Report - painel.odara.com.br/emailmarketing/campain/click?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=lvkzf4.codesandbox.io/hh-bmalicki

Report Overview

Submitted URL
painel.odara.com.br/emailmarketing/campain/click?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=lvkzf4.codesandbox.io/hh-bmalicki
IP
45.167.178.40
ASN
#268021 Odara Internet Ltda
Submitted
2022-09-28 20:11:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	53 kB	34.120.237.76
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
painel.odara.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	151 kB	45.167.178.40
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.228.200
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	15 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	42 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	painel.odara.com.br/login	Phishing
2022-09-28	medium	painel.odara.com.br/vendor/jquery/dist/js/jquery.min.js	Phishing
2022-09-28	medium	painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.min.js	Phishing
2022-09-28	medium	painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.extra.js	Phishing
2022-09-28	medium	painel.odara.com.br/vendor/jquery/dist/js/jquery.inputmask.bundle.min.js	Phishing
2022-09-28	medium	painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	painel.odara.com.br/vendor/jquery/dist/js/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL painel.odara.com.br/vendor/jquery/dist/js/jquery.min.js IP 45.167.178.40 ASN #268021 Odara Internet Ltda Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 08:39:55 Times Seen62690 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.min.js	23 kB	2023-03-08	2023-09-30
Pretty URL painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.min.js IP 45.167.178.40 ASN #268021 Odara Internet Ltda Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:04 Last Seen2023-09-30 10:24:11 Times Seen5 Hash 4910eda75d55e976bfa8a4d4fb9d0ce4 aa2fca50bed563cfdf9323c314efa6e28c93d6ab 704a679a566ac76367bf20c870faa74ca47883710eeee50216768a75c1184587 Loading...

	painel.odara.com.br/vendor/jquery/dist/js/jquery.inputmask.bundle.min.js	119 kB	2023-03-08	2023-03-08
Pretty URL painel.odara.com.br/vendor/jquery/dist/js/jquery.inputmask.bundle.min.js IP 45.167.178.40 ASN #268021 Odara Internet Ltda Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:04 Last Seen2023-03-08 03:12:04 Times Seen1 Hash d79cff1e3b440df9c0b7f0d34b2199be a4ed952e606708ec7d0b3971107f4a7723204973 7de36067d6b1d1b841a3ce45d5a6378b4f2d12c274dcc9015593a6fb3e848ef2 Loading...

	painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.extra.js	2.4 kB	2023-03-08	2023-03-08
Pretty URL painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.extra.js IP 45.167.178.40 ASN #268021 Odara Internet Ltda Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:04 Last Seen2023-03-08 03:12:04 Times Seen1 Hash e6aa54318e16f07ff325450faa0cb71e 2b9a94cafa2ce3bd7ee08b43c31153c075965c5f 65c5d99a50330b713a6b5900c6ed6fc188d46b6f978f7d704bf1a3bcdfa5a618 Loading...

	painel.odara.com.br/login	914 B	2023-03-08	2023-03-08
Pretty URL painel.odara.com.br/login IP 45.167.178.40 ASN #268021 Odara Internet Ltda Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:04 Last Seen2023-03-08 03:12:04 Times Seen1 Hash 0ac6cdb05b309d3526cf4729cdfb3003 db5c81593ceb1d833de76f1df9e0ef55e036f933 481558a1de2992ba96618eece487cf0981a04ba56483761f050add6125f6715c Loading...

HTTP Transactions (43)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 19:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h2LojN4RVZTRY2p_lQzXa4l5ebb6JlhF3VzT3YQJd5bxlabGjW8t2g==
Age: 3337

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2614
Expires: Wed, 28 Sep 2022 20:54:50 GMT
Date: Wed, 28 Sep 2022 20:11:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sMOuxVcvk36FP63Ss13_iUQP-tCFMic-r2Pct8mEkhgDL-jVjFgI-g==
age: 52970
X-Firefox-Spdy: h2

painel.odara.com.br/emailmarketing/campain/click?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki

45.167.178.40

302 Found

417 B

URL HTTP/1.1
painel.odara.com.br/emailmarketing/campain/click?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
417 B (417 bytes)
Hash
99907ad1da0da9bf207e3e1326e79727
2b403f328af40ef0fe1f68e44d5bceef485065c3
0fa346e36cc1ff35c4b8052468734649fff113b62ad18ab685103b8160d4ed2e

HTTP Headers

GET /emailmarketing/campain/click?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 20:11:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Location: https://painel.odara.com.br/?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki
Content-Length: 417
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 20:11:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P-cN1BBbhwEixwxZqELFGC8ShMd_hEzSJnfv3gQJpv6Y-pcwKGnVqg==
Age: 2503

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b3e20be75af10afa79cd48e9c491bd44
d1bf203eb1f02e55912c667b046198dba70324f4
96161559ff8cbe4103539effe8d56f690d5f11081fda19dbc8378aa5f458b003

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:27:56 GMT
Expires: Wed, 05 Oct 2022 19:27:55 GMT
Etag: "d1bf203eb1f02e55912c667b046198dba70324f4"
Cache-Control: max-age=601598,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f2096da4bb4fa-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:16 GMT
Last-Modified: Wed, 28 Sep 2022 19:28:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.228.200

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.228.200:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qT2tVI5gkR7NV3BihtehZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YkR1KeeGMHRWyWgSvHDQzM9u/nU=

painel.odara.com.br/?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki

45.167.178.40

302 Found

200 B

URL HTTP/1.1
painel.odara.com.br/?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
200 B (200 bytes)
Hash
0025298ef5447ddc60a42d75c09cc9c7
ce8eb0dd884b7f476b186710ba3ca458400d4544
1b031b9022041940d49124a4686595bc2438183f24394793650026415ec66816

HTTP Headers

GET /?uid=0DHW80SjYatjGiCSkwyN2eeKdSd8HVv+iJnWZVl/UoM=&cid=6xe1ewmLWczb+HUGaeYvZAuCLGYFZNNJzds0ln/P/TA=&eid=URUSXf7/enbQ6EQ5gwS9413gHiXe/igU+f2AK4l3b1g=&url=https://lvkzf4.codesandbox.io/hh-bmalicki HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 20:11:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Cache-Control: no-cache, private
Location: https://painel.odara.com.br/login
Set-Cookie: XSRF-TOKEN=eyJpdiI6IldZclNoam52c1BNYm1NbUZrNGtYc0E9PSIsInZhbHVlIjoia2RyUGpWd2lWaG0zWTNwU3IydXZ6ejg1RTcybDVWZlYwMDBtMXRrMTFcL3MzQlhsajlvXC95M3hxRlAxa3NsdHhCIiwibWFjIjoiOGFhZjIwYTJiNTk4ZjA5ZjQzYTlmZDEwYjJmMDZhYzhkODViYTBjZTY4NzcyZGVhNTZkM2UwYjBhZWIxNTc1MiJ9; expires=Wed, 28-Sep-2022 22:11:17 GMT; Max-Age=7200; path=/
painel_session=eyJpdiI6IjNGNWJIbDZKZHlsTFdGMlwvZkNYQnJ3PT0iLCJ2YWx1ZSI6InFEZEN0a1FleWFkb092M2xnOFhicXBcL21SNEdOOE9KNUxYdVJZVDNCd0tCZW9URUl1Y01DRks4ZDc0OGhZcXdHIiwibWFjIjoiZjQzNzU3YzQxZTE1MzkwYjY4YTA0ODc4ODEwODBjZDllYmU1NjYxNTZhMjJjOTQ1Zjc5ODAxNjQyMDJiZjRjYSJ9; expires=Wed, 28-Sep-2022 22:11:17 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 200
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

painel.odara.com.br/login

45.167.178.40

200 OK

1.8 kB

URL HTTP/1.1
painel.odara.com.br/login
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.8 kB (1828 bytes)
Hash
45e214353a6f21398a889e70b0adea4a
fcbb24f74a32d1b361a254c281df0c82e576049c
278675e59fd3f6aa7f5fc31abf63e9074abcca5cc74fa9c6e3ac832555b35847

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IldZclNoam52c1BNYm1NbUZrNGtYc0E9PSIsInZhbHVlIjoia2RyUGpWd2lWaG0zWTNwU3IydXZ6ejg1RTcybDVWZlYwMDBtMXRrMTFcL3MzQlhsajlvXC95M3hxRlAxa3NsdHhCIiwibWFjIjoiOGFhZjIwYTJiNTk4ZjA5ZjQzYTlmZDEwYjJmMDZhYzhkODViYTBjZTY4NzcyZGVhNTZkM2UwYjBhZWIxNTc1MiJ9; painel_session=eyJpdiI6IjNGNWJIbDZKZHlsTFdGMlwvZkNYQnJ3PT0iLCJ2YWx1ZSI6InFEZEN0a1FleWFkb092M2xnOFhicXBcL21SNEdOOE9KNUxYdVJZVDNCd0tCZW9URUl1Y01DRks4ZDc0OGhZcXdHIiwibWFjIjoiZjQzNzU3YzQxZTE1MzkwYjY4YTA0ODc4ODEwODBjZDllYmU1NjYxNTZhMjJjOTQ1Zjc5ODAxNjQyMDJiZjRjYSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; expires=Wed, 28-Sep-2022 22:11:17 GMT; Max-Age=7200; path=/
painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D; expires=Wed, 28-Sep-2022 22:11:17 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1828
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:11:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:11:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:11:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:11:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 53347
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 80560
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5319 bytes)
Hash
46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:32:06 GMT
age: 81552
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14464 bytes)
Hash
aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 80715
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 80540
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

142.250.74.10

200 OK

14 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (14217 bytes)
Hash
56c7b536f3744f76ca0b001959c79880
2161ec91cb3517378a5afb823fb13ad04437d68e
2b792206c5b6b8e1fc85c46486ee51594b04eea1d5581943d1febec95fb4e88a

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:11:18 GMT
date: Wed, 28 Sep 2022 20:11:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/css/bootstrap.min.css

45.167.178.40

200 OK

20 kB

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/css/bootstrap.min.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text, with very long lines (65371)
Size
20 kB (19744 bytes)
Hash
f6fd8790f1d560aab890a85a78b6d67d
98adac8aece45e55b10c8d0d645038a990b0ee00
ceae5c3fdd35600e1de72b94f59efb2fc3b51163640a180431c8d59b95e2ef0f

HTTP Headers

GET /vendor/adminlte/vendor/bootstrap/dist/css/bootstrap.min.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "1d970-592ab5524f110-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19744
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css

painel.odara.com.br/vendor/adminlte/vendor/font-awesome/css/font-awesome.min.css

45.167.178.40

200 OK

7.1 kB

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/vendor/font-awesome/css/font-awesome.min.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

HTTP Headers

GET /vendor/adminlte/vendor/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "7918-592ab55253378-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

painel.odara.com.br/vendor/adminlte/plugins/iCheck/square/blue.css

45.167.178.40

200 OK

462 B

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/plugins/iCheck/square/blue.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text
Size
462 B (462 bytes)
Hash
21d54b064b68f419502c0bf06691d605
f01b6449a87be05e2a8e834931a5ada750951a80
5fbd05aabd2e3b001d3bf22a22a402067714a65366637615df9c8200d4da1859

HTTP Headers

GET /vendor/adminlte/plugins/iCheck/square/blue.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "64b-592ab552381e0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 462
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

painel.odara.com.br/vendor/adminlte/vendor/Ionicons/css/ionicons.min.css

45.167.178.40

200 OK

8.3 kB

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/vendor/Ionicons/css/ionicons.min.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
Unicode text, UTF-8 text, with very long lines (50806)
Size
8.3 kB (8284 bytes)
Hash
3f1e436685a4599a3c5a4ad1d4742aae
f5c604e83a72202d2e0d4fb4fa3413df611bfc9b
d3dc8d7385a9b9ae0ad8879206762d0fc12d18adb604e4262f08aa48d81262bd

HTTP Headers

GET /vendor/adminlte/vendor/Ionicons/css/ionicons.min.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "c854-592ab552389b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8284
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

painel.odara.com.br/vendor/jquery/dist/js/jquery.min.js

45.167.178.40

200 OK

30 kB

URL HTTP/1.1
painel.odara.com.br/vendor/jquery/dist/js/jquery.min.js
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text, with very long lines (32058)
Size
30 kB (30138 bytes)
Hash
3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vendor/jquery/dist/js/jquery.min.js HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "15283-592ab5527bbe8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript

painel.odara.com.br/vendor/adminlte/css/auth.css

45.167.178.40

200 OK

37 B

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/css/auth.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text
Size
37 B (37 bytes)
Hash
b50bbe01c710606ca2f1cfcd000ab823
9008bf749253b31237eb7d50e689511ceb9aecff
cee6fe2119ca601f238ce7fb75785eb8e9259f279be71d08f312df95c2bd3728

HTTP Headers

GET /vendor/adminlte/css/auth.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:48 GMT
ETag: "25-592ab55236688"
Accept-Ranges: bytes
Content-Length: 37
Vary: User-Agent
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.min.js

45.167.178.40

200 OK

7.5 kB

URL HTTP/1.1
painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.min.js
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
Unicode text, UTF-8 text, with very long lines (23122)
Size
7.5 kB (7508 bytes)
Hash
4f32f53f94c222a54393cba7329ef916
f0f8fd878a7f5568f03b0b148b1e454fcb02a338
a984990b4eaea2a4939af24942f2dd9271fa9a469ae3bc023ef7905764b2f47d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vendor/jquery/dist/js/jquery.validation.min.js HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "5adf-592ab5527c7a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7508
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.extra.js

45.167.178.40

200 OK

851 B

URL HTTP/1.1
painel.odara.com.br/vendor/jquery/dist/js/jquery.validation.extra.js
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
Unicode text, UTF-8 text
Size
851 B (851 bytes)
Hash
f7cd9b39d3726468f1463d65963f3e43
35962da68a5cec8b8a4457e64cedb642f8874884
f377976888afa2818cf2209429e5df8557ffb3752e79e01196dae08246427a8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vendor/jquery/dist/js/jquery.validation.extra.js HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "92f-592ab5527c7a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 851
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

painel.odara.com.br/vendor/jquery/dist/js/jquery.inputmask.bundle.min.js

45.167.178.40

200 OK

28 kB

URL HTTP/1.1
painel.odara.com.br/vendor/jquery/dist/js/jquery.inputmask.bundle.min.js
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text, with very long lines (65303)
Size
28 kB (28276 bytes)
Hash
4d8502967f3b938b03cc691710094509
d52dc9d60a68da9c3676ea35a721f64511ad9cf4
304de91044df64f0ae9e641bbb784aceddf704a9005537e5970739b50f3fccc7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vendor/jquery/dist/js/jquery.inputmask.bundle.min.js HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "1d15b-592ab5527a478-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28276
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

painel.odara.com.br/vendor/adminlte/dist/css/AdminLTE.min.css

45.167.178.40

200 OK

15 kB

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/dist/css/AdminLTE.min.css
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
ASCII text, with very long lines (65317)
Size
15 kB (15006 bytes)
Hash
f6736de6df6b333d3b72e9821a215aa4
47e05a5cba2289b44673626c42a4b0282abf8ea3
84f2efe27e4227ad376bddb10aab614ecfc747130a53282d2c4a2fe1ba5df55c

HTTP Headers

GET /vendor/adminlte/dist/css/AdminLTE.min.css HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "1656d-592ab55236e58-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15006
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size
13 kB (12956 bytes)
Hash
1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://painel.odara.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:28:31 GMT
expires: Thu, 28 Sep 2023 19:28:31 GMT
cache-control: public, max-age=31536000
age: 2569
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://painel.odara.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 2663
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Size
13 kB (12924 bytes)
Hash
4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://painel.odara.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 2663
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

painel.odara.com.br/images/logo-painel-login.png

45.167.178.40

200 OK

6.1 kB

URL HTTP/1.1
painel.odara.com.br/images/logo-painel-login.png
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
PNG image data, 216 x 36, 8-bit/color RGBA, interlaced\012- data
Size
6.1 kB (6058 bytes)
Hash
c9851f86d519258cead310dad8f923be
de80b9a78c7db4a1eeb13a1fd86af0298c616ab8
c37371663d8ac4b78eddeb19ad9567bba701179c7611b34fac6c31ae2c15313d

HTTP Headers

GET /images/logo-painel-login.png HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:48 GMT
ETag: "17aa-592ab55233f78"
Accept-Ranges: bytes
Content-Length: 6058
Vary: User-Agent
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: image/png

painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2

45.167.178.40

200 OK

18 kB

URL HTTP/1.1
painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vendor/adminlte/vendor/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://painel.odara.com.br/vendor/adminlte/vendor/bootstrap/dist/css/bootstrap.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:49 GMT
ETag: "466c-592ab55251820"
Accept-Ranges: bytes
Content-Length: 18028
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive

painel.odara.com.br/favicon.ico

45.167.178.40

200 OK

0 B

URL HTTP/1.1
painel.odara.com.br/favicon.ico
IP
45.167.178.40:0
ASN
#268021 Odara Internet Ltda

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: painel.odara.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://painel.odara.com.br/login
Cookie: XSRF-TOKEN=eyJpdiI6IkdNMFZ1dVRadWNNeSt1YnRXM0RoR2c9PSIsInZhbHVlIjoiNldLcXg2QUNlQ253YUlZSDNWZWh5VG1ZaEw0eVIyeVdOZWNIOXB2ZGVpdGhYUCs2K1UwRmI4UlJEY0VvQVwvMXAiLCJtYWMiOiI3OTg4Y2ExNWVhYzcxMDcwNDE4MTM3NGVlN2EyMzIyZTQwMWRiZjE1MWM2ZGY1NDUwNzkxNmMyYjFkNjU5MjVmIn0%3D; painel_session=eyJpdiI6Ino5RnhsdURGOEphSzA5c052U3dUanc9PSIsInZhbHVlIjoiVGNGc2FvUWdCNUVNN1NjZm1iNHBDOXJoZjZmTGFFVitmMVU5ZkdQNHJhNVh1cjBoRTczSnY3NDVES0dJM2tJOSIsIm1hYyI6Ijk5YWYxOWIxNGIzYTQ2OTJlY2M2NWZkMzk3ZDY0ZTNhMzNhODU5MWQ2NGJjODQ2ZTdiYmUzOWFjODA3Yjg1ZWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:11:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Last-Modified: Mon, 16 Sep 2019 13:10:48 GMT
ETag: "0-592ab5522d218"
Accept-Ranges: bytes
Content-Length: 0
Vary: User-Agent
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (43)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size