Report - bordadosrl.com.br/mtb/login

Report Overview

Submitted URL
bordadosrl.com.br/mtb/login
IP
162.214.170.93
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-22 19:20:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	46 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.27.12.161
www.bordadosrl.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	252 kB	162.214.170.93
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.9 kB	142.250.74.10
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	43 kB	142.250.74.72
widget-v2.smartsuppcdn.com	49903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	5.2 kB	185.76.9.18
bordadosrl.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	790 B	828 B	162.214.170.93
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	10 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	1.2 kB	142.250.74.164
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.110
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.1 kB	142.251.1.155
websocket-visitors.smartsupp.com	39452	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	588 B	222 B	3.126.230.201
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	59 kB	142.250.74.98
www.smartsuppchat.com	46890	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	465 B	185.76.9.22
bootstrap.smartsuppchat.com	43006	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	357 B	52.57.230.198
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	5.2 kB	142.250.74.66
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	159 kB	142.250.74.163
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.1 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-22	medium	bordadosrl.com.br/mtb/login	Phishing
2022-09-22	medium	bordadosrl.com.br/mtb/login	Phishing
2022-09-22	medium	www.bordadosrl.com.br/mtb/login	Phishing
2022-09-22	medium	www.bordadosrl.com.br/mtb/login	Phishing
2022-09-22	medium	www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js	Phishing
2022-09-22	medium	www.bordadosrl.com.br/themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0	Phishing
2022-09-22	medium	www.bordadosrl.com.br/img/favicon.ico?1655479423	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 17:39:07 Times Seen36946459 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js	2.5 kB	2023-03-07	2023-03-17
Pretty URL widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js IP 185.76.9.18 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:57:10 Last Seen2023-03-17 12:50:49 Times Seen1 Hash 895b88c450324c1fcfe585d5af282bcd bec2b9e432ceca264ca2f99b73b2aec2018d998b 7919353ca525f9e6d953789c44bc3c5f08350fd40922e130797e0d022e2f8a7a Loading...

	widget-v2.smartsuppcdn.com/static/js/6.1f64fecd.chunk.js	532 kB	2023-03-07	2023-03-17
Pretty URL widget-v2.smartsuppcdn.com/static/js/6.1f64fecd.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:10 Last Seen2023-03-17 12:50:49 Times Seen1 Hash 6b9fca5b41292d0333c3f92432b0f289 82663737e4e6a7502a725913494b9b71f9ffb9c5 4d56bb1509577d37c01adedfecdfb74a87fe2d73c3711371f3ca6222f93758e7 Loading...

	www.bordadosrl.com.br/mtb/login	1.7 kB	2023-03-07	2023-03-07
Pretty URL www.bordadosrl.com.br/mtb/login IP 162.214.170.93 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash ef815fc31bd103ec0a85569c64242b8d 284b633a9f24f06c375812ed97ae5e369cb21025 3eb2c62d72fcab7c07de269770ad68b438fa0856eb4fe6ade173ba05decd1e50 Loading...

	www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit	905 B	2023-03-07	2023-03-07
Pretty URL www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash b15e7c8b96a0eac90a6012c31bffb899 a25939c763b5a84ebc35ccbde27024577f48e4f6 ed700cda1f54c90f61090a642988a918125b35b9ba6f4d2aa679285fb8d566ed Loading...

	www.googletagmanager.com/gtm.js?id=GTM-W4VJJL4	114 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-W4VJJL4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash a6ed7fdd50e7aec99ecadb83d9d91caf e822d23bb82ccfa7b917c6c3bc68ded69ffe5781 a9d3f807586dab1f63c75f5753e5afb7fab0d9f80ff6c6aad469af43af5479a1 Loading...

	googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html	9.8 kB	2023-03-07	2023-03-17
Pretty URL googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:29:04 Last Seen2023-03-17 17:17:05 Times Seen1 Hash c5a01b9bdfc392b3a440c04c25d912a0 9f741a618cc001a197f4fd39dda831059be42db5 e789ddac14d96021d2c048d3428317d12aa8f1a5c326ba957c3792e879982e6f Loading...

	www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js	266 kB	2023-03-07	2023-03-07
Pretty URL www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js IP 162.214.170.93 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash 4c4f2e3ddfba6f5a3d7b2064fa2505dc 360d3d6c8c76e86aa6ca7d78c98e4a7c47c881c3 4e70312c766c1d8debe2d72c5f9626f9ea7cad29ba4153cc3304bdeedcaff832 Loading...

	www.bordadosrl.com.br/mtb/login	5.6 kB	2023-03-07	2023-03-07
Pretty URL www.bordadosrl.com.br/mtb/login IP 162.214.170.93 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash 8c1414591441e9a5058479a7958faeda 0da0f3435d61d14b13f6ebe4b8acf3b186321060 b8e8cd27b7ce1427d5c27a2a67ba4e555aeea720fd7e792bde4c5171b8935136 Loading...

	www.googletagmanager.com/gtag/js?id=UA-23163904-1	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-23163904-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash da39fb37090c3c64a291a2f6c5d4bbde 196151f141df3ac0331fd72a68f96d9f6a7332ca 84fca784010c7cb3e3d06f7919f3663a688d2c9fa544f462774408090cf3bfe0 Loading...

	www.smartsuppchat.com/loader.js	18 kB	2023-03-07	2023-03-17
Pretty URL www.smartsuppchat.com/loader.js IP 185.76.9.22 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:34 Last Seen2023-03-17 12:50:49 Times Seen1 Hash 072a6ac951579377d5ba0caa5f265901 37dfcd85d0dd5e872ba445a28464d412a9b9163d a320df24001eaff2b9da352bcf0d72a65d30488fdf52f9d7364fa0358d27075d Loading...

	widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js	118 kB	2023-03-07	2023-03-17
Pretty URL widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js IP 185.76.9.18 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:55:46 Last Seen2023-03-17 12:50:49 Times Seen1 Hash 6754173295d43d4347bdf093268c1808 2fdb0fb920e9ab6a08c5adc4c432b03d2aa486be 896b613384fde37c2208bb5f1ed6655c4251307c9daf21084a1e9c4818ca9827 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	171 kB	2023-03-07	2023-03-07
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:22:30 Last Seen2023-03-07 23:22:30 Times Seen1 Hash 177451f30dd6c063692d0fcd2e7e4fdb 7e7c1264dd73ea803192b481d08ed137f47c9e0c f31edeb8cfe78a3499068ccfaca2a777e5d158e8ca05466c5b076c939c745e57 Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-06
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-06 23:01:22 Times Seen1641 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

HTTP Transactions (72)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 19:04:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 35cj1adr52TfA8_GYr1-yyvx4Xy45U32_HJXWJ2e9VB5678y91Jy3w==
Age: 980

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7571
Expires: Thu, 22 Sep 2022 21:26:37 GMT
Date: Thu, 22 Sep 2022 19:20:26 GMT
Connection: keep-alive

bordadosrl.com.br/mtb/login

162.214.170.93

301 Moved Permanently

243 B

URL HTTP/1.1
bordadosrl.com.br/mtb/login
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
243 B (243 bytes)
Hash
b5a15dffa749bfa06c172c6df8a5a9b3
d3a0ea3f41ba6b31362a29f688ad80f6738913f5
18bbd1aed05abcf483ba3b8b9fb66688730da1d379a54f15e716c07f17f1ba20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtb/login HTTP/1.1
Host: bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:26 GMT
Server: Apache
Location: https://bordadosrl.com.br/mtb/login
Content-Length: 243
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z0ksqNNcu5SHn3w7_rgAMJPqNyWn6v4V3C0O8DVYY95TYHIMg5570A==
age: 53113
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:20:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 19:03:22 GMT
Expires: Thu, 22 Sep 2022 19:15:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 38ONUmdY8E_EElk6i9uUNIRUT30QLdgTCkBN92v_sUHSq1GPl02Yxw==
Age: 1025

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:27 GMT
Last-Modified: Thu, 22 Sep 2022 17:58:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

bordadosrl.com.br/mtb/login

162.214.170.93

301 Moved Permanently

20 B

URL HTTP/1.1
bordadosrl.com.br/mtb/login
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtb/login HTTP/1.1
Host: bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:27 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: http://www.bordadosrl.com.br/mtb/login
Content-Length: 20
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

push.services.mozilla.com/

52.27.12.161

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.27.12.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D3bPXrF6Tq3sC8+fnyrygQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qyVh+0jcQaaLmhnt72RTBVL51wo=

www.bordadosrl.com.br/mtb/login

162.214.170.93

301 Moved Permanently

247 B

URL HTTP/1.1
www.bordadosrl.com.br/mtb/login
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
247 B (247 bytes)
Hash
9c9444f7323b6189343c3314c95c6390
faf580baddc3b7b71ca78962e6c366ccb831fea7
fc6759851c250afeacd3788d2b7a6bc7829f690d7f90f92bee39c690ab06d048

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtb/login HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:27 GMT
Server: Apache
Location: https://www.bordadosrl.com.br/mtb/login
Content-Length: 247
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8678 bytes)
Hash
91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 78380
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8549 bytes)
Hash
62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 77530
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9901 bytes)
Hash
da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 05:53:43 GMT
age: 48406
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14397 bytes)
Hash
c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: 18122f14-4c48-43b3-b312-218f3ae84d93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8EVfoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-3d23a04565d70f3c5403007b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9zc5SsL1SB9GtwMkVWcNLJzC-MfOd-5TiQck5s6-MV23RWPqWPAgtA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:00:45 GMT
age: 4784
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10754 bytes)
Hash
af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 78380
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5650 bytes)
Hash
a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 77522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bordadosrl.com.br/mtb/login

162.214.170.93

404 Not Found

15 kB

URL HTTP/1.1
www.bordadosrl.com.br/mtb/login
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50243), with CRLF, LF line terminators
Size
15 kB (15354 bytes)
Hash
c32c07e28514c9c12509892add33f7af
68ebb1178a62bc8830e9162ec75cbbe3478b1924
91395cf143c7b1eb2f3465a93c14975c5d2b4f8185e5f30208ead9dff6a33ab5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtb/login HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Thu, 22 Sep 2022 19:20:28 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Powered-By: PrestaShop
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj; expires=Tue, 27-Sep-2022 19:20:28 GMT; Max-Age=431999; path=/; domain=www.bordadosrl.com.br; secure; HttpOnly
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1110 bytes)
Hash
9a716ea274a8b22d4fe3a59b5841db78
10342cf028085d437926ef279ad46d17c1ebf4b1
ea7e54c6e0a437f7320256999b5668f7b682a9ce2f78f6cb07203527d011c2e4

HTTP Headers

GET /css?family=Open+Sans:300,600&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 19:20:29 GMT
date: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit

142.250.74.164

200 OK

579 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (905), with no line terminators
Size
579 B (579 bytes)
Hash
91b83177e60e98e0ec5404e18f8c7b93
4f4853a8a6f61d95b4adc65b90c14cc008cc252f
01d957f37ff6a8ab089e49333ba3f61aeda2a34161b731fbabe0e282d8a2c003

HTTP Headers

GET /recaptcha/api.js?onload=nar_onLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 22 Sep 2022 19:20:29 GMT
date: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-23163904-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-23163904-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42212 bytes)
Hash
780dd01fb334f966c9732edffa105806
b04d9fe3449b2b5e093e37e327adfd35fb1d8324
124bae5ce9770486775157b119c7c11b8b8d116e0c433ece4cc1dd4718657edc

HTTP Headers

GET /gtag/js?id=UA-23163904-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 19:20:29 GMT
expires: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.98

200 OK

58 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2903)
Size
58 kB (57957 bytes)
Hash
849fe6a25c060dcd36ceef6ee7bff03b
87e85825c4896d7a2ea625ada3bb8b65293015bd
c2e8a9dbc8a106e6306aa5122b9206257522a51412206d972ba59e0bf771127a

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 22 Sep 2022 19:20:29 GMT
expires: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7920867636286272240
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css

162.214.170.93

200 OK

44 kB

URL HTTP/1.1
www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65518)
Size
44 kB (43965 bytes)
Hash
73c971632e8dd0da8aae33d750eb7013
7d24e123b34a08075e4e7b29060cd341feec4413
03c0031cf1b2c1a4735470d7c9109544a9402b9ca26ebb20c5ed3b1dc8da31f5

HTTP Headers

GET /themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:29 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 13:42:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 19:20:29 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 43965
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/css

www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js

162.214.170.93

200 OK

80 kB

URL HTTP/1.1
www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32341)
Size
80 kB (79576 bytes)
Hash
659a4d2c3f8eab523ec3dc8a6302b7c6
24d542ef1abfd9c0fa6c02a620a7269093ec7e01
d569f860b8f0b51f345ebf990f4be1ea84ef3194197a3dd9316447a6bee0d5d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:29 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 13:42:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 19:20:29 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-5-1.jpg

162.214.170.93

200 OK

1.9 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-5-1.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 51x51, components 3\012- data
Size
1.9 kB (1891 bytes)
Hash
8704857536554c53c4fb847bb175b8c7
87e784bfa6d938e01fb54dae45d4a6b28a747b4b
8266b848fdc1f8bcdc58fec6bc12db088523068b3d2bed6e4888ba7961204ad3

HTTP Headers

GET /modules/blockreinsurance/img/reinsurance-5-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 14 Oct 2021 11:31:01 GMT
Accept-Ranges: bytes
Content-Length: 1891
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-10-1.jpg

162.214.170.93

200 OK

2.0 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-10-1.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Size
2.0 kB (1961 bytes)
Hash
7e72838a1ddbc6c81aa70efc1da69d60
b3c77eba07d3261ec75933601517140ff56c4010
2192446ee382fb566e54bdab72516cb888ffbbb62fec5a8b30bb662dde3fdccd

HTTP Headers

GET /modules/blockreinsurance/img/reinsurance-10-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:59:08 GMT
Accept-Ranges: bytes
Content-Length: 1961
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 211769
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bordadosrl.com.br/themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0

162.214.170.93

200 OK

57 kB

URL HTTP/1.1
www.bordadosrl.com.br/themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 14:52:48 GMT
Accept-Ranges: bytes
Content-Length: 56780
Cache-Control: max-age=31536000
Expires: Fri, 22 Sep 2023 19:20:30 GMT
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: font/woff2

googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html

142.250.74.66

200 OK

4.4 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Size
4.4 kB (4420 bytes)
Hash
682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f

HTTP Headers

GET /pagead/html/r20220919/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 22 Sep 2022 00:13:49 GMT
expires: Thu, 06 Oct 2022 00:13:49 GMT
cache-control: public, max-age=1209600
age: 68801
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bordadosrl.com.br/themes/default-bootstrap/img/footer-bg.png

162.214.170.93

200 OK

83 B

URL HTTP/1.1
www.bordadosrl.com.br/themes/default-bootstrap/img/footer-bg.png
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1 x 70, 8-bit colormap, non-interlaced\012- data
Size
83 B (83 bytes)
Hash
ad7c25d6b826b81098a15d7e87c978ba
d4474350e7c4c203e4ca497091c4209614e883db
1207bcd0369868cbb5be1794a4519bdf3a911889cf239cde3c03abedecc28f1a

HTTP Headers

GET /themes/default-bootstrap/img/footer-bg.png HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 14:52:56 GMT
Accept-Ranges: bytes
Content-Length: 83
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Content-Type: image/png

www.bordadosrl.com.br/modules/blockreinsurance/img/bg_reinsurance_block.gif

162.214.170.93

200 OK

299 B

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/bg_reinsurance_block.gif
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 85\012- data
Size
299 B (299 bytes)
Hash
cb10b633ef9b88c86b2abb1572a80056
2b686e7dec630720f2eddaf0103e5c6a09da3c03
774c88fe3665b3e0d1a24ac602886cd347110c881a538ffce5551f3c41d66943

HTTP Headers

GET /modules/blockreinsurance/img/bg_reinsurance_block.gif HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:57:59 GMT
Accept-Ranges: bytes
Content-Length: 299
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: image/gif

www.bordadosrl.com.br/module/cron/cron?token=g1z5AkTm&time=1663874429

162.214.170.93

200 OK

43 B

URL HTTP/1.1
www.bordadosrl.com.br/module/cron/cron?token=g1z5AkTm&time=1663874429
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /module/cron/cron?token=g1z5AkTm&time=1663874429 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Access-Control-Allow-Origin: *
Content-Length: 43
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Vary: User-Agent
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/gif

www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-1-1.jpg

162.214.170.93

200 OK

2.1 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-1-1.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Size
2.1 kB (2071 bytes)
Hash
fe215a4795c11bfebba04d6d98114f0b
cd11eb4e78473048a5f5f94817d5075ff5e9d4e1
08da39b6f9b59598520401595b33f9a92c17e4e3bd8c27f0a1e330e3874f1b86

HTTP Headers

GET /modules/blockreinsurance/img/reinsurance-1-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:42:02 GMT
Accept-Ranges: bytes
Content-Length: 2071
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=197
Connection: Keep-Alive
Content-Type: image/jpeg

www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-9-1.jpg

162.214.170.93

200 OK

2.0 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-9-1.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Size
2.0 kB (2015 bytes)
Hash
ed73f9c9c66f903c04d7b3147b7eaaca
94cc70b1c0a78494897549300718a4b5c731405c
d158fbde85d700c191b93ad3024793595568fccdb2500ead19a27e487e16ecd9

HTTP Headers

GET /modules/blockreinsurance/img/reinsurance-9-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:56:45 GMT
Accept-Ranges: bytes
Content-Length: 2015
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=197
Connection: Keep-Alive
Content-Type: image/jpeg

www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-2-1.jpg

162.214.170.93

200 OK

1.7 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-2-1.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Size
1.7 kB (1695 bytes)
Hash
244691502ead38bc51b947f1cbde9c19
41023cd9a4fd0eb8036d113df5158d9f9afe9554
3a0e62df92ac6c19c4aa195b86ed2e04c356daeb2ef3426b00f614d1fb403b2c

HTTP Headers

GET /modules/blockreinsurance/img/reinsurance-2-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:44:19 GMT
Accept-Ranges: bytes
Content-Length: 1695
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
13cf7399e566a6646c3d468c9fcecdff
7d58b2cb7d8e29987c5276828931c3c9288f18fa
4b9263fb0142cf94e98d03d030875159a2bf37b37ba2d997b52e9f58927d76ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 19:20:30 GMT
Last-Modified: Thu, 22 Sep 2022 19:15:07 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YCuIcjpmoe0O2CPipReDngYSKbhvnA1M9-IUdmi6d7HTfQ-QNocupA==
Age: 323

www.bordadosrl.com.br/modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif

162.214.170.93

200 OK

25 kB

URL HTTP/1.1
www.bordadosrl.com.br/modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1170 x 80\012- data
Size
25 kB (24613 bytes)
Hash
056bbe9fa2a181d532308a6500f4cffb
e8f187b8ca21a0c2d25b20abcfca7d7de47f96e1
de369f7867bbed020467476094cff70c843ed99921aba116bcf3f3462a081e82

HTTP Headers

GET /modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:56:34 GMT
Accept-Ranges: bytes
Content-Length: 24613
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/gif

www.bordadosrl.com.br/img/bordados-rl-logo-1557273002.jpg

162.214.170.93

200 OK

14 kB

URL HTTP/1.1
www.bordadosrl.com.br/img/bordados-rl-logo-1557273002.jpg
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 400x140, components 3\012- data
Size
14 kB (14455 bytes)
Hash
b867d6b8cab9026c64ca69b628f61229
cf5935ffd3d2d978f4f2d05975f07f0b9a3fb0a5
9ddfed4abf2aab9f764c3df77de7d5bb57a706a851da00456356f2cd5839e016

HTTP Headers

GET /img/bordados-rl-logo-1557273002.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:28:29 GMT
Accept-Ranges: bytes
Content-Length: 14455
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (581)
Size
158 kB (157726 bytes)
Hash
6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b

HTTP Headers

GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 135781
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

widget-v2.smartsuppcdn.com/asset-manifest.json

185.76.9.18

200 OK

1.5 kB

URL HTTP/2
widget-v2.smartsuppcdn.com/asset-manifest.json
IP
185.76.9.18:0
ASN
#60068 Datacamp Limited

File type
JSON data\012- , ASCII text
Size
1.5 kB (1469 bytes)
Hash
328faad0de303369e07c6d03e1db6973
de7323cacc572bdc95c57f1f796879baee00c233
45c4ee6ae00867701fdc4d97591cc93fe8759448d1a97266e6286c79a46a048d

HTTP Headers

GET /asset-manifest.json HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:22:15 GMT
etag: W/"63203db7-6ce"
expires: Tue, 13 Sep 2022 08:56:12 GMT
cache-control: max-age=300, public, s-maxage=60
access-control-allow-origin: *
x-accel-expires: @1663874480
server: CDN77-Turbo
x-77-nzt: AblMCQ1hpaL/CgAAAA
x-77-nzt-ray: Mlsqdq3USxE
x-cache: HIT
x-age: 10
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

www.bordadosrl.com.br/img/favicon.ico?1655479423

162.214.170.93

200 OK

1.6 kB

URL HTTP/1.1
www.bordadosrl.com.br/img/favicon.ico?1655479423
IP
162.214.170.93:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Size
1.6 kB (1644 bytes)
Hash
8ca46e38fb722ff1d0825491870c6d3b
cc47720e52e6f855e0823d6ffd5c9c522a2f10d7
1558e2b848dd77d18ff3c54ba3c1b07d099b727641818e977d2510e5f745773f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/favicon.ico?1655479423 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:28:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Fri, 22 Sep 2023 19:20:30 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1644
Keep-Alive: timeout=20, max=196
Connection: Keep-Alive
Content-Type: image/x-icon

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js

185.76.9.18

200 OK

1.2 kB

URL HTTP/2
widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js
IP
185.76.9.18:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with very long lines (2443)
Size
1.2 kB (1244 bytes)
Hash
7323358a75753b7ff2fa89cad45c00e5
b52f3f4b04729083d289d7964ec19d02b2876bda
0161056c557251921d6bc4167313556c0670226a739c05efac80415f998fd43d

HTTP Headers

GET /static/js/runtime-main.c16a44f6.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:52:21 GMT
etag: W/"63199f35-9bd"
expires: Fri, 08 Sep 2023 08:08:17 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694160497
server: CDN77-Turbo
x-77-nzt: AblMCQ1mDrT/jhITAA
x-77-nzt-ray: emx0XuUzjVw
x-cache: HIT
x-age: 1249934
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
eb1556c0633d4dddada6053d01cfb357
c7304fdbe0c885f2d64850e8384055fd153dc670
ab821413c5141d72094205e8d17b3b29494ac55b47acf48230d9cee67d01f855

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 19:20:31 GMT
Last-Modified: Thu, 22 Sep 2022 18:58:24 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HMweWr-iVkGlK5lj-yoJ9QRZtKky9C35nINoGMLVTyX5-sowyW7rog==
Age: 1327

websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket

3.126.230.201

101 Switching Protocols

0 B

URL HTTP/1.1
websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket
IP
3.126.230.201:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket/?EIO=3&transport=websocket HTTP/1.1
Host: websocket-visitors.smartsupp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.bordadosrl.com.br
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dFfVuta68gJV2mQXHisrdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 22 Sep 2022 19:20:31 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ITvbV4d8rmo59k0Bo+dlf7mWIEI=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets

widget-v2.smartsuppcdn.com/translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f

185.76.9.18

200 OK

0 B

URL HTTP/2
widget-v2.smartsuppcdn.com/translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
IP
185.76.9.18:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bordadosrl.com.br/
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:21:20 GMT
etag: W/"63203d80-fc9"
expires: Wed, 13 Sep 2023 08:52:14 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694595134
server: CDN77-Turbo
x-77-nzt: AblMCQ2C6lX/wXAMAA
x-77-nzt-ray: 43INp6M+1Io
x-cache: HIT
x-age: 815297
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

www.smartsuppchat.com/loader.js

185.76.9.22

200 OK

0 B

URL HTTP/2
www.smartsuppchat.com/loader.js
IP
185.76.9.22:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /loader.js HTTP/1.1
Host: www.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 17:52:27 GMT
etag: W/"623a0cdb-4792"
expires: Mon, 23 May 2022 11:09:44 GMT
cache-control: max-age=300, public, s-maxage=60
x-accel-expires: @1663874476
server: CDN77-Turbo
x-77-nzt: AblMCRQwcOD/DgAAAA
x-77-nzt-ray: D+nhLFlgWg4
x-cache: HIT
x-age: 14
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js

185.76.9.18

200 OK

0 B

URL HTTP/2
widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js
IP
185.76.9.18:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/main.9ec99211.chunk.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:22:15 GMT
etag: W/"63203db7-1cd79"
expires: Wed, 13 Sep 2023 08:51:13 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694595073
server: CDN77-Turbo
x-77-nzt: AblMCQ0TA9n//nAMAA
x-77-nzt-ray: WxQOab1BmDs
x-cache: HIT
x-age: 815358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

widget-v2.smartsuppcdn.com/translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f

185.76.9.18

200 OK

0 B

URL HTTP/2
widget-v2.smartsuppcdn.com/translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
IP
185.76.9.18:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bordadosrl.com.br/
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:21:20 GMT
etag: W/"63203d80-10ac"
expires: Wed, 13 Sep 2023 09:10:01 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694596201
server: CDN77-Turbo
x-77-nzt: AblMCQ3d/Mb/lmwMAA
x-77-nzt-ray: y3YqAJEAiks
x-cache: HIT
x-age: 814230
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

bootstrap.smartsuppchat.com/widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json

52.57.230.198

200 OK

0 B

URL HTTP/2
bootstrap.smartsuppchat.com/widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json
IP
52.57.230.198:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json HTTP/1.1
Host: bootstrap.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/json; charset=utf-8
x-version: 40abd74f2935f2a6d1a2667e53c08501d31c5c2e
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate
x-hit: redis
etag: "111d-J0iiREpuIvLbSbp9pfCxk9ATnWw"
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP