFkOD%2B062Q2QuI7lMVVQfCSe47497oPIPntKc5zNLpdy4%2B1jGMVD9QfJDNkPFcNV%2FuMTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60e82cab4fa1dfc3-FRA

OPTIONS
H2 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 29ms
29ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://citi.org.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-cf-id: 7yhAtIGgMsbkzysX6KO0MoSyAWbNLFIQWuCG25M__p4UAZz7YEXhPA==
age: 56075
cf-cache-status: DYNAMIC
cf-request-id: 0784fa3f100000dfc3113b6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JbRSJecp3HfiaGLfMC2q8mUNvAvOobkmV5UDvs%2BtpBL2MCv%2FooYg25d1Tt%2F0fgtUxC9XLCKolMxyYUsQ5cY0bs8FHownjj1qLN%2F4mOqaZIJYp5bPFODcBQEXSqbZ2%2BwBrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60e82cab4fa4dfc3-FRA

OPTIONS
H2 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 37ms
37ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://citi.org.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 e99fe2b78fa4752ff3db0f5bbeab2863.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-cf-id: vMA39eg2VidpglOfR9FT0VRrrBk7CWSD9eenMmm_14kNFg1oHWpHZg==
age: 63439
cf-cache-status: DYNAMIC
cf-request-id: 0784fa3f100000dfc32c897000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IgYepdBxaqk7Rxn7xiTsOxV%2BxaetsUaAkxUch8%2BVFDz%2FL8H7zbrqXL8a56oDQsprTgvXam4Br4Je0CGi%2FNtkcE9%2B0PL6jCUqWo%2BcbdCCd7fXOzva3%2BzBcfHrUgJ3Zz70mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60e82cab4fa8dfc3-FRA

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 59 KB
13 KB 50ms
50ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2881c241d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 2881c241d1

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
via: 1.1 ba5fe64f4b79b31baa8e0dd63a6b67c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 0784fa3f2f0000dfc309a97000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"319d424ba89a84bbd230a3b5f7024193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FLaYqISSFYVWJzxGbGu1oyOk2%2F2Lua8Wj21eiBLmI65OHmLQWlEBGT%2Ftm4%2FLaoZuLugHo0F5mLlcfFaBefyMkkH8J6hur76MOewxvQTxFXnYUG53AD4ruY1oxTi%2F52v4qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 60e82cab781edfc3-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Xqa_RUKWWyMOO1HRpFp-ZwIrG-_kyKgO0yLqFwXsjVMgSy0FBCWmOw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 26 KB
4 KB 44ms
43ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2881c241d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 2881c241d1

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 0784fa3f2f0000dfc3dd0d6000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"2e4c3da4eae1c876a281d6ca5a7a5b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fgmGHNuOkSudXYdckkptvpbRplqikzj0l25rCzwB5ssmja95y5l0vgtApdvPFqAlqLXY6pHyPajQ6SmmL4i9antLi0lAQJs5UFQyPYWDWoKO528CenCv0IQhkoMQqFZdLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 60e82cab781bdfc3-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: S88I09Rlg7uft_h_o0tlK1abk5Zuf_7frOof9F9FA1CfyBbfdkGzBQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 3 KB
1 KB 51ms
50ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2881c241d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 2881c241d1

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
via: 1.1 c8bc822d127c22f2d3037dca4743fd62.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 0784fa3f350000dfc3e612a000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"a59d3f1e8fae455f68a6cafb35ac4838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TH9xLPZB%2BzLdiI3JJOaLBYnE%2Btx5kmMYM%2BfsqWE2o13PFGlLu%2F8sZvhFLmTYz%2FBsc95sE1xQU4Z4aItza1OP8gW1s4YQlLN1Gxn%2B7EnqFbm7l7fU6mNCmk%2F3%2Bg0zu2Vclw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 60e82cab882ddfc3-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jNiRG0yoFhq8p9VPwWCjJ0F0sBpn_rzm7qKL66QlsJ9UAWB3v7aH7Q==

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2361519507463613&ev=PageView&dl=https%3A%2F%2Fciti.org.br%2F&rl=&if=false&ts=1610132563803&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.2.1610132563801.1735170901&it=1610132563621&coo=false&rqm=GET

Requested by

Host: citi.org.br
URL: https://citi.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Jan 2021 19:02:43 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 19ms
18ms Script
application/javascript 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 05:54:49 GMT
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
age: 47276
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: EUMgcPxshbvuUaSRIalfWHQ1RcjTEzzeUSqEm6bITo3odEaCpPte9A==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 20ms
19ms Script
application/javascript 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 22:00:53 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 17:57:29 GMT
server: AmazonS3
age: 75711
etag: W/"79eba5359f199f99d84acbac958db7bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: fvUeuGFBK7nhwvE_ycf2sTAfAQff3DpI
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: -PC5-9osS96rZsMw0Azn78T_cftv_q6fcahyv9eJdM10pKPqpkYmMA==

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
600 B 142ms
142ms XHR
text/html 104.198.189.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.198.189.172 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

172.189.198.104.bc.googleusercontent.com

Software

nginx/1.15.8 /

Resource Hash

45dab6a5d34f7924cb213bc321afdc6f8076e822f7188a59e45db4a1e99202dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Jan 2021 19:02:44 GMT
x-content-type-options: nosniff
server: nginx/1.15.8
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://citi.org.br
access-control-max-age: 1728000
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 192 KB
54 KB 22ms
22ms Script
application/javascript 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1900d2c515c710cfde25b3cb79ddc9d9ec615bb03ab40111b9cd03c083cb214d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .nup1SXiBdZuAbxM5NRqJeRIV6Z0jCV.
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 13:12:27 GMT
server: AmazonS3
age: 24872
etag: "6f44a969c1f5b8cbf92525113511222a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
date: Fri, 08 Jan 2021 12:08:31 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 54727
x-amz-cf-id: G2SB2zf2IxrfZEm28g18YJZw-u73ismUiy4mI_yNU_qQZnez0YNEGg==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 10 KB
4 KB 22ms
22ms Script
application/javascript 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d46518cdc6086762d65d83a8825b597e7b485c718b6d483711194045ebf23aba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: LThLmeb3.2EnwnzEjL9tbdmiuU_OhQs5
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 17:59:54 GMT
server: AmazonS3
age: 72073
etag: "bcb42bf4cb4d6093f1b2bdb9b2529f4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
date: Thu, 07 Jan 2021 23:01:36 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3983
x-amz-cf-id: MgF370xopiM1Y4PqaJSwcS-y7bxbH-xTeWWZdsiui6CcTvKxLwrYSQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 04 Jan 2021 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336570
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jan 2022 21:33:14 GMT

GET
H2 200 show.json Show response
pages.rdstation.com.br/popup/ 44 KB
44 KB 623ms
364ms XHR
application/json 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.rdstation.com.br/popup/show.json?account_id=113473&uniq=_t2tg20fpx&ref=aHR0cHM6Ly9jaXRpLm9yZy5ici8%3D
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 175291bcdda186cc99e6962f281b33162f8748a7b165ca64a3b44c4de4582816

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 19:02:45 GMT
content-length: 44903
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2361519507463613&ev=Microdata&dl=https%3A%2F%2Fciti.org.br%2F&rl=&if=false&ts=1610132565307&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22In%C3%ADcio%20%7C%20CITi%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.2.1610132565305.871064624&it=1610132563621&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Jan 2021 19:02:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d7b01c47721d70b075e7de0317dbff2503d0abdc47c0e19a168f6a6c1275f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 19:02:45 GMT
server: ESF
date: Fri, 08 Jan 2021 19:02:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jan 2021 19:02:45 GMT

GET
H2 200 $18f4qx41lwa
d335luupugsy2.cloudfront.net/cms/files/113473/1582814688/ 42 KB
42 KB 879ms
878ms Image
image/png 13.224.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/113473/1582814688/$18f4qx41lwa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b14162546f2f4acbf6362127307638e1db925c711cb01175dea1faf2d26371cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 19:02:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 14:45:25 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "5d3b1b709771e2e2345373d7cd2e952f"
x-cache: Miss from cloudfront
x-amz-version-id: PoOuELcaSZLy9v9BmnjOlCZ6pPdhQQ6M
accept-ranges: bytes
content-type: image/png
content-length: 43095
x-amz-cf-id: S2seREPFxCOy5DOKgPNznj1v4imdKE5ta667WZh7_H7h9QnAl1lOng==

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citi.org.br/	1970-01-20 08:32:20	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNjEwMTMyNTY0MzgxfQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js(Line 1) Message: LeadTracking initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js(Line 1) Message: TrafficSourceCookie initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/55f96b2e-371f-43b6-8e7a-1d7c1a1eef5d-loader.js(Line 1) Message: FormIntegration; ver.1.3.3 initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
citi.org.br
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
pages.rdstation.com.br
pageview-notify.rdstation.com.br
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.198.189.172
104.236.33.150
13.224.89.226
172.217.22.98
2606:4700::6810:125e
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:803::2004
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:814::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.68.90.188
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1102ab57bcb53a99cde75b4d66985df83f0a3a98ab67865446c1618ca573e985
15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d
175291bcdda186cc99e6962f281b33162f8748a7b165ca64a3b44c4de4582816
1900d2c515c710cfde25b3cb79ddc9d9ec615bb03ab40111b9cd03c083cb214d
284bd33318baf4cc14eb00e5b8555c1e6a2aacc50274718c3caa1e38d0b7b36d
28b5558d8e8d9da629c5145e2055c301f78eef538c57434662a1679652d448c6
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12
3f1cf987ea8a13c40b0605e792e1efb6c539d4d102793e271fcf1fd09478fa5e
45dab6a5d34f7924cb213bc321afdc6f8076e822f7188a59e45db4a1e99202dd
4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
52955c3402961305b1328a34a138e62474ded8c1e9951b3d30de14d050b98bb1
55f453eb45b3eeee2c73ff120079ea5b90424a9306c2e9dd43a85a65d5ae911b
5601e5d4cc338014e5f5223194aec12081abe7ad4098902063c8107d4ca3af1f
5cea8224616594cbb4d6aa8dac1283ec0974afd4a02ba2356d928ff297ceed77
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
685b40a8898341a58765ebfb9ae63d34c822a9ed5f2b28f3724b482ba6911a91
6a6acccff1baa527b02f1f3befd4b228a786dbc77cc74db152b2096d5e385ce7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d1b4c2908990e2c1ea8e9d896d65b32cd11c7e44d5553121aef4ade3916e5fe
7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191
7ee86944ff2b68dd81b848e5f80040fa9e38e33f67be76a60e3be8deca227fa1
7fbe7cbac0f7ce86904f7df0da627b05d661d1050a27368f66150ca3c90b3b96
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8cd41d9464e2460ba8d1901f4c09eb13ca2bedae965d66a7118a7a9598fab31a
9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020
9cf75f4a592b22be430866715c8d9d09ecb2569cd405dccc45424b0d49c4d8eb
9d7b01c47721d70b075e7de0317dbff2503d0abdc47c0e19a168f6a6c1275f62
9e4d3a9f568cdc916653678b9d0a7261a12898a78bab13339e1fd6cf5ce7f018
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b14162546f2f4acbf6362127307638e1db925c711cb01175dea1faf2d26371cd
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b
b808835fe4c8a89c71d42b8a4eb384e8e34f253348e98e35683d40f0f6990b41
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
d46518cdc6086762d65d83a8825b597e7b485c718b6d483711194045ebf23aba
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e31169b0e39e9b508a7101c2b84bea761d2f1eb322d853c14a11ddf75874cfd2
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ee6d4e9549fc80f170858efb2c77d1cafd7b4ab9a86a985f650193899c221fc3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3afc2f34f69378afcd70b64bfb9839c63ebbb0b913a96c7fb51afd6186e387b
fd6484035a4c86343e2a5b1be62d65971f732ba7114d185fb55b000e34acad9d
fdca2f6e011005d4d6c2e8074dae9d9f4e782155236d533e66bf4ef2cd371615

citi.org.br Open in urlscan Pro 104.236.33.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

74 %IPv6

15 Domains

19 Subdomains

19 IPs

4 Countries

722 kBTransfer

1911 kBSize

1 Cookies

6 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citi.org.br Open in urlscan Pro
104.236.33.150 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

19
Subdomains

19
IPs

4
Countries

722 kB
Transfer

1911 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions