r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18740
Expires: Sun, 22 Jan 2023 05:52:26 GMT
Date: Sun, 22 Jan 2023 00:40:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14102
Expires: Sun, 22 Jan 2023 04:35:08 GMT
Date: Sun, 22 Jan 2023 00:40:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 00:32:31 GMT
content-type: application/json
age: 455
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9627
Expires: Sun, 22 Jan 2023 03:20:33 GMT
Date: Sun, 22 Jan 2023 00:40:06 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 00:40:06 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rS+dnpJ6f5aWzteeO0Icb2w7cQc+V04VycrJsAPSEJXp5s98pqNgHN0/S9rdnayuYYFO3Y4mpySU2KwPr3paYQ==
x-amz-request-id: GNVE909KRAH35QP5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 23:47:03 GMT
age: 3183
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/bk-coretag.js.download
69.169.81.200200 OK 10 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/bk-coretag.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (27237)
Hash 50e4ef74c33dc04e0b3d2322a1fba1f0
948a757dca7fc52b36271f4edcae9f1f45460261
5f784f207042e04b50f08a21897583858f58ee22cec99e53c49b31bea2d454af
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/bk-coretag.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/bat.js.download
69.169.81.200200 OK 7.8 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/bat.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (26019), with no line terminators
Hash e5901b0ad94ba36d5f0a7e229c356330
4fc1368d331d2ff2a5ed98a5fc35b0835c48c156
645d59f418e6289e1cf52cc7eaf34fa1dc9af6bb784dde8c24cb853b3e7347ff
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/bat.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7790
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tc.min.js.download
69.169.81.200200 OK 6.4 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tc.min.js.download
IP 69.169.81.200:0
File type C source, ASCII text, with very long lines (20027)
Hash fc6c462497a23605e36a2a10efc69f38
52425938e291994ff426856e15a4d0012aaaa91e
e147cbdc6639c17f263465eba7d85437e3d58d3e762d8a045d6317a874ef24a7
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/tc.min.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6375
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/cool-2.1.15.min.js.download
69.169.81.200200 OK 5.2 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/cool-2.1.15.min.js.download
IP 69.169.81.200:0
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/cool-2.1.15.min.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5197
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f.txt
69.169.81.200200 OK 11 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f.txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (1981)
Hash b6814c15cf2ae77e00cf0a002dffeefc
67752325b74f11cdcec9636229f30f593116fa7e
fe4c86005ced38545f2198672e9903dbb465553c242715cb2b04d5df211e7f2c
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f.txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10882
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
69.169.81.200200 OK 277 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (55592), with CRLF line terminators
Size 277 kB (276644 bytes)
Hash 80709ecdb2dcb8624f1cbc8117b52b4c
7e04963a7a9961091aa12e22a0ed26a67b1dc195
54cf58196265c0434797d5e1beb9b2b6bece8cf54c3d568741d5def85ac1d14c
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272= HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:06 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/1560.js.download
69.169.81.200200 OK 8.7 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/1560.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (33629), with no line terminators
Hash 6eff2cda47845f2fdb0cb6f86946ba72
e7e4de3760422d26dcbe7855737b06755baf63ff
65de4b78c95a4e084242458c5025b627a31dbb68abcd7db5a125a9c1309d2d23
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/1560.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8697
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 4b07f48456a2db57a3cd0a98604ef1f7
7f21fed1372f45f6239412252bfce829d8eb6228
c0398da1e158aaec8f97bde22b81282ea16bfb722ea918605696792f03c662d3
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32361
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/up_loader.1.1.0.js.download
69.169.81.200200 OK 1.7 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/up_loader.1.1.0.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (4091), with no line terminators
Hash 0820b2dc7d6414e65698461908a8711f
cc6135aa88515d605d04484a2ef19cc1b6118d02
d58dfb0563b4edbc254c03a25117ba658b9b46ccac34319afdddf4bde8f9d98f
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/up_loader.1.1.0.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1745
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(1)
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(1)
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 92dc35e8be0ed3d25fee5c075c30a70c
01cf61c495bdb47cd3b4ccee834e6a9099180fa2
c3e2c083767d10a321bd161a3a3c2a1cf27ace4d24232e39523f21cb3a1eeb09
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js(1) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32357
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(4)
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(4)
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 8881905b46c3d525f4dd63783c20c0db
f4cef12c4fa7664db68f465f7db96e5c8c54f043
afaa77954c81404877cfa6a81ecf4c35b67d35462707331c10d35d0643192f32
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js(4) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32360
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(2)
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(2)
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 4380b93635826de9842e50b4bb43231d
d8707af682592ba3f84b35f4bd2b12d85150b127
0fc80da2349a002537b63942437622cb9e7db8753372d75c96d6d146ecc90dd1
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js(2) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32360
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(3)
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(3)
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 2db029de7734fd567250a837b4015de0
baacb3edc43a68a51d28ea86d5ce709fda3fba34
af1e8c5c64cb4e5743e468c405acdabc970a1e2feb5e67bfec5ab1384836dc82
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js(3) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32359
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/557566dc60916e3de69e006bef252459.js.download
69.169.81.200200 OK 763 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/557566dc60916e3de69e006bef252459.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (1964)
Hash 317da12924228063a155ef6c18f54170
fecd1e51b4925ccda28b428e512ef25cb65b34ea
2ef1ab0033be93a4c92819bf929938a96738d6ee544bc5b4bdd9fe6eb4aa00ae
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/557566dc60916e3de69e006bef252459.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 763
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(5)
69.169.81.200200 OK 32 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/js(5)
IP 69.169.81.200:0
File type ASCII text, with very long lines (1579)
Hash 4416b2f5b8f05da6c5c9b560693c7cd3
972a2b2baf4963e5b3444371148aca1c956b00d9
51a8c52d576a00775c9a38b500592e8812bba8aec7391b5bb259acb591356033
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/js(5) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32347
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8de5090661235f9105f2e707389a9caf.js.download
69.169.81.200200 OK 2.0 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8de5090661235f9105f2e707389a9caf.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (540)
Hash 63ff9b694f9c17ffc0cba4e1c5f7ba52
03f57f42cb16f37a570f72e1a69a518ee95e1da0
494f5a63e73c9fb596c89f6de9469ac63b92dd85fef1dc4d8fcb74d50ae2447e
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/8de5090661235f9105f2e707389a9caf.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2049
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/ee55763bbebca7805817a98103ec6f50.js.download
69.169.81.200200 OK 480 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/ee55763bbebca7805817a98103ec6f50.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (521)
Hash cbfc5d8cbb3795b96850ba3a5c9fd2a1
f84bd1d4236a3974a73e3d61a8233902de626ed5
3191094617bf0149f09502c9843e682a5cb860a894085afc9055b386e36fc208
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/ee55763bbebca7805817a98103ec6f50.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 480
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce79c93b65e0a573d9392ab97191c430
dc3eed67d60ee0e2d82c4f257ae21fee5c0d2133
d50917be4e2ba3a373d6245824d806d6fd77c8ea5787a10dac53955667da3a50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5707
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:07 GMT
Last-Modified: Sat, 21 Jan 2023 23:05:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8637af7c210f4e79436bc39f71b49bfa.js.download
69.169.81.200200 OK 539 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8637af7c210f4e79436bc39f71b49bfa.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (523)
Hash 09080bafeae8dfdb97ab5f5402ee54fe
2b22e9a204dc28a819021d8b12d9ec91c1f0dca7
c96eca6a30efdbdc214d8a4d8631f66a9ea52edab286d1e46c4e277befd9282a
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/8637af7c210f4e79436bc39f71b49bfa.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 539
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download
69.169.81.200200 OK 548 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (524)
Hash 38e6a3a3c9a5b9bdbf4c2afa815a0eab
e59ec1f408515c29253192f01d6c445152ed6c7e
44f8d4a027af822df7160def12841736ccb9b39e6431121acae31a8713baf045
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 548
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8e65688c37e3cfac5fcf631a6bbebaf5.js.download
69.169.81.200200 OK 6.7 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/8e65688c37e3cfac5fcf631a6bbebaf5.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (572)
Hash 08ad1a5816c1b4edf1514438c8c61822
83cb35492d414e4f288be7276419bc20dcfa8356
30e152624ebd99b214efae3cf3a57b1be18651c9e32779f8a0aab547c7badb9d
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/8e65688c37e3cfac5fcf631a6bbebaf5.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6716
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/cb092b2ff994a5f9a27eda3b2258f538.js.download
69.169.81.200200 OK 1.2 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/cb092b2ff994a5f9a27eda3b2258f538.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (522)
Hash ade044ec4bba57f27e1e3d04401e430a
8688c8bb7ac55e232c866ca54ef76a830ad545b6
c4fcd629dc21a3a52d41064899cae06c778880407dbe4e39dc7b3cb2a0397b13
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/cb092b2ff994a5f9a27eda3b2258f538.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1200
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/7a9abd5b52a3e438cec898587d77cfa0.js.download
69.169.81.200200 OK 82 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/7a9abd5b52a3e438cec898587d77cfa0.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (965)
Hash 500d366a2c4d0869ac607dba7ef17423
d493ee703bc082fc247c06c003b4b90d43af6e93
32412c0fdef3c272df65450ec4d9f490f11f5ff524fc19794e094c93db1378f2
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/7a9abd5b52a3e438cec898587d77cfa0.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/452786ced3e658890f8f25121c88ab98.js.download
69.169.81.200200 OK 22 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/452786ced3e658890f8f25121c88ab98.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (1005)
Hash 129e302cdaaf3e742ca0a2fc4f5d3d90
3fd7d1b67a6afb737acf25dca359b44e6c95d4d3
1509eafe9b79dd812bec208fe6327b0d6bcc01a6ba15d02d4c35cb0fdc2895e1
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/452786ced3e658890f8f25121c88ab98.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21874
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/d06a7425889facdccb0c0703252e84f2.js.download
69.169.81.200200 OK 35 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/d06a7425889facdccb0c0703252e84f2.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (603)
Hash 97fe880743e13ce7bb5aa9638fec07f1
e1e508c9a35b77082ab699d2a6a44584d5f072b3
6f4f184ef830840cb76045b972783232240c650f5602c9d685eb88e0ce733285
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/d06a7425889facdccb0c0703252e84f2.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34708
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f1c71c10d3e2f87f440821ca1f9e2e65.js.download
69.169.81.200200 OK 664 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f1c71c10d3e2f87f440821ca1f9e2e65.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (549)
Hash 83710252817578d5a9330b2ee70d8498
7c8ef475121fb121b9dde171ff2c864801214c97
1aca6131eb91b23ef861852d0fc1863f63c59accd3b7d941927c0043c529d628
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f1c71c10d3e2f87f440821ca1f9e2e65.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 664
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce79c93b65e0a573d9392ab97191c430
dc3eed67d60ee0e2d82c4f257ae21fee5c0d2133
d50917be4e2ba3a373d6245824d806d6fd77c8ea5787a10dac53955667da3a50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5707
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:07 GMT
Last-Modified: Sat, 21 Jan 2023 23:05:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/injectChat.js.download
69.169.81.200200 OK 12 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/injectChat.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (27151)
Hash e3bbda681821c40372696577062737c6
e241e8810bdff8821918364d7f84008e59124442
cfb54d7cef2e362dbb108a9041b935aca410e4f9b7b990fc9b103c9c71213e3f
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/injectChat.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11516
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce79c93b65e0a573d9392ab97191c430
dc3eed67d60ee0e2d82c4f257ae21fee5c0d2133
d50917be4e2ba3a373d6245824d806d6fd77c8ea5787a10dac53955667da3a50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5707
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:07 GMT
Last-Modified: Sat, 21 Jan 2023 23:05:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce79c93b65e0a573d9392ab97191c430
dc3eed67d60ee0e2d82c4f257ae21fee5c0d2133
d50917be4e2ba3a373d6245824d806d6fd77c8ea5787a10dac53955667da3a50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:07 GMT
Last-Modified: Sat, 21 Jan 2023 23:47:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/fp.js.download
69.169.81.200200 OK 4.2 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/fp.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (2587)
Hash 01843069c70e26408e06bf62a863787e
0fd6913d541873429656678ce94afce2572ffdcb
4f4669f008854a8f2e442f4ee85fffdc5392b8d114db74e070369895df1c25d5
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/fp.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4191
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 00:17:29 GMT
age: 1358
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/SampleEventDelegate.js.download
69.169.81.200200 OK 557 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/SampleEventDelegate.js.download
IP 69.169.81.200:0
Hash 4f5cb89af3759311b1d6d13a3102ee37
1be50c9b2d8def434e76b76830932bbef4717aad
5c7a7c8b42d1ef509aa98526f468da50c570c2f425e5b20e8c12c4c4c889c99c
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/SampleEventDelegate.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 557
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/config.js.download
69.169.81.200200 OK 0 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/config.js.download
IP 69.169.81.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/config.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tagging.js.download
69.169.81.200200 OK 11 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tagging.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (328)
Hash 6fe9cce33aae5f18d097885c0e6d9f16
9bf54ee1806055acbe7ed56f8725810fad49195e
c3eea80049ec54f3ba7df527f463831413c2b155dfa1a159232be4954ea503f4
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/tagging.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10721
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/snare.js.download
69.169.81.200200 OK 11 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/snare.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (38662), with no line terminators
Hash dc5eb784f5bb79ca4d0ff694b4ec8cb2
ea5a8f50caa87cb1abc8e2faa3e326ac9f12d4b2
469fa2caf0ea592de1f3d79b06e029f7919c4677046dfcf974e6423b81ad0448
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/snare.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11087
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tags.js.download
69.169.81.200200 OK 11 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tags.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (5686)
Hash 6998a7088d7655b69ff121cca768e701
9f11148bdc047567defbd53b9be3ec0f3a21648b
20b8ada1665fe77598befcd5db8e4644aa5a072bdab16db7ce3a82f6023b3607
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/tags.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10780
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/Bootstrap.js.download
69.169.81.200200 OK 107 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/Bootstrap.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (579)
Size 107 kB (106693 bytes)
Hash f5a194de1eff5658172fadeacc83624c
1783024b48f157b05e56a0ea9618a4f1e4c93c55
1a5390d90757974d9ddf81ad3561f77102cba6911bd0e7925bd6d7e00a06bc46
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/Bootstrap.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5124
Cache-Control: max-age=121925
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:07 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 10:32:12 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/logo.js.download
69.169.81.200200 OK 108 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/logo.js.download
IP 69.169.81.200:0
File type ASCII text, with no line terminators
Hash 0c8a9ceda6af91e087541196a1caf9f2
d63be0eb446712bfcda93ffa329d11fa9b7c9d29
b0a9c21c5ec1b4f9f869c936edff3d8289984f839b07ccc38a4c638b2c0f4a77
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/logo.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 108
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/common.77af0047fcd25376073f.js.download
69.169.81.200200 OK 28 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/common.77af0047fcd25376073f.js.download
IP 69.169.81.200:0
File type Unicode text, UTF-8 text, with very long lines (65507), with no line terminators
Hash ee57efec5a3910b538e552885e68e4b7
a3e43ef0b69cc58428f84093ddc38ad68932466c
9cc288537f3d61b02602e7ae24eaf12737255297691fca4aea1c3ddfe9c2e13d
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/common.77af0047fcd25376073f.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27727
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/52.1f4f367f234777fb3a6d.js.download
69.169.81.200200 OK 83 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/52.1f4f367f234777fb3a6d.js.download
IP 69.169.81.200:0
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 0cb3e26d1991a1b8117328c4e1c969d0
af85e8364306d31f56a82cb4d28326ce7c26e47e
dc3ca0d9157b35db23475903fe1553f027f6207cfa1c307c49594ec2540878f8
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/52.1f4f367f234777fb3a6d.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tag.js.download
69.169.81.200200 OK 6.5 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/tag.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (18620), with no line terminators
Hash dad7df2fd4036ed7edd1ecde46ec34d2
ac3e7026c0fc104865195a3f518d2a1a1c2e8aef
de13e7e34ce5196d728c9e5ed37623a768f618df74bd6347aba9ff722558bcd7
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/tag.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6503
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/embed.js.download
69.169.81.200200 OK 674 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/embed.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (449)
Hash d4346d85261c0ef7b4849795f812c6a1
b7bb361d0569620cf4ecb295ff64316d072b6dfa
719c456bf80c078a63deb99e9ddaf046d5e48144dc32a724f2f81d140b22f646
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/embed.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 674
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(1).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(1).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2459), with no line terminators
Hash 9a2b4d5fe9ed892c4636d7a9d295b1e6
f61893da4183152d6bbf0d03a4d704656e19cfe0
8c21b6b526e1453041f5577b04fed8564d9bc1fbd0bf4a8c5b9d08fb782850f8
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(1).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1094
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(2).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(2).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2497), with no line terminators
Hash 8248c3742a74ff8644d0d284214f0de0
cbdaa583902f6f9570434c5ae3c44d99a8014f89
fa65912ab92c9ae127ac37c331404050c641d3730cbd1ed9f9c2caeb0ad0a027
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(2).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1104
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(3).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(3).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2499), with no line terminators
Hash 76948aaeb033e747805771452f3ff90c
04d18035ef1769cb51ee3f68bf6c3b030df134f8
cb040d563462b51216d7bb0e9674f49a141a3be979b017ff97b287126ee5feab
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(3).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1102
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/jsonp
69.169.81.200200 OK 90 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/jsonp
IP 69.169.81.200:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 403fe383bd5e2cfa5750f467aeee9717
49cb094196bc7fe775658613513012c0fe9806fd
e01dbb2ce15135ff402de7502d0f0a75a8d7a668aed6b9015d0d22ac1ffd7686
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/jsonp HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(4).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(4).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2497), with no line terminators
Hash 0c45f8f61981ec1f61f1bed322eacb25
48dbfb1ef9c814e2171e5168cdeabb39a60cad94
d25553fcbbef894e93a0b41bb905d070008d25d3c94f87d37d63c134fbd8d308
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(4).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1102
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(5).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(5).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2459), with no line terminators
Hash 016fb8b28ab44c04b1b699c84b085ded
be018b6108e22e1b68a9a54d25916c69117bd689
844bf92240ed9da4289dafeb1514ce399c6503da964a061ac70528051c9d9d12
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(5).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1093
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/plain
resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/copy_copy_1551286869362_Feedback.png
151.101.193.230200 OK 2.0 kB URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/copy_copy_1551286869362_Feedback.png
IP 151.101.193.230:0
File type PNG image data, 39 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash e5e7438db181971faaa4cf0a3677f263
a24b590e7352ae67c8b791232e2a68f2b7c86b94
7255a0ca5b054f57f9276ad5799430809f2fda326d795d6a5645aaaa6e9beae3
GET /wdcusciti/50/resources/image/copy_copy_1551286869362_Feedback.png HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6RG3tXoUPxTwJXa5ZjRK90lKCuJJ0gIh75u73Ed6gNpXG22sJwlDjyDaN4dJUnJPDbPEMNIV26A=
x-amz-request-id: NV20YAF6Q9YYDAZW
last-modified: Thu, 14 Nov 2019 20:30:23 GMT
etag: "8515c838c29a9151befa4f4350e41381"
x-amz-version-id: c4QPIOt7jeoG0ZVKM.gnL_o4mPR3HO8Y
content-type: image/png
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 00:40:07 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674348007.296459,VS0,VE700
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 2016
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(6).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(6).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2457), with no line terminators
Hash 8e294ad4ed113c92c791e3442ef149ca
c831332acd9dcc76d64d4f401014cada72515669
401684058c0e9c0741144f8763cdb715d6f9e90337fb01f3899e03486ebb47e0
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(6).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1094
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(7).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(7).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2499), with no line terminators
Hash 2379aab78d02971a226ecd116655630b
aea0136e1be05b68feb534193936d3624e459b2b
cca77059ef380e52729ca0a817f3cd9ca77d068af9f6a54d5e0b0eed4a64fed0
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(7).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1104
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(8).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(8).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2497), with no line terminators
Hash 15fef28c419537a808f8cf594983ead3
66a08035d4dfc8f326ea2ec433736daf8ed7df62
10cc26dad962f47434d3f5a9ec9271c9658ab46ca8efb685b11b3d2fddc7ac5d
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(8).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1104
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(9).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(9).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2459), with no line terminators
Hash d7995deb747f81dd0f639c3dfd917ac6
5459e5d8097193a9c8c0fe400bac998ca9ab557c
39432a3bbec2776e9bf4cbfd650864efbdf760ec31b027d88ec3374ef39e55a2
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(9).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1095
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/plain
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(10).txt
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/f(10).txt
IP 69.169.81.200:0
File type ASCII text, with very long lines (2457), with no line terminators
Hash 8fbf670f9a298296b03c4cf724bf73b3
7eda20967940dcd59eca77666c8027fd37ffa987
8e578e16e5a48219304dc904e42212b7f8590d1a1380b3f8c3bed6145e0d43f4
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/f(10).txt HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1094
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/plain
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P4WpCPd5Y9ybI/j9y2mGTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yc8Dug5k2dlDBQtfgDgjQKSPri0=
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/taglet_v2.js.download
69.169.81.200200 OK 1.9 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/taglet_v2.js.download
IP 69.169.81.200:0
Hash e8567369ed41466c426e2ef38d2c9ab5
e06f11f17442882a6e842b88a1b06eb3e4885062
388c994e512ed4b8c8ba4452423b748bd56db541ad51a32224f730019de47142
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/taglet_v2.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1937
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/jsonp(1)
69.169.81.200200 OK 2.5 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/jsonp(1)
IP 69.169.81.200:0
File type ASCII text, with very long lines (11872), with no line terminators
Hash 5dd7451dd1caa7813ae74012bb5793fa
be44a5542d864aafa872854bcacc8bc85dd7c326
4366dcc953c4467079d32792fd7ef393f2631a878b5744c439834738e7d6b040
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/jsonp(1) HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2501
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/overlay.js.download
69.169.81.200200 OK 2.3 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/overlay.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (6573), with no line terminators
Hash fbc5a30569d2cce2acfa978c19821660
c362723922161303381799f3b41899a29375929e
ac73cd671c0f71cd9208268dc70e0ae2665dd14c1db76377a7a84d1453925aef
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/overlay.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2282
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/UISuite.js.download
69.169.81.200200 OK 9.9 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/UISuite.js.download
IP 69.169.81.200:0
File type ASCII text, with very long lines (30603), with no line terminators
Hash 74bb6c4b6cc5957cbce313ba68e31298
6e1836e3c3e6570217033a5275da3e970b0df628
99a4fd38895d9f5cc9b58d19c4d90c1d910d75e03fbee766966227829bd9e18e
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/UISuite.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9939
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/citilive-search-responsive.css
69.169.81.200200 OK 12 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/citilive-search-responsive.css
IP 69.169.81.200:0
File type ASCII text, with very long lines (11959)
Hash 6d97dd67622a0843423929e0f8cf54bd
ae7bede2cba9ded1ce19d256b0d8579260beb8a0
818aef9000f23f361eff71d9b6e0c8ffc4ebe38b829fded0ea01f467ef6240a1
GET /.zauth/cit-verification-center/run/account_files/citilive-search-responsive.css HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12192
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css
online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-service.js
104.110.15.25200 OK 2.4 kB URL HTTP/2 online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-service.js
IP 104.110.15.25:0
File type C source, ASCII text, with very long lines (7615)
Hash e1577cfb2e8936a3c801851fff429693
1e861beca6b15a5f3d2ae277a95d7fd53e6256ec
95b8e61a19f61148c98e111e451ba37b8f27f55a415318e3fd49b56115c000a9
GET /JEA/CitiSearch/nexus-platform/js/citilive-search-service.js HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 11 Sep 2018 07:31:14 GMT
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 2415
content-type: application/x-javascript
cache-control: max-age=21600
expires: Sun, 22 Jan 2023 06:40:08 GMT
date: Sun, 22 Jan 2023 00:40:08 GMT
set-cookie: AKMTLTSID=A2A30D6CC87E20F0DD2E945301903BAF; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/polyfills.188595684613f8e45d1f.js
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/polyfills.188595684613f8e45d1f.js
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/polyfills.188595684613f8e45d1f.js HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js
104.110.15.25200 OK 26 kB URL HTTP/2 online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js
IP 104.110.15.25:0
File type ASCII text, with very long lines (8207)
Hash 4f41d862cbf585b1cdb8fb475f37e8e5
e3ab2e23f39fcca83588d0678f9164d199540f0d
20eb6fe6bb0bc32e7dbc56bdcc0f9880c5a24c8f8fbfc1fe24f345ecb2cfa9c7
GET /JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 18 Apr 2021 07:56:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 25945
content-type: application/x-javascript
cache-control: max-age=21600
expires: Sun, 22 Jan 2023 06:40:08 GMT
date: Sun, 22 Jan 2023 00:40:08 GMT
set-cookie: AKMTLTSID=B17D22CC9E2AE3465B793820B58C55D2; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/ HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
client_id: undefined
appVersion: CBOLV2.0.0
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.sistemasaf.com.br/.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
GET /.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.sistemasaf.com.br/.zauth/cit-verification-center/run/scripts.bd286875846164260cc2.js
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/scripts.bd286875846164260cc2.js
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/scripts.bd286875846164260cc2.js HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1590005865055.js
151.101.193.230200 OK 58 kB URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1590005865055.js
IP 151.101.193.230:0
File type Unicode text, UTF-8 text, with very long lines (35346)
Hash bf21e128f452d71dad3134e5a9b4e9bf
ee5c3ca1d32be7f2c8c4eacff1d63918a86ca206
84c704b89b78781aed6d79dc937acebdeb3eb10bce590b9aeffc41540deee4b1
GET /wdcusciti/50/onsite/generic1590005865055.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9No8I7JOTXkwNcv3TosBorQ+XpidPd2VxVr28B3yyJsM/B1wAMX7BhtdAo2tzImIixmIj4szoqc=
x-amz-request-id: NV25XQKH1MCH56FA
last-modified: Wed, 20 May 2020 20:17:46 GMT
etag: "b409d0192bcd1a9e7fcbb9bf5f1e1557"
x-amz-version-id: 1gi8D10iLTmEcclOfPjUY1pwkjWxjZL0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 00:40:08 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674348007.296595,VS0,VE1184
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 58355
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/styles.1b6e124b9844b0b8dfb0.css
69.169.81.200200 OK 315 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/styles.1b6e124b9844b0b8dfb0.css
IP 69.169.81.200:0
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /.zauth/cit-verification-center/run/account_files/styles.1b6e124b9844b0b8dfb0.css HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/HowCanWeHelpButton_default.png
69.169.81.200200 OK 3.4 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/HowCanWeHelpButton_default.png
IP 69.169.81.200:0
File type PNG image data, 187 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash e71e3bfe9e12b205c2245dd379c692c2
00d7da518ace188567640e43a3e902c4272a5a56
32a3f12de7303a57318e5d642651191478c2ea21334e2b1dd2bdd4f609bf2b86
GET /.zauth/cit-verification-center/run/account_files/HowCanWeHelpButton_default.png HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 16:11:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3387
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
www.sistemasaf.com.br/US/ag/commonui-assets/images/progress-indicator-bg.png
69.169.81.200404 Not Found 315 B URL HTTP/1.1 www.sistemasaf.com.br/US/ag/commonui-assets/images/progress-indicator-bg.png
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /US/ag/commonui-assets/images/progress-indicator-bg.png HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/styles.1b6e124b9844b0b8dfb0.css
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 404 Not Found
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/Citi-Enterprise-White.png
69.169.81.200200 OK 1.1 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/Citi-Enterprise-White.png
IP 69.169.81.200:0
File type PNG image data, 140 x 80, 8-bit colormap, non-interlaced\012- data
Hash 9ec13bddd784c6a3f118bf97aee1ffbc
6ba4b66b21b383d4310d910b5c8e005cf4628df6
b16556653dc8799d1dff57f750ddf5384b20676231dbc1adf046b2657ec7993a
GET /.zauth/cit-verification-center/run/account_files/Citi-Enterprise-White.png HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:58:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1050
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.sistemasaf.com.br/.zauth/cit-verification-center/run/runtime.7bd63e0d8ca281b5f81a.js
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/runtime.7bd63e0d8ca281b5f81a.js
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/runtime.7bd63e0d8ca281b5f81a.js HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.sistemasaf.com.br/.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=lpCb13262x22416
69.169.81.200200 OK 315 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=lpCb13262x22416
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=lpCb13262x22416 HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.sistemasaf.com.br/.zauth/cit-verification-center/run/img/errorLogo.svg
69.169.81.200200 OK 584 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/img/errorLogo.svg
IP 69.169.81.200:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (329)
Hash 3210e315dee7ea636165f4cdd4d402cd
110a09f9a0cd87f510d3435704631aefc02d7436
09541c2109f784fd10979ed9cce037e146b756f35ffa3c2e164d3aad92532341
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/img/errorLogo.svg HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 16:23:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 584
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/citi-logo-footer.png
69.169.81.200200 OK 1.7 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/citi-logo-footer.png
IP 69.169.81.200:0
File type PNG image data, 104 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 2db4d9bdea12daf1b15dfa787caaf26c
b86cc62149b9ed88d16c7f781f74fc808f7c3524
b39235da99a255bb5879d584e10658f9061ea766609619291c1ecba0190db6f0
GET /.zauth/cit-verification-center/run/account_files/citi-logo-footer.png HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1728
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/chat.png
69.169.81.200200 OK 2.2 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/chat.png
IP 69.169.81.200:0
File type PNG image data, 39 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash c356e10dc6d580a572902ee2cc4a89a1
d1935f45c226af9886f3d3a279a9717738c3cc0c
0147b2cc1880dc0b4b207d55cda14e55246d6ce609127b5ff6234f52bd92ef42
GET /.zauth/cit-verification-center/run/account_files/chat.png HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2247
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.sistemasaf.com.br/.zauth/cit-verification-center/run/main.16751faf80d4c141af54.js
69.169.81.200200 OK 357 kB URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/main.16751faf80d4c141af54.js
IP 69.169.81.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61428)
Size 357 kB (356999 bytes)
Hash a44e75a74f50ba152d2abbf0e73e7d8b
9cb20517f61b441e4fe5e7af885e74056d49f034
3a1a0fd491a93cf2241e1f37606ebb4ccc5b2fdb0ed3591060edb98ad2603c97
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/main.16751faf80d4c141af54.js HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdn.pbbl.co/i/pp.html
143.204.55.99403 Forbidden 986 B IP 143.204.55.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 090d1fe5eef66f73e5b4ed27d1b0fba2
99b1fa0a6d82661e5029b43811b2b24e2b211e6c
45a187f8470350272e901f44f1f3106c5ddbf6ec53b232eb4d7fcc29e9716210
GET /i/pp.html HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Sun, 22 Jan 2023 00:40:08 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: whR_bTvHf2feWgzKNYPOIRrVvH44-lIEhbePsXMLqR8QcmEcbOyAuQ==
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
151.101.193.175301 Moved Permanently 0 B URL HTTP/1.1 nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
IP 151.101.193.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /resources/onsite/js/cool-2.1.15.min.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Accept-Ranges: bytes
Date: Sun, 22 Jan 2023 00:40:08 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1674-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1674348009.976439,VS0,VE0
Strict-Transport-Security: max-age=31557600
sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
35.190.60.146301 Moved Permanently 0 B URL HTTP/1.1 sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
IP 35.190.60.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 HTTP/1.1
Host: sr.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Location: https://sr.rlcdn.com:443/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Content-Length: 0
Date: Sun, 22 Jan 2023 00:40:08 GMT
Content-Type: text/html; charset=UTF-8
bid.g.doubleclick.net/xbbe/pixel?d=KAE
173.194.73.154200 OK 0 B URL HTTP/2 bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP 173.194.73.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 00:40:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Jan 2023 00:40:08 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.2.133:0
Hash 46607f1f5ad1d16008442048b17e0195
37fb50a316c9e4ae661dbf99dde6a24caf8b1e07
e1786702c0c843962b3718284932ae40187c78671ccc8c4331290e516ffe7128
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 25 Jan 2023 22:41:08 GMT
ETag: "37fb50a316c9e4ae661dbf99dde6a24caf8b1e07"
Last-Modified: Sat, 21 Jan 2023 22:41:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 22 Jan 2023 00:40:09 GMT
Age: 3539
X-Served-By: cache-qpg1235-QPG, cache-bma1650-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 55, 4
X-Timer: S1674348009.024511,VS0,VE0
bid.g.doubleclick.net/xbbe/pixel?d=KAE
173.194.73.154200 OK 0 B URL HTTP/2 bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP 173.194.73.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 00:40:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Jan 2023 00:40:09 GMT
cache-control: private
X-Firefox-Spdy: h2
bid.g.doubleclick.net/xbbe/pixel?d=KAE
173.194.73.154200 OK 0 B URL HTTP/2 bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP 173.194.73.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 00:40:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Jan 2023 00:40:09 GMT
cache-control: private
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
151.101.193.175200 OK 5.2 kB URL HTTP/2 nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
IP 151.101.193.175:0
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
GET /resources/onsite/js/cool-2.1.15.min.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sistemasaf.com.br/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +RPDeBV+96SeBhTmr5k/zsKjk20zX7SpeMfwVoo0ZemrQ+3BKX2Ex6EuvfbwrGJn2YQ7ibPJnrE=
x-amz-request-id: 5QY58K1JMD8PVKXN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 00:40:09 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674348009.043998,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 5197
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bab5b8224b9f341b34621cde5e1860df
ecaa48973d920f13516248fe87d88e5c6ca6f725
e7eeb9b9af99d30d549c94936278266eee33f2f0389853213802786ac9afd950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:09 GMT
Last-Modified: Sun, 22 Jan 2023 00:07:45 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f631c08dfab435c072b79abd06878fa4
9afe165fd9a7412f445e22998784fa2e94ad3995
b55ad1c68e4a8ae91cd2c36525b9b80dcaf4a4478053ecdeb3cd7230191d5650
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2537
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:09 GMT
Etag: "63cb1e75-1d7"
Last-Modified: Sat, 21 Jan 2023 23:57:52 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 471
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDA4MDU5IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDA3OTE5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDIyNiwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMDc5MjEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
35.241.45.82200 OK 0 B URL HTTP/1.1 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDA4MDU5IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDA3OTE5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDIyNiwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMDc5MjEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDA4MDU5IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDA3OTE5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDIyNiwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMDc5MjEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:09 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-green-t5mz
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9a8fd0b3241bcf1ee875873e894dffa5
83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae
36ef11e6b7f16d416e2adb0b5075adf256ba43997742bd473cf2743d904eb3bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 13:42:56 GMT
Expires: Wed, 25 Jan 2023 13:42:55 GMT
Etag: "83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae"
Cache-Control: max-age=305565,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d43c906b140b59-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8938
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 00:40:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8938
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 00:40:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8938
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 00:40:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 375f2cf298e45122ca727fb63f0e5ea7
eb746e6842127741552c7dcc48e8a92193ca3075
8b5e5432f69dad1428c3a735f7a0d07823658e03befc7b6e15f6f5c3306fbaa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5196
x-amzn-requestid: 24221211-6673-4d7b-88de-2ef8c9a62f1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWRFPUIAMFf-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-286d3bb84ad3362d615479ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zqdZgSWyXzoBBGx5Ef3zI6evJsyFmKlShUQvB3TdBGm-wrfU3ACoWw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:52:26 GMT
age: 10063
etag: "eb746e6842127741552c7dcc48e8a92193ca3075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8938
Expires: Sun, 22 Jan 2023 03:09:07 GMT
Date: Sun, 22 Jan 2023 00:40:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pu5h9aerRhgCkbAszYjgiRrblEiomyl7ev5WRmdAjQSTQNgSqczG0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:15 GMT
age: 9714
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 965b482ff463008a1b5ff0d71d7e6d40
d76bd06810c236fd5fc1450b2bd0b851ebc11d46
0ed628d9cf3c181d5b95da521f0e725661e858e24bff1bb78b5f933c580b3e97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10470
x-amzn-requestid: 572b1438-68f8-4492-9e57-5d0177114b68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF8sIAMFq5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-207d1a1d29c50a80328d65c2;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: efprn6J94ZCjgH04pZww1a0Sw6HDyujPhWWHfe2AwZBHXvzLEiSKqA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:26:54 GMT
age: 76395
etag: "d76bd06810c236fd5fc1450b2bd0b851ebc11d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/serverComponent.php
69.169.81.200200 OK 0 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/serverComponent.php
IP 69.169.81.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/serverComponent.php HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 884f5d7c3a0ee782d4f3fe9f16099891
1c80645a9b9879d1e4b57c546ba35131ba3c28fd
a7b63d331e09518150e6d9eff0c1d80928185ed0734cf1992af7df0021b6886f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10497
x-amzn-requestid: 3bc349ba-7da8-48c8-aa90-2c48c93a023d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEG8mIAMFgMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-08e751fc7f0eacb43fc92712;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OklYfNWMWQdgf6QiC28Dq7wt5zr-FlQC-3NdIdsaA03HvhzwJlgGpQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:14:48 GMT
age: 69921
etag: "1c80645a9b9879d1e4b57c546ba35131ba3c28fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b429642344aabb638e3acbd63463fe8d
f9ea147291359b0fb6e7a78983643949665003d7
acda68bb2566774c9b279e048b62aaaa5a27b87e783048d6765e598ac2c584fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6c542779-10fa-4bbd-9294-3127a104de12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBEa3IAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-4d5a606011cb84fd14d7b175;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NLwQoDRTYi8Ol0cDp3gaJpQ7-0kq6ITtm9lzj1qFrKe2oGOK7YWMzg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:51:56 GMT
age: 10093
etag: "f9ea147291359b0fb6e7a78983643949665003d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F681517aa-e1dc-4abc-b4ec-3359a2d6ddc7.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F681517aa-e1dc-4abc-b4ec-3359a2d6ddc7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d0bf5f7e86a7c398fce23bde0cc11b0
26ef011d4cf5579cd87bf562062e7ac2a838932b
9b18be75adb179c5a6ff420c57fb58ec47174f16d7eb69e77da028df5511953f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F681517aa-e1dc-4abc-b4ec-3359a2d6ddc7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4034
x-amzn-requestid: 3708464e-96ba-40e3-a301-8c93ec29c56f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQGqnIAMFbCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-7692516357169f59539773af;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nFWknckg5jwup-R8WSz-uw0o3uaBZtd60i0JZJG4stvnrqT7xlnnTw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:52:41 GMT
age: 10048
etag: "26ef011d4cf5579cd87bf562062e7ac2a838932b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9a8fd0b3241bcf1ee875873e894dffa5
83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae
36ef11e6b7f16d416e2adb0b5075adf256ba43997742bd473cf2743d904eb3bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 13:42:56 GMT
Expires: Wed, 25 Jan 2023 13:42:55 GMT
Etag: "83b718b8f86a02f2bb2bf07c5ed20d5b267bf1ae"
Cache-Control: max-age=305565,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d43c92aca30b59-OSL
online.citi.com/US/ag/favicon.ico
104.110.15.25200 OK 8.1 kB URL HTTP/2 online.citi.com/US/ag/favicon.ico
IP 104.110.15.25:0
File type PNG image data, 367 x 367, 8-bit/color RGBA, non-interlaced\012- data
Hash 53268ec4d3897cbf158ad41920f9b0f8
7206ea2a39a90b2c1981e1e4524b9263215c3ef5
e18c2d890c8b33306c06482b774af16d8fb6a0e25a0f1a42d305775a7101087b
GET /US/ag/favicon.ico HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 20:57:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 8115
content-type: image/x-icon
date: Sun, 22 Jan 2023 00:40:10 GMT
set-cookie: AKMTLTSID=9D06AA4483A1579937EF4908349048DD; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Fwww.sistemasaf.com.br&site=50929468
178.249.101.98200 OK 15 kB URL HTTP/2 lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Fwww.sistemasaf.com.br&site=50929468
IP 178.249.101.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32229)
Hash 09568ba2679d845101265142718b0165
09b57c243599c86302691523850d9b0dea997975
b9f10d3fcf23b142cdef057cf0d778ed5c1c76e3bd37125b602b07e647dc1b2d
GET /le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Fwww.sistemasaf.com.br&site=50929468 HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:10 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:10 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/citi/na_prod/serverComponent.php?r=520560207.11999995&ClientID=1129&PageID=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D
54.230.111.14200 OK 534 B URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/serverComponent.php?r=520560207.11999995&ClientID=1129&PageID=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D
IP 54.230.111.14:0
File type ASCII text, with very long lines (1155)
Hash ca0f6ede86765f9f03e58f72faab387e
4e5dfe39c20fa7c01878c7e4a613f0b4a0103d79
408eb6e5730733ee5729c646ad4e9cd406eb460d4d6f3ae98300c0ce75c6e583
GET /citi/na_prod/serverComponent.php?r=520560207.11999995&ClientID=1129&PageID=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sun, 22 Jan 2023 00:40:10 GMT
Expires: Sun, 22 Jan 2023 00:40:09 GMT
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bYQ4QsO5UqFUEHXafGg969Meqm7PQKmPmDq-NzirLJ-c_n1fs2qmjA==
www.google.com/pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=15B19ADCB6F860FF2550887DB70D61FB; domain=.bing.com; expires=Fri, 16-Feb-2024 00:40:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1AE5D72DEC724D2F869FDB7A946107B4 Ref B: OSL30EDGE0220 Ref C: 2023-01-22T00:40:10Z
date: Sun, 22 Jan 2023 00:40:10 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=16003743&Ver=2&mid=964714d4-0ea8-f64d-aaad-7160ba92f17d&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&ec=Homepage&evt=custom&msclkid=N&rn=253997
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=16003743&Ver=2&mid=964714d4-0ea8-f64d-aaad-7160ba92f17d&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&ec=Homepage&evt=custom&msclkid=N&rn=253997
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=16003743&Ver=2&mid=964714d4-0ea8-f64d-aaad-7160ba92f17d&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&ec=Homepage&evt=custom&msclkid=N&rn=253997 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=334F92485A866B9D0A9680E95B736A9D; domain=.bing.com; expires=Fri, 16-Feb-2024 00:40:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE8C1651BCB04B469BCC881BF98412F8 Ref B: OSL30EDGE0220 Ref C: 2023-01-22T00:40:10Z
date: Sun, 22 Jan 2023 00:40:10 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d07cf9173ff2caeee6be98f18f6a59b6
709041764bd713e96caacfc22918fef45f5a95dc
a2c2a89731d7c808c4ca68d786ce000e78c9f79f9708894c3a9277001ef2643f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px0.pbbl.co/ns/__p2.gif?ppid=&chk=true&brid=&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&referrerUrl=&targetUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&sessionId=&markerType=seg&rand=kDw6Qh1td8DVv85n&iabOptOut=-&jsVer=3.2.1&frVer=&markerId=348192
216.58.211.19302 Found 0 B URL HTTP/1.1 px0.pbbl.co/ns/__p2.gif?ppid=&chk=true&brid=&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&referrerUrl=&targetUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&sessionId=&markerType=seg&rand=kDw6Qh1td8DVv85n&iabOptOut=-&jsVer=3.2.1&frVer=&markerId=348192
IP 216.58.211.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ns/__p2.gif?ppid=&chk=true&brid=&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&referrerUrl=&targetUrl=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&sessionId=&markerType=seg&rand=kDw6Qh1td8DVv85n&iabOptOut=-&jsVer=3.2.1&frVer=&markerId=348192 HTTP/1.1
Host: px0.pbbl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Set-Cookie: pp_uid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae; Domain=.pbbl.co; Max-Age=788400000; Path=/; expires=Thu, 16-Jan-2048 00:40:10 GMT; secure
Cache-Control: must-revalidate, no-cache, no-store
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Content-Type: image/gif
Location: http://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&iid=b6fd220d-2761-459e-8554-c994086df2dc&ona=1e8fa00446cae0d553dcd0f4d5bf5d1aa53b132c429a85aefd08f9a6e513c493
X-Cloud-Trace-Context: 8f2e3df098b27c13d8a6cb7dc28c99e2
Date: Sun, 22 Jan 2023 00:40:10 GMT
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 934afff89c9ec1b89e313f12a5cc0287
f0cc482c8bcfd8f05b17855050476815ae22decf
462c89a4abea94a01a540ddc7a70553da11a590f5fb8c91d6098340beb4a5c7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Last-Modified: Sat, 21 Jan 2023 23:27:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1590187373072&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=4065701413&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1590187373069&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1569375972&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1590187373082&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3647133637&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1590187373080&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=3896117890&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1590187373061&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1376716291&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d07cf9173ff2caeee6be98f18f6a59b6
709041764bd713e96caacfc22918fef45f5a95dc
a2c2a89731d7c808c4ca68d786ce000e78c9f79f9708894c3a9277001ef2643f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1590187373063&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1260774872&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/677332377/?random=1590187373053&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2879575644&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1590187373065&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1072300873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.eg/pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1590187373067&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=2094171293&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mpsnare.iesnare.com/script/logo.js
54.195.39.4200 OK 108 B URL HTTP/1.1 mpsnare.iesnare.com/script/logo.js
IP 54.195.39.4:0
File type ASCII text, with no line terminators
Hash f917a494a79d390ecbe10e0c66946246
1b15a8e2215620a02ae3d28a7f2d21b279cb6119
9d8011946a5f504c2b4fb24dc937eb4f58d3e634a65e4bdbaaa11d36bcd38970
GET /script/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 00:40:10 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Mon, 22 Jan 2024 00:40:10 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.eg/pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.eg/pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/677332377/?random=1590187373050&cv=9&fst=1590184800000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=639&u_aw=1280&u_cd=24&u_his=5&u_tz=480&u_java=false&u_nplug=3&u_nmime=4>m=2oa5e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&ref=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO&tiba=Citibank%20Online&async=1&fmt=3&is_vtc=1&random=1885561121&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d07cf9173ff2caeee6be98f18f6a59b6
709041764bd713e96caacfc22918fef45f5a95dc
a2c2a89731d7c808c4ca68d786ce000e78c9f79f9708894c3a9277001ef2643f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a1c8fc3d4369e871002df2ea4178817c
79d61a7113dd7f40e3d46f14971da9d0f59a9411
bdb5cd5dee01f97b2f56ddd7c783ff0cfc0a3ed81d3d0936203972218534bec8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 15:43:26 GMT
Expires: Sat, 28 Jan 2023 15:43:25 GMT
Etag: "79d61a7113dd7f40e3d46f14971da9d0f59a9411"
Cache-Control: max-age=571994,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d43c9ab9e20b59-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ce645392d99ee3f7627832503ab64921
a937103fa36af41395cf49fbda3a6d75554b4af1
7972c973b82ae9cac217061f7334133a31a350c171a81b714f36d8ae09770f60
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 00:40:10 GMT
Etag: "63cbebef-1d7"
Last-Modified: Sat, 21 Jan 2023 22:51:28 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kfy_m3tpAQiTJY8jMH_ToBbejuZv7K4McQF23NmWEeVKxEHu1JfU5Q==
Age: 6522
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af095b71c94f425a56a984a1d1f0576f
19d5ce9b01f8dab6deef0d10b2758e178090a794
91ce9781e547ec25886c4e85935e7e83198fa8976190606451c5a74309002bac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4873
Cache-Control: max-age=120606
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:10 GMT
Etag: "63cba700-1d7"
Expires: Mon, 23 Jan 2023 10:10:16 GMT
Last-Modified: Sat, 21 Jan 2023 08:49:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
lptag.liveperson.net/tag/tag.js?site=50929468
178.249.97.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=50929468
IP 178.249.97.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=50929468 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:10 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ci-mpsnare.iovation.com/snare.js?_=2987274532918111
54.148.2.66200 OK 13 kB URL HTTP/1.1 ci-mpsnare.iovation.com/snare.js?_=2987274532918111
IP 54.148.2.66:0
File type ASCII text, with very long lines (38550), with no line terminators
Hash c8fffe5731465c1ec2a3c7782f20a3d1
ffc840aaa446b458bd2e3ea3e63325b5962f2f4f
af80f1aad82c1a87e6050abfdd1e5d1c617af9b62218e774cf9352b4ba7b34e2
GET /snare.js?_=2987274532918111 HTTP/1.1
Host: ci-mpsnare.iovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 00:40:10 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=emsGk8uZ1wK+3lUGF87WlPLhBgQBuHQBOSUyfkZXFEk=;Path=/;Expires=Mon, 22-Jan-2024 00:40:10 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
static-assets.fs.liveperson.com/citi/taglets/taglet_v2.js
54.230.111.65200 OK 2.0 kB URL HTTP/1.1 static-assets.fs.liveperson.com/citi/taglets/taglet_v2.js
IP 54.230.111.65:0
Hash 306cc5123a83dc0e7b7507d89de1322d
9c05903e2e25b8f71dc1b04a9414451d6f40f0c5
228c60861b35d9d0cce5a60b065e3e6d51ef403ace5273bdab1a973e99cf41bc
GET /citi/taglets/taglet_v2.js HTTP/1.1
Host: static-assets.fs.liveperson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 15:18:03 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 00:40:12 GMT
ETag: W/"2ad1c31e4cdfcf938211059b532b1249"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5CV1EC9ThFUN-X2lujtwLP-ZBU0j3G7g0QdvA8qWZxmdSHMRFn5wvw==
nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963
54.230.111.14200 OK 1.2 kB URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963
IP 54.230.111.14:0
File type ASCII text, with very long lines (619)
Hash a05915f969bf171c0654f5d393072216
75cefb35166449bf83bb2d37aef23573e0a84b08
545459f7e277145aae24c10c6871e7de74c5b7d890fd6b8fee26b9d578ab1976
GET /citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 13 Dec 2022 07:24:16 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 18 Oct 2022 17:52:59 GMT
ETag: W/"7df0440e45009010a99db868682aafb3"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: fn0OQIG24n9jjHSfN2OozphT08M6eW_x
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mmE3RC2ds0n_T6Vsyj32tXLfRJYndmiS3mojQsIQs2bvA4LqVDkXkg==
Age: 3431756
nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
54.230.111.14200 OK 2.2 kB URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
IP 54.230.111.14:0
File type ASCII text, with very long lines (542)
Hash 9d386182dee76bbeb1ac0e9a82925cf3
bfcc4073c4cf16fdda856cedce3cd2f426ef9111
f101e196596d8661d1818dc1ee55ec446a91fa7e76ad9bca2dd34a6caf33a4ec
GET /citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 10 Dec 2022 06:06:17 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 16 Aug 2022 21:43:05 GMT
ETag: W/"412eb38d6a797c24fd5d7e30e1b9799d"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: QTYOdEvDbSbtudwcv3X6K9qpVGIDVLJs
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4Xz2l8w3lvqiKV64fiElf2Qqy5ABkoyn7pH0sp0yyTPuP5GsBXLPbA==
Age: 3695636
nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
54.230.111.14200 OK 655 B URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
IP 54.230.111.14:0
File type ASCII text, with very long lines (524)
Hash b7502c8f355586be76d0ab4936375bfe
e4014d3e5120ec3bb5be0f649652479d2d16129d
0824bcd7ee969ebbb74439cf598b21f89eebd4724b12ccbbe2d1f34f89227034
GET /citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 10 Jan 2023 01:21:59 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 31 Aug 2021 17:19:04 GMT
ETag: W/"4d37444c012a76a0557182615bf5cdd3"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: wbqnWd5jL63548esNkWLxT1ImQDA0TC0
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1AviFLJas-wI9gcJVWPnfjxAjHqjzuldVREriZTV6LfPZJzWvdDumg==
Age: 1034294
nexus.ensighten.com/citi/na_prod/code/aab68f6f1ca805d3566a4423008ffcfb.js?conditionId0=486757
54.230.111.14200 OK 12 kB URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/code/aab68f6f1ca805d3566a4423008ffcfb.js?conditionId0=486757
IP 54.230.111.14:0
File type ASCII text, with very long lines (624)
Hash 8fd8cd15ec99cc90cbc1d347129cce2b
d1f97bb79842c9c4703107e39d92807d140914f0
26850efbc8499f56c68cdd7719770d37420a83dd153d894d72a655c11a35e50d
GET /citi/na_prod/code/aab68f6f1ca805d3566a4423008ffcfb.js?conditionId0=486757 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 05 Jan 2023 09:18:40 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 15 Dec 2022 04:55:25 GMT
ETag: W/"25ea5168dc9c0af735e300c64bd43109"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: EIh21KJPo8VvEXB7f225WLoOWnMBZ9rS
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oJHJtYUfvalfcApyO3h1UcYCxA5KPO6muxwxGmLIb_Rt2vw9JnKF8Q==
Age: 1437693
nexus.ensighten.com/citi/na_prod/code/486b725783cc60ba30d261997439d303.js?conditionId0=421908
54.230.111.14200 OK 35 kB URL HTTP/1.1 nexus.ensighten.com/citi/na_prod/code/486b725783cc60ba30d261997439d303.js?conditionId0=421908
IP 54.230.111.14:0
File type ASCII text, with very long lines (557)
Hash 4978966ec2046fe0de1a4bacda858172
0361aeefa6f0669061fc26eceb4166ac9b0b90c2
be320fffaa038d1dc61e654b5c6f23de2c8a17263a71521ec8a393c8367a8e63
GET /citi/na_prod/code/486b725783cc60ba30d261997439d303.js?conditionId0=421908 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 15 Dec 2022 04:57:35 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 15 Dec 2022 04:55:25 GMT
ETag: W/"c7f26f02b4f70afa038feaae210ccb24"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: TNtMx9ExS4di_PTEmJg72Wc2hYcbcoz_
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -13jGW_wZMimxgqG9LdTgCroiwfhgKRbjxmvZiY8LMTB-DDiN-9XrQ==
Age: 3267758
aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&iid=b6fd220d-2761-459e-8554-c994086df2dc&ona=1e8fa00446cae0d553dcd0f4d5bf5d1aa53b132c429a85aefd08f9a6e513c493
52.213.137.74302 Found 0 B URL HTTP/1.1 aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&iid=b6fd220d-2761-459e-8554-c994086df2dc&ona=1e8fa00446cae0d553dcd0f4d5bf5d1aa53b132c429a85aefd08f9a6e513c493
IP 52.213.137.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adscores/g.pixel?sid=9212282598&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&iid=b6fd220d-2761-459e-8554-c994086df2dc&ona=1e8fa00446cae0d553dcd0f4d5bf5d1aa53b132c429a85aefd08f9a6e513c493 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sistemasaf.com.br/
Connection: keep-alive
HTTP/1.1 302 Found
Date: Sun, 22 Jan 2023 00:40:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: AAWebServer
P3P: policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
Set-Cookie: ab=0001%3AyxRuuyGSKt%2FCxiz2G7KlTsEkww%2F6tbS7; Path=/; Domain=.agkn.com; Expires=Mon, 22-Jan-2024 00:40:12 GMT; Max-Age=31536000; Secure; SameSite=None
Location: http://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&_zip=&hk=&iid=b6fd220d-2761-459e-8554-c994086df2dc&mt=&bd=&cb=1674348012417
ci-mpsnare.iovation.com/script/logo.js
54.148.2.66200 OK 108 B URL HTTP/1.1 ci-mpsnare.iovation.com/script/logo.js
IP 54.148.2.66:0
File type ASCII text, with no line terminators
Hash 216defc0c9d57d3af8b2b7977481efc7
8d1aeb44f7369bb72acf17239512d5956d284624
775f71ed17938ab71d3f9774d990a4a4ce2cefd054e8eee27f6319f1f3d13031
GET /script/logo.js HTTP/1.1
Host: ci-mpsnare.iovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 00:40:12 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Mon, 22 Jan 2024 00:40:12 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&_zip=&hk=&iid=b6fd220d-2761-459e-8554-c994086df2dc&mt=&bd=&cb=1674348012417
216.58.211.19200 OK 42 B URL HTTP/1.1 px0.pbbl.co/adadvisor.gif?segment=000&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&_zip=&hk=&iid=b6fd220d-2761-459e-8554-c994086df2dc&mt=&bd=&cb=1674348012417
IP 216.58.211.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /adadvisor.gif?segment=000&_ppid=b2195470-e514-4c80-a0a9-ffe1a5a8d1ae&_segid=99&_zip=&hk=&iid=b6fd220d-2761-459e-8554-c994086df2dc&mt=&bd=&cb=1674348012417 HTTP/1.1
Host: px0.pbbl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sistemasaf.com.br/
Connection: keep-alive
HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Cache-Control: must-revalidate, no-cache, no-store
Pragma: no-cache
Expires: 0
Content-Type: image/gif
X-Cloud-Trace-Context: 69e6c8377e983328fac583447c9a562f
Date: Sun, 22 Jan 2023 00:40:12 GMT
Server: Google Frontend
Content-Length: 42
lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.97.99200 OK 17 kB URL HTTP/2 lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.97.99:0
File type ASCII text, with very long lines (38682)
Hash 7a68079f021ef0877f90aad682608b1a
b27564b093995e68dedc2a48c18b2f8c10ec04aa
714bb58597f4f2bd532c0cba0aa5cddca2e2e28b080f7479360c7dc056b576c6
GET /api/account/50929468/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: lp-01.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:29|g:916f71d3-dd70-4f28-9d33-1aa31b409198; Max-Age=30; Expires=Sun, 22-Jan-2023 00:40:42 GMT; Path=/
ADRUM_BTa=R:29|g:916f71d3-dd70-4f28-9d33-1aa31b409198|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sun, 22-Jan-2023 00:40:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sun, 22-Jan-2023 00:40:42 GMT; Path=/; Secure
ADRUM_BT1=R:29|i:2241648; Max-Age=30; Expires=Sun, 22-Jan-2023 00:40:42 GMT; Path=/
ADRUM_BT1=R:29|i:2241648|e:6; Max-Age=30; Expires=Sun, 22-Jan-2023 00:40:42 GMT; Path=/
vary: Accept
expires: Sun, 22 Jan 2023 00:41:12 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.fs.liveperson.com/citi/taglets/taglet_v2.6.5.js
54.230.111.65200 OK 11 kB URL HTTP/1.1 static-assets.fs.liveperson.com/citi/taglets/taglet_v2.6.5.js
IP 54.230.111.65:0
File type ASCII text, with very long lines (2224)
Hash d70b54fcea75f1044dcae99c4e7540f1
d05dca41e8083d86163185c1cc567d41944eeef9
91373e0ea1485d7f96832c6a010e657573ca13be91205ccf87a6b35e3ac2c021
GET /citi/taglets/taglet_v2.6.5.js HTTP/1.1
Host: static-assets.fs.liveperson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 15:18:03 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 00:40:09 GMT
ETag: W/"f3ff193ada466cfbd7aa06bf2f3bf544"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ln2VCFCWHgHPBaswAWiz5feBUI8ykYbzIK9etBJGqe-e3gn_BiDPCA==
Age: 128
bat.bing.com/action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5695784&Ver=2&mid=62d21415-d2e4-e683-f20e-999e64732ed3&sid=6a63fcfe-b2fa-2bb8-5709-717c37d3ecdb&pi=1200101525&lg=en-US&sw=1280&sh=720&sc=24&tl=Citibank%20Online&p=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&r=https%3A%2F%2Fonline.citi.com%2FJSO%2Freg%2FSetup.do%3FJFP_TOKEN%3DF7QPNDTO<=1412&evt=pageLoad&msclkid=N&sv=1&rn=515194 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1E294EE81F5F6CC920995C491EAA6D01; domain=.bing.com; expires=Fri, 16-Feb-2024 00:40:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E1BBBCCF25D4B32B79BFEEC7CC2B6CB Ref B: OSL30EDGE0220 Ref C: 2023-01-22T00:40:13Z
date: Sun, 22 Jan 2023 00:40:13 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (58749)
Hash fd91519379203e4f5d95a93f2997019b
806d29dabc59c13f96d58a1b6b0412c227bbfedf
48fdb6e3181b07a35045c83b2ab1cd884bbadf0d6e7edade1259d56b7c79bacf
GET /ajax/libs/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:13 GMT
content-type: text/css; charset=utf-8
content-length: 10391
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e637"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17391840
expires: Fri, 12 Jan 2024 00:40:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvZVyvdyTxTtRqpPdqrNvV5xlKDZw88Nts8vYQ4aLbWPzmjqkh6Swa8XhaiDcxVS6jTddk8Aves1j68ZyEymWWFuLs6ilLN5H2Ozy0emMdRHBuXCJ5VwEuJ8aRtW7ZETYZnLXt2q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d43cad8d15b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 2.7 kB URL HTTP/2 lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
Hash e347ce8f6881a616f2e5443e667f6230
604292ee73ca762d2a0261315c8ef50c1e41b777
081d78c27fb8946d39192662d22a47459324488a199d9c41c498495125447594
GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 52879be83de02d8e800d2fad6afa85e9
fffa47702ad2da9777ca932b51a2dc5097e8d4c6
dff0f9108838892567f3fe78afb6bc12cab0aba3f93556d7a3566ee51ad84d4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153167
Date: Sun, 22 Jan 2023 00:40:13 GMT
Etag: "63cc393c-1d7"
Expires: Mon, 23 Jan 2023 19:13:00 GMT
Last-Modified: Sat, 21 Jan 2023 19:13:00 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZFSTUqLCngE4osmwrqhrKPbwFefZXXwlBcOoe5Qu8kxpZrXQ2McQdw==
static-assets.dev.fs.liveperson.com/citi/projects/start_a_convo/style.css
54.230.111.6200 OK 971 B URL HTTP/1.1 static-assets.dev.fs.liveperson.com/citi/projects/start_a_convo/style.css
IP 54.230.111.6:0
File type ASCII text, with CRLF line terminators
Hash ad601b31416015b2cfae5d30285dfa9f
bad312af8abfb01f38fba55081d1b49970a4c215
46bead4cb3690dc693cc324bba25a61768ebc26222ce1bbe27bef6d9a6bc3adc
GET /citi/projects/start_a_convo/style.css HTTP/1.1
Host: static-assets.dev.fs.liveperson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 14:21:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 0lVaYp1CFzoNPoMxjqjpmcOZiix8fgdF
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 00:40:10 GMT
ETag: W/"15327b47e9535d411a12f73e2a096b77"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xzKW8NPlctVAwSTWaTmZbtx9aS9gFBE6BMBjyW6bPuymL40CyvE3wg==
Age: 86
www.googletagmanager.com/a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.dom&eid=1&tc=1&z=0
142.250.74.168200 OK 0 B URL HTTP/1.1 www.googletagmanager.com/a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.dom&eid=1&tc=1&z=0
IP 142.250.74.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.dom&eid=1&tc=1&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html
Server: Google Tag Manager
Content-Length: 0
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-916451471
142.250.74.168302 Found 253 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-916451471
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e789be587e31a97443893e23f9ba9666
4ed47d40af4fa861cb2bbcf556aa608d5a8f2a85
541f9cb1e731f1d53dd0232ad1574a3ee000a83f52cea3c134edb2a9ae5a9fe7
GET /gtag/js?id=AW-916451471 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-916451471
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
lp-03.chat.online.citi.com/api/js/50929468?sid=mfV6GKPFRZWiH2TemSPwww&cb=lpCb92719x24171&t=uc&ts=1674348012398&pid=9313196819&tid=1445321662&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%7B%22product%22%3A%7B%22name%22%3A%22Citibank%20Online%22%2C%22category%22%3A%22http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D%22%2C%22sku%22%3Anull%7D%7D%7D%5D&vid=RhYzYwMmYxNjY2M2FkMGQ3
208.89.12.87200 OK 186 B URL HTTP/2 lp-03.chat.online.citi.com/api/js/50929468?sid=mfV6GKPFRZWiH2TemSPwww&cb=lpCb92719x24171&t=uc&ts=1674348012398&pid=9313196819&tid=1445321662&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%7B%22product%22%3A%7B%22name%22%3A%22Citibank%20Online%22%2C%22category%22%3A%22http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D%22%2C%22sku%22%3Anull%7D%7D%7D%5D&vid=RhYzYwMmYxNjY2M2FkMGQ3
IP 208.89.12.87:0
File type ASCII text, with no line terminators
Hash f6dff7555f060d4e472ccc85205608e1
7ac0224965f40419d1cc936101e2b8f2c7fb07f6
1e16ae7fa21c5ece84ee665931e278e5f3add2287654f537498d6ad0c21cde15
GET /api/js/50929468?sid=mfV6GKPFRZWiH2TemSPwww&cb=lpCb92719x24171&t=uc&ts=1674348012398&pid=9313196819&tid=1445321662&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%7B%22product%22%3A%7B%22name%22%3A%22Citibank%20Online%22%2C%22category%22%3A%22http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D%22%2C%22sku%22%3Anull%7D%7D%7D%5D&vid=RhYzYwMmYxNjY2M2FkMGQ3 HTTP/1.1
Host: lp-03.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:13 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash fc322cd537acbe09a494306a9191124a
757cca3916c8efd2ded11be90b3e8a790b5b73dc
2406d172868e70c8fa25558401afc349b30abae39e0090ed0d11d7367692d170
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 21 Jan 2023 06:03:07 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q7OUWlEZ0x2ibLd-yj3Z8sBSAu2oigIpr925uPmZa9fldHCF81xE0Q==
Age: 67028
www.googletagmanager.com/a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.js&eid=3&tc=1&tr=1rep&ti=1rep&z=0
142.250.74.168200 OK 0 B URL HTTP/1.1 www.googletagmanager.com/a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.js&eid=3&tc=1&tr=1rep&ti=1rep&z=0
IP 142.250.74.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-819500023&cv=1&v=3&t=t&pid=2128820166&rv=5e1&es=1&e=gtm.js&eid=3&tc=1&tr=1rep&ti=1rep&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html
Server: Google Tag Manager
Content-Length: 0
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1e09e20b1d7cb087bb868193b5df4b4c
8fe280e5e31560f6b78137cf983ceadc2e1c5e00
afb9cbf8d61849d2e3d835010de5c870698363d3f1cee6aed5f02fc0852aa7ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 558
Cache-Control: max-age=126017
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Etag: "63cbcd01-1d7"
Expires: Mon, 23 Jan 2023 11:40:31 GMT
Last-Modified: Sat, 21 Jan 2023 11:31:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c952ed18168f2705bfc385a0851bdc4c
0adc7c7a73b2d839da2d82c556c999203ebc8d19
fea591d40da1513bc0794e010f59f96c94611df1c4333be33058b2cafdd3b40c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2276
Cache-Control: max-age=105061
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Etag: "63cb746f-1d7"
Expires: Mon, 23 Jan 2023 05:51:15 GMT
Last-Modified: Sat, 21 Jan 2023 05:13:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c952ed18168f2705bfc385a0851bdc4c
0adc7c7a73b2d839da2d82c556c999203ebc8d19
fea591d40da1513bc0794e010f59f96c94611df1c4333be33058b2cafdd3b40c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1603
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Etag: "63cb746f-1d7"
Last-Modified: Sun, 22 Jan 2023 00:13:31 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=AW-916451471
142.250.74.168200 OK 64 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-916451471
IP 142.250.74.168:0
File type ASCII text, with very long lines (2917)
Hash 49e755ba6ef7de1217e5cb0b47aa070c
013377512b2876fff8a738ec562277bae0b7cd40
7742d359f038ce87c6bf839e375739c9d8b181e982cddfbfd392e597eace00de
GET /gtag/js?id=AW-916451471 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sistemasaf.com.br/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 00:40:14 GMT
expires: Sun, 22 Jan 2023 00:40:14 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c952ed18168f2705bfc385a0851bdc4c
0adc7c7a73b2d839da2d82c556c999203ebc8d19
fea591d40da1513bc0794e010f59f96c94611df1c4333be33058b2cafdd3b40c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2276
Cache-Control: max-age=105061
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Etag: "63cb746f-1d7"
Expires: Mon, 23 Jan 2023 05:51:15 GMT
Last-Modified: Sat, 21 Jan 2023 05:13:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&w=c35e2596cc58b56e&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&w=c35e2596cc58b56e&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&w=c35e2596cc58b56e&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc
104.17.208.240200 OK 3.6 kB URL HTTP/2 zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc
IP 104.17.208.240:0
File type ASCII text, with very long lines (6801)
Hash c63a5a5642799280aa2b3547755a8e36
929c368604a7e96433c17686352f8cd0591f0823
ca2be043a078993ae369f31331820e04961101b6b82ed3b99c867c926d1fcd34
GET /SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc HTTP/1.1
Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 78d43cb10b5cb523-OSL
access-control-allow-origin: *
age: 77602
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-aoOvy5SYikJ8p0DGyA39bMfBM7w"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDEzMjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDEzMjU5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDQzMCwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMTMyNjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
35.241.45.82200 OK 0 B URL HTTP/1.1 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDEzMjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDEzMjU5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDQzMCwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMTMyNjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc0MzQ4MDEzMjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODVkNmViMTI3OTNlNi0wZmMzNjc4ZjAzNDA4Ni1jNTA1NDI1LTE0MDAwMC0xODVkNmViMTI3YTVlNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwOi8vd3d3LnNpc3RlbWFzYWYuY29tLmJyLy56YXV0aC9jaXQtdmVyaWZpY2F0aW9uLWNlbnRlci9ydW4vdW5sb2NrZXJyb3IucGhwPzc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mjc3Nzc3NzJlNzM2OTczNzQ2NTZkNjE3MzYxNjYyZTYzNmY2ZDJlNjI3Mj0iLCJ3ZWJzaXRlSWQiOiA1MCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQ2OGQtY2ZjOC1kNjUwLTY1OWQtODg1Yy0zYWRjLTE1YTEtNzU5ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc0MzQ4MDEzMjU5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDQzMCwia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzQzNDgwMTMyNjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-green-29bq
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google
content22.online.citi.com/fp/check.js;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=373a262668736f753f4c6b6e7778266a736d3f4e6b6c7d7a266a7b62773f446b7065646778246a73623f466b7a67646f78253232333035
91.235.133.67200 OK 86 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=373a262668736f753f4c6b6e7778266a736d3f4e6b6c7d7a266a7b62773f446b7065646778246a73623f466b7a67646f78253232333035
IP 91.235.133.67:0
File type ASCII text, with very long lines (15506)
Hash 3bcf9565e13fa00088d07026d55bf756
5915b7008c5ca950a87a9d7698fee131c57ab656
266423eb66408b7eadbebf449e3cdd754fdab200828a1a0aae074bb3e99ff6d5
GET /fp/check.js;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=373a262668736f753f4c6b6e7778266a736d3f4e6b6c7d7a266a7b62773f446b7065646778246a73623f466b7a67646f78253232333035 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: efe9e4ba75887b71
Set-Cookie: thx_guid=14eeabab32b6c5e86da4898df3576bba; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ba8206089b7af80ec9bb4fe0c07977b4
4b0c036a5124f06026772a92168d3799e37c8ed3
64a3447f03ef43acc94b9bb1cdc44bffee396a1b3ab6c839a6bcc4d498f86f62
GET /gtag/js?id=AW-960621875&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
insight.adsrvr.org/track/up?adv=1jw5cvl&ref=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
15.197.193.217200 OK 20 kB URL HTTP/2 insight.adsrvr.org/track/up?adv=1jw5cvl&ref=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
IP 15.197.193.217:0
Hash 5e03a0ccb17e59fb2d1dd2263ed6bcbd
208ab6f139a121404c76e6b026ffb26afdf9ea20
21e82a4792cdceca8a6fc13f9d651475f686d8575b846632fdb7cf2fa00babad
GET /track/up?adv=1jw5cvl&ref=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10} HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:14 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d7c2cd80c8899405c8ead9dcd82aa484
8d0248ffaaf1594d89e077cb3904f0ad42ec474e
2713f4450768c9e167bb579902498016cfcedef0583300aff6754a4c50863fce
GET /gtag/js?id=AW-975701947&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6d8c6cf61840045919f4789eac2d3d9c
ef5e66f528ab1701f99e467593020d263d6220f0
ac4fc3a6c6038531534ab22894bcc3a43eaea3a8f0f4fa2de9e6dafadd16eb6e
GET /gtag/js?id=AW-830907969&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3cdb7a0d8774281c45d6a09b22e28af2
eee92813bf3130c7e6ca8be5911197c1ee486daa
cf75d10606678529391c0c7bd8cd9b13abb532df9640785934a7555f872caed4
GET /gtag/js?id=AW-695231162&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
142.250.74.168302 Found 280 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a262f0126f939827df765f078136498b
5843ee0c458442b5031e9e4aa26ff2d6205b3dc4
7143489cfbb6ba5e39ffbda796042f3b25d54d3d8aa9c9a40d7be4d646375ecd
GET /gtag/js?id=AW-10955006959&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 280
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 16d7ad56818dde4bc80864654bfbd12e
c95b93882c98641b7f1b648c122194a9fb2534c7
5981f369e21dcc6f0bbfcc0f8c51a2536ee1ba2cb5332f353c41518a3a3dad64
GET /gtag/js?id=AW-959299794&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fonline.citi.com&site=50929468&env=prod
178.249.101.98200 OK 16 kB URL HTTP/2 lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fonline.citi.com&site=50929468&env=prod
IP 178.249.101.98:0
Hash f18488ecaf3698662caa28611d5f5604
57644996e66bc6ead3a58dec9b2ce671af61c423
6f27ca7fdf38c2ae41eb27c939124aac48b2764c03a5cede5158f420328c07e5
GET /le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fonline.citi.com&site=50929468&env=prod HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:09 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:09 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3cdb7a0d8774281c45d6a09b22e28af2
eee92813bf3130c7e6ca8be5911197c1ee486daa
cf75d10606678529391c0c7bd8cd9b13abb532df9640785934a7555f872caed4
GET /gtag/js?id=AW-695231162&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash da059e66474ac8e0fcb7e70b7ed4be44
7ef754dde242d41e1ceae88f3cf3ef36fc94fd6b
904c2ee1c18ede7911199f83d02b25ef37c9974e3872662abc7c50e666f1c9eb
GET /gtag/js?id=AW-644574043&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6d8c6cf61840045919f4789eac2d3d9c
ef5e66f528ab1701f99e467593020d263d6220f0
ac4fc3a6c6038531534ab22894bcc3a43eaea3a8f0f4fa2de9e6dafadd16eb6e
GET /gtag/js?id=AW-830907969&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
142.250.74.168302 Found 280 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a262f0126f939827df765f078136498b
5843ee0c458442b5031e9e4aa26ff2d6205b3dc4
7143489cfbb6ba5e39ffbda796042f3b25d54d3d8aa9c9a40d7be4d646375ecd
GET /gtag/js?id=AW-10955006959&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 22 Jan 2023 00:40:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 280
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c952ed18168f2705bfc385a0851bdc4c
0adc7c7a73b2d839da2d82c556c999203ebc8d19
fea591d40da1513bc0794e010f59f96c94611df1c4333be33058b2cafdd3b40c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:14 GMT
Etag: "63cb746f-1d7"
Server: ECS (amb/6B98)
Content-Length: 471
content22.online.citi.com/fp/fp.swf;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/fp.swf;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/fp.swf;CIS3SID=D04AA39D7CD1F33A8429EB744729EE47?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ck=0 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=313e266c71613d646061346132653961393a643631313e3b303338623263356633386431373061
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=313e266c71613d646061346132653961393a643631313e3b303338623263356633386431373061
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jb=313e266c71613d646061346132653961393a643631313e3b303338623263356633386431373061 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/ls_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 7513e9eaf4da066edffc2cdb7bc69dbf
c9a2759c6c6b6bceffce016f8dc48eacc4669e10
ad9c9997434ec4a07ff1e1a07740c9e3b7a80dbf16550e33bba8f21759d7680c
GET /fp/ls_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jd=373d262668666e3d352668666a3d386431603635633a6d3430366d35336064356737306961336637623a38316d67246a66746e3f323a39333a35
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jd=373d262668666e3d352668666a3d386431603635633a6d3430366d35336064356737306961336637623a38316d67246a66746e3f323a39333a35
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jd=373d262668666e3d352668666a3d386431603635633a6d3430366d35336064356737306961336637623a38316d67246a66746e3f323a39333a35 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, 89oebq5k/efe9e4ba75887b71c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.sistemasaf.com.br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 22 Jan 2023 00:40:14 GMT
Expires: Fri, 21 Jan 2028 00:40:14 GMT
Etag: afe40e5b29294509b687fb20b8729818
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: http://www.sistemasaf.com.br
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/top_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash e93cd1deee777ffc630b0f9b7714040d
df17062a9aaf51f2a3bfe6aa866b682bb6e73b4b
5c02f5d959619970be81be4da42a8e053dd2f6bcd1696ee4e58e0b80878c90dc
GET /fp/top_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ja=3a3a332624633d30247a3f3024663d31323a327a33323a3626616e3d33303a327a31323832247378793f307a38246670723d312e333238302c333032342c313a3a382c313230322c33323a302e3933392c33303a322e3932323424302e32247161643f3a34246c683d6a7476782731412532462730467777772c736973746565637b61662c636f6d2c62702530462e7a6177766a27304e616974257667706b646b63637c696d6e2d63676e766d7027324672756c273246756e6e6f636b65727a6d7a2e706a7025334437353735373732653531343b353b3534363d36663433353136333e36306536333466346c3067363237323535373737373065373336393f313f34363736643633373136333636326534313464346c3065363a37303535353537353a65353336393533353c3437366436313531363136363065363336663e663a653630373237353735373532653733343b3531353c3435366c36333531343336343a65343336663464306d343037322533462464723d266a683d3131646d3b3839643b66303663623137603531646466606336356e31613769392468716d3f4c6b66757a266a73603d44617067666f782530323130352668736f753d4c616c7d7826687362753f466b7267666f78266c6a613f333e246e6d7c703f32247678643f5d5441266d6176687035303a393662383a61303765626334646661386a633061363b3139643463616130303163353467333a30693261396c39366363363630663b343636623564343b3824723d706c75656b6e5f666c6373682535456e6364736523706c7565696c5f75696e646f75715d6f676c6b615f786c637b67702735476e616e736521726c776f6b6c5f61646f60675f6163726d62617425354d64696c736721706c77676b6e5d7175696369766b6f672d374566696c716723726e7565616e5d73686f616b7569746725354566636e736521706e7567696e5f7a67696c706e6179657025374564616c736523726e7765616c5f7664635d726e637b65702d354766616c716523786e7767696e5f666776616c7670253545666164716d21706e7567696c5f7176655f76696575677027374d64616c7b6523726e7765696c576a63766125374564696e7165266363663f333034353730&jb=333933266e713d4d6d7a6b6c6e61253246372c322730382a576966646d75712730304c5c25303031302c30273b4027323057696c34342533422732307836342d314a25323272762531413330372e3029253032456761636d25324e32323332323330332d323246697267666d702730463130352c32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ja=3a3a332624633d30247a3f3024663d31323a327a33323a3626616e3d33303a327a31323832247378793f307a38246670723d312e333238302c333032342c313a3a382c313230322c33323a302e3933392c33303a322e3932323424302e32247161643f3a34246c683d6a7476782731412532462730467777772c736973746565637b61662c636f6d2c62702530462e7a6177766a27304e616974257667706b646b63637c696d6e2d63676e766d7027324672756c273246756e6e6f636b65727a6d7a2e706a7025334437353735373732653531343b353b3534363d36663433353136333e36306536333466346c3067363237323535373737373065373336393f313f34363736643633373136333636326534313464346c3065363a37303535353537353a65353336393533353c3437366436313531363136363065363336663e663a653630373237353735373532653733343b3531353c3435366c36333531343336343a65343336663464306d343037322533462464723d266a683d3131646d3b3839643b66303663623137603531646466606336356e31613769392468716d3f4c6b66757a266a73603d44617067666f782530323130352668736f753d4c616c7d7826687362753f466b7267666f78266c6a613f333e246e6d7c703f32247678643f5d5441266d6176687035303a393662383a61303765626334646661386a633061363b3139643463616130303163353467333a30693261396c39366363363630663b343636623564343b3824723d706c75656b6e5f666c6373682535456e6364736523706c7565696c5f75696e646f75715d6f676c6b615f786c637b67702735476e616e736521726c776f6b6c5f61646f60675f6163726d62617425354d64696c736721706c77676b6e5d7175696369766b6f672d374566696c716723726e7565616e5d73686f616b7569746725354566636e736521706e7567696e5f7a67696c706e6179657025374564616c736523726e7765616c5f7664635d726e637b65702d354766616c716523786e7767696e5f666776616c7670253545666164716d21706e7567696c5f7176655f76696575677027374d64616c7b6523726e7765696c576a63766125374564696e7165266363663f333034353730&jb=333933266e713d4d6d7a6b6c6e61253246372c322730382a576966646d75712730304c5c25303031302c30273b4027323057696c34342533422732307836342d314a25323272762531413330372e3029253032456761636d25324e32323332323330332d323246697267666d702730463130352c32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&ja=3a3a332624633d30247a3f3024663d31323a327a33323a3626616e3d33303a327a31323832247378793f307a38246670723d312e333238302c333032342c313a3a382c313230322c33323a302e3933392c33303a322e3932323424302e32247161643f3a34246c683d6a7476782731412532462730467777772c736973746565637b61662c636f6d2c62702530462e7a6177766a27304e616974257667706b646b63637c696d6e2d63676e766d7027324672756c273246756e6e6f636b65727a6d7a2e706a7025334437353735373732653531343b353b3534363d36663433353136333e36306536333466346c3067363237323535373737373065373336393f313f34363736643633373136333636326534313464346c3065363a37303535353537353a65353336393533353c3437366436313531363136363065363336663e663a653630373237353735373532653733343b3531353c3435366c36333531343336343a65343336663464306d343037322533462464723d266a683d3131646d3b3839643b66303663623137603531646466606336356e31613769392468716d3f4c6b66757a266a73603d44617067666f782530323130352668736f753d4c616c7d7826687362753f466b7267666f78266c6a613f333e246e6d7c703f32247678643f5d5441266d6176687035303a393662383a61303765626334646661386a633061363b3139643463616130303163353467333a30693261396c39366363363630663b343636623564343b3824723d706c75656b6e5f666c6373682535456e6364736523706c7565696c5f75696e646f75715d6f676c6b615f786c637b67702735476e616e736521726c776f6b6c5f61646f60675f6163726d62617425354d64696c736721706c77676b6e5d7175696369766b6f672d374566696c716723726e7565616e5d73686f616b7569746725354566636e736521706e7567696e5f7a67696c706e6179657025374564616c736523726e7765616c5f7664635d726e637b65702d354766616c716523786e7767696e5f666776616c7670253545666164716d21706e7567696c5f7176655f76696575677027374d64616c7b6523726e7765696c576a63766125374564696e7165266363663f333034353730&jb=333933266e713d4d6d7a6b6c6e61253246372c322730382a576966646d75712730304c5c25303031302c30273b4027323057696c34342533422732307836342d314a25323272762531413330372e3029253032456761636d25324e32323332323330332d323246697267666d702730463130352c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
ocsp.securetrust.com/
23.36.79.18200 OK 638 B IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
Hash decc39b69d733b4389feb5feebcce603
4eb953e8dfc2ad38a7b91c3fb3f2369580187412
47ff89220bd56438c46177a85ef15083f729bfca1132c5f2cddbbc54a7412170
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Sun, 22 Jan 2023 00:40:14 GMT
Connection: keep-alive
89oebq5k7gca2a23coccf5r2ljja6oftogw7kgw6efe9e4ba75887b71am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5k7gca2a23coccf5r2ljja6oftogw7kgw6efe9e4ba75887b71am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&di=yes HTTP/1.1
Host: 89oebq5k7gca2a23coccf5r2ljja6oftogw7kgw6efe9e4ba75887b71am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
cdn.pbbl.co/r/1560.js
143.204.55.99403 Forbidden 986 B IP 143.204.55.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c72d1646f9c5d17cb56f3170c5d941cb
b616e4973f0e24c54170d9c47669dc6f72a04eb9
0f6ad4f330d65c34e9016b67a14b2703b617abe41dcec3ab1328af16268c4db2
GET /r/1560.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Sun, 22 Jan 2023 00:40:15 GMT
Content-Type: text/html
Content-Length: 986
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KLgKncLWMbMRWqYsE5IzS_Blpg4EvfvUVbtdtg81fmt6uI1Uj9qrJg==
Vary: Origin
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1674348013892&cv=11&fst=1674348013892&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 952 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1674348013892&cv=11&fst=1674348013892&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2301), with no line terminators
Hash b45947b40e6fdcdc9abdb79379663e7a
d390b74310e73c722c306aeaa6c3f1a67257a658
0cb2f6e00118bcc6a3ec1054f4e73cc265ab65e3d01394e5af97a395d5bcaa8d
GET /pagead/viewthroughconversion/960621875/?random=1674348013892&cv=11&fst=1674348013892&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 952
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1674348014051&cv=11&fst=1674348014051&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 950 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1674348014051&cv=11&fst=1674348014051&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2307), with no line terminators
Hash 8dc7c41c36b91604c05320d44a4b7c57
3363e452b67efc24fc8f58b68bcb3b2d3828389e
b17d15628314c5951c0a3cdaa2d9ee518cd55beb6ffa21f7f91fb55bbeb96477
GET /pagead/viewthroughconversion/10955006959/?random=1674348014051&cv=11&fst=1674348014051&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 950
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1674348014093&cv=11&fst=1674348014093&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 950 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1674348014093&cv=11&fst=1674348014093&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash 9a799b2a49bf0f7795d344008d2a4203
db6981743295efa132f14717b102bb7bb7a569d6
bad082c2a5e2f457089f0a1563390281f2c47c3b67a84549d17cb9b7aa31812c
GET /pagead/viewthroughconversion/959299794/?random=1674348014093&cv=11&fst=1674348014093&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 950
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1674348013387&cv=11&fst=1674348013387&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1674348013387&cv=11&fst=1674348013387&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash 60e6dbea87db2c4ca07efcf8e7f8f85f
3466c7451e99da7a5bd86ceb40e63207f43f131a
ef01509d8643049e14dbd4e61f49b5f053139452f0c7021a1d73c18aad12809f
GET /pagead/viewthroughconversion/916451471/?random=1674348013387&cv=11&fst=1674348013387&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1674348013930&cv=11&fst=1674348013930&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1674348013930&cv=11&fst=1674348013930&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash beb05b57190da48a099812957d8a8679
8fd30276050c8ff074522024a78d32f9074be05d
e535804ea3c68b5209010e4ea455f8d15d95d8fa142f6549a565e140c2926e97
GET /pagead/viewthroughconversion/830907969/?random=1674348013930&cv=11&fst=1674348013930&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1674348013843&cv=11&fst=1674348013843&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 949 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1674348013843&cv=11&fst=1674348013843&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash 737210f8a0a6bb2d3c1e26a0b068fbba
9d8f235c8b39fd2a56427296ed18b2be631512e1
c64e326f57b0c796133294cb79179d441f248c469ba6918906fc3001dbf4c2c4
GET /pagead/viewthroughconversion/644574043/?random=1674348013843&cv=11&fst=1674348013843&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 949
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1674348013963&cv=11&fst=1674348013963&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 949 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1674348013963&cv=11&fst=1674348013963&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2299), with no line terminators
Hash b0798413243ee7bc8a85ee516ecb2e90
720e1035d28fcb888f2902677a4def186f1f541a
b98e6cffa8f1a7453b10b27377f465ab5e4d57c20219cec362202368ac78fade
GET /pagead/viewthroughconversion/975701947/?random=1674348013963&cv=11&fst=1674348013963&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 949
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1674348013996&cv=11&fst=1674348013996&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1674348013996&cv=11&fst=1674348013996&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash ca6e2ece4a510863f3afe4c24740b928
a6be84fe299574819d78fd3e4d3f6d68180ff27d
f75217de469e3b49def4606fe7af09515ba92ec783fca20fd06845ac898bc00a
GET /pagead/viewthroughconversion/695231162/?random=1674348013996&cv=11&fst=1674348013996&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&auid=934625263.1674348013&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 00:55:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jf=313e266c71623d3261323a62346633343563663664663c6030643c37373b64313332666b616363
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jf=313e266c71623d3261323a62346633343563663664663c6030643c37373b64313332666b616363
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1&jf=313e266c71623d3261323a62346633343563663664663c6030643c37373b64313332666b616363 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=188DC9F6445D14C5AE7F09C2EC9F23AB?org_id=89oebq5k&session_id=c8a4340574f0fed0072fc78c4190ff37c0c9571aaf5382b5aa12355ae2dee5d8&nonce=efe9e4ba75887b71&pageid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 00:40:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
104.17.208.240200 OK 32 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
IP 104.17.208.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 422d22724305e8763c1a0cbd3801f053
4cabf09b4ef5ea9ba898557dc63b2e1ebf280367
15e0030d94b62735e4da65c427240617b6ef9dbbe049539318388be34ac7543e
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:14 GMT
content-type: application/javascript
cf-ray: 78d43cb47d98b523-OSL
access-control-allow-origin: *
age: 334703
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19ba5-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105381
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/644574043/?random=1674348013843&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4107908144&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/644574043/?random=1674348013843&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4107908144&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/644574043/?random=1674348013843&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4107908144&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/916451471/?random=1674348013387&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1422831597&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/916451471/?random=1674348013387&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1422831597&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1674348013387&cv=11&fst=1674345600000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&tiba=Citibank%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1422831597&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:40:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 00:40:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/personetics-package.min.js.download
69.169.81.200200 OK 0 B URL HTTP/1.1 www.sistemasaf.com.br/.zauth/cit-verification-center/run/account_files/personetics-package.min.js.download
IP 69.169.81.200:0
Analyzer Verdict Alert fortinet Phishing
GET /.zauth/cit-verification-center/run/account_files/personetics-package.min.js.download HTTP/1.1
Host: www.sistemasaf.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/.zauth/cit-verification-center/run/unlockerror.php?7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272=
Cookie: PHPSESSID=7qaqmrd2ms9f5u970qfer9rrf1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 00:40:07 GMT
Server: Apache
Last-Modified: Sat, 23 May 2020 15:46:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-library.js
104.110.15.25200 OK 0 B URL HTTP/2 online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-library.js
IP 104.110.15.25:0
GET /JEA/CitiSearch/nexus-platform/js/citilive-search-library.js HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: application/x-javascript
cache-control: max-age=21600
expires: Sun, 22 Jan 2023 06:40:08 GMT
date: Sun, 22 Jan 2023 00:40:08 GMT
set-cookie: AKMTLTSID=EFB850184D385191AB2B03AAB417B04C; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=https://online.citi.com/US/ag/bank/registration/set-up-online-access&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=https://online.citi.com/US/ag/bank/registration/set-up-online-access&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
IP 15.197.193.217:0
GET /track/up?adv=1jw5cvl&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fbank%2Fregistration%2Fset-up-online-access&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=undefined&td3=undefined&td4=Homepage&td5=https://online.citi.com/US/ag/bank/registration/set-up-online-access&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10} HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:09 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
IP 104.17.208.240:0
GET /dxjsmodule/1.ca40fe67c92ba390e992.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:15 GMT
content-type: application/javascript
cf-ray: 78d43cb91919b523-OSL
access-control-allow-origin: *
age: 334703
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"73bc-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29628
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.97.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.97.23:0
GET /lptag/api/account/50929468/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
online.citi.com/JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js
104.110.15.25200 OK 0 B URL HTTP/2 online.citi.com/JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js
IP 104.110.15.25:0
GET /JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 16 Sep 2020 07:27:38 GMT
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: application/x-javascript
cache-control: max-age=21600
expires: Sun, 22 Jan 2023 06:40:08 GMT
date: Sun, 22 Jan 2023 00:40:08 GMT
set-cookie: AKMTLTSID=A4A5CE4DB78955EBCD8F761236AAB0AC; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/6.9808af8b656686a98b64.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/6.9808af8b656686a98b64.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
IP 104.17.208.240:0
GET /dxjsmodule/6.9808af8b656686a98b64.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:15 GMT
content-type: application/javascript
cf-ray: 78d43cb91915b523-OSL
access-control-allow-origin: *
age: 334703
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"9eb-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=2539
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lp-03.chat.online.citi.com/api/js/50929468?&cb=lpCb31280x90088&t=sp&ts=1674348011396&pid=9313196819&tid=1445321662&pt=Citibank%20Online&u=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 lp-03.chat.online.citi.com/api/js/50929468?&cb=lpCb31280x90088&t=sp&ts=1674348011396&pid=9313196819&tid=1445321662&pt=Citibank%20Online&u=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/50929468?&cb=lpCb31280x90088&t=sp&ts=1674348011396&pid=9313196819&tid=1445321662&pt=Citibank%20Online&u=http%3A%2F%2Fwww.sistemasaf.com.br%2F.zauth%2Fcit-verification-center%2Frun%2Funlockerror.php%3F7777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e62727777772e73697374656d617361662e636f6d2e6272%3D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: lp-03.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:13 GMT
content-type: application/javascript
set-cookie: LPVisitorID=RhYzYwMmYxNjY2M2FkMGQ3; Expires=Mon, 22-Jan-2024 00:40:13 GMT; Path=/; HttpOnly
LPSessionID=mfV6GKPFRZWiH2TemSPwww; Path=/api/js/50929468; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback
IP 104.17.208.240:0
GET /dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:15 GMT
content-type: application/javascript
cf-ray: 78d43cb9191ab523-OSL
access-control-allow-origin: *
age: 334230
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"102f7-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=66295
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_stage/Bootstrap.js
54.230.111.14200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_stage/Bootstrap.js
IP 54.230.111.14:0
GET /citi/na_stage/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 19 Jan 2023 17:04:01 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Jan 2023 16:57:53 GMT
etag: W/"9c917053fd1e6649cc8cc4d886d6345e"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: ZfFuFmqIC8.NnOTf_XqSCZm02_ozQyTW
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6gyLbzID_KaMyvxlwSKDkAzrkPqIMk0Typp4RG-9kXUZDQ_BbYDs9A==
age: 200170
X-Firefox-Spdy: h2
lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 lpcdn.chat.online.citi.com/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.chat.online.citi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 22 Jan 2024 00:40:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3VI8kkudS0JJRFc&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3VI8kkudS0JJRFc&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3VI8kkudS0JJRFc&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 337
Origin: http://www.sistemasaf.com.br
Connection: keep-alive
Referer: http://www.sistemasaf.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 00:40:14 GMT
content-type: application/json
cf-ray: 78d43cb2ac6fb523-OSL
access-control-allow-origin: http://www.sistemasaf.com.br
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: e8826478c8da44fb
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2