{
    "id": 3060,
    "date": "2025-12-07T20:38:37",
    "date_gmt": "2025-12-07T20:38:37",
    "guid": {
        "rendered": "https:\/\/notamspot.com\/?page_id=3060"
    },
    "modified": "2026-01-03T21:11:40",
    "modified_gmt": "2026-01-03T21:11:40",
    "slug": "security-architecture",
    "status": "publish",
    "type": "page",
    "link": "https:\/\/notamspot.com\/pt-br\/security-architecture\/",
    "title": {
        "rendered": "Arquitetura de Seguran\u00e7a"
    },
    "content": {
        "rendered": "<h1 id=\"smartcontentguard-arquitetura-de-segurana-para-avi\" class=\"font-display first:mt-xs mb-2 mt-4 font-semimedium text-lg leading-[1.5em] lg:text-xl\">NOTAMSpot: Arquitetura de Seguran\u00e7a para Avia\u00e7\u00e3o<\/h1>\n<div style=\"background: linear-gradient(135deg, #DBEAFE 0%, #BFDBFE 100%); border-left: 4px solid #3B82F6; padding: 16px 20px; margin: 24px 0 32px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 15px; font-weight: 600; color: #1e40af; text-align: center; line-height: 1.6;\">\u2139\ufe0f Importante: As capturas de tela abaixo mostram o NOTAMSpot em opera\u00e7\u00e3o em portais p\u00fablicos de terceiros. Esta \u00e9 uma extens\u00e3o independente, n\u00e3o afiliada ou endossada por nenhuma ag\u00eancia governamental (FAA, NOAA, DECEA, Nav Canada).<\/p>\n<\/div>\n<h2 id=\"guia-completo-de-proteo-contra-ameaas-cibernticas\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Guia Completo de Prote\u00e7\u00e3o Contra Amea\u00e7as Cibern\u00e9ticas<\/h2>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"ndice\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcd1 \u00cdndice<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#introducao\"><span class=\"text-box-trim-both\">Introdu\u00e7\u00e3o<\/span><\/a><\/span><\/h2>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#sobre-documento\"><span class=\"text-box-trim-both\">Sobre este documento<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#sobre-documento\"><span class=\"text-box-trim-both\">P\u00fablico-alvo<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#como-usar-guia\"><span class=\"text-box-trim-both\">Como usar este guia<\/span><\/a><\/span><\/p>\n<\/li>\n<li><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"#viso-geral-da-arquitetura\">Vis\u00e3o Geral da Arquitetura<\/a><\/span><\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"#camada-1-security-whitelist-primeira-linha-de-def\"><strong><span class=\"text-box-trim-both\">Camada 1: Security Whitelist (Primeira Linha de Defesa)<\/span><\/strong><\/a><\/span><\/h2>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"https:\/\/www.perplexity.ai\/search\/agora-para-o-anti-homograph-at-sPxkli_vTh2J9vJ2IB8B4Q#https-enforcement\" target=\"_blank\" rel=\"nofollow noopener\"><span class=\"text-box-trim-both\">1. <\/span><\/a><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#camada1-https-enforcement\">HTTPS Enforcement Obrigat\u00f3rio<\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#camada1-https-protecao\"><span class=\"text-box-trim-both\">Como HTTPS protege<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#camada1-https-aviacao\"><span class=\"text-box-trim-both\">Por que \u00e9 cr\u00edtico para avia\u00e7\u00e3o<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#camada1-https-scg\"><span class=\"text-box-trim-both\">Como o NOTAMSpot enfor\u00e7a HTTPS<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#https-enforcement\" target=\"_blank\" rel=\"nofollow noopener\"><span class=\"text-box-trim-both\">2. <\/span><\/a><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#secure-context-verification\">Secure Context Verification<\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#secure-context-o-que-e\">O que \u00e9 um secure context<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#secure-context-por-que-importa\">Por que isso importa para seguran\u00e7a<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#anti-homograph-attack-detection\">3. Anti-Homograph Attack Detection<\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#anti-homograph-o-que-sao\">O que s\u00e3o ataques homogr\u00e1ficos<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#anti-homograph-como-funciona\">Como funcionam na pr\u00e1tica<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#anti-homograph-riscos\">Quais s\u00e3o os riscos<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#anti-homograph-protecao\">Como o NOTAMSpot protege<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#punycode-attack-prevention\"><span class=\"text-box-trim-both\">4. Punycode Attack Prevention (xn--)<\/span><\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#punycode-o-que-e\">O que \u00e9 Punycode<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#punycode-impacto-seguranca\">Como impacta a seguran\u00e7a<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#punycode-por-que-perigoso\">Por que \u00e9 perigoso<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#punycode-deteccao-scg\">Como o NOTAMSpot detecta<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#subdomain-authorization-mapping\">5. Subdomain Authorization Mapping<\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#subdomain-o-que-e\">O que \u00e9 mapeamento de subdom\u00ednios<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#subdomain-como-funcionam-ataques\">Como funcionam ataques via subdom\u00ednios<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#subdomain-riscos\">Quais s\u00e3o os riscos<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#subdomain-protecao-scg\">Como o NOTAMSpot protege<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#protocolos-nao-suportados\"><span class=\"text-box-trim-both\">6. Protocolos n\u00e3o suportados<\/span><\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#protocolos-o-que-sao\"><span class=\"text-box-trim-both\">O que s\u00e3o protocolos n\u00e3o suportados<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#protocolos-como-funcionam\"><span class=\"text-box-trim-both\">Como funcionam os protocolos inseguros<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#protocolos-riscos\"><span class=\"text-box-trim-both\">Quais s\u00e3o os riscos<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#protocolos-protecao-scg\"><span class=\"text-box-trim-both\">Como o NOTAMSpot protege<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#typosquatting\"><span class=\"text-box-trim-both\">7. Typosquatting<\/span><\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#typosquatting-o-que-e\"><span class=\"text-box-trim-both\">O que \u00e9 typosquatting<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#typosquatting-como-opera\"><span class=\"text-box-trim-both\">Como opera<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#typosquatting-riscos\"><span class=\"text-box-trim-both\">Casos reais e riscos<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#typosquatting-protecao-scg\"><span class=\"text-box-trim-both\">Como o NOTAMSpot protege<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#combosquatting-detection\"><span class=\"text-box-trim-both\">8. Combosquatting Detection<\/span><\/a><\/span><\/h3>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#combosquatting-o-que-e\"><span class=\"text-box-trim-both\">O que \u00e9 combosquatting<\/span><\/a><\/span><\/p>\n<\/li>\n<li>\n<p id=\"por-que-engana-at-profissionais-de-segurana\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\"><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"#por-que-engana-at-profissionais-de-segurana\">Por que engana at\u00e9 profissionais de seguran\u00e7a<\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#combosquatting-protecao\"><span class=\"text-box-trim-both\">Prote\u00e7\u00e3o do NOTAMSpot<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"#camada-2-security-blacklist-bloqueio-proativo\">Camada 2: Security Blacklist (Bloqueio Proativo)<\/a><\/span><\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"#camada-3-security-analyzer-deteco-de-cdigo-malicioso\">Camada 3: Security Analyzer (Detec\u00e7\u00e3o de C\u00f3digo Malicioso)<\/a><\/span><\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><span style=\"color: #3366ff;\"><span class=\"text-box-trim-both\">ANEXOS<\/span><\/span><\/h2>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#fluxo-de-validao-completo\"><span class=\"text-box-trim-both\">Fluxo de valida\u00e7\u00e3o completo<\/span><\/a><\/span><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><span style=\"color: #3366ff;\"><a class=\"reset interactable cursor-pointer decoration-1 underline-offset-1 text-super hover:underline font-semibold\" style=\"color: #3366ff;\" href=\"#compliance-regulamentrio\"><span class=\"text-box-trim-both\">Compliance regulat\u00f3rio<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2 id=\"sobre-documento\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfaf Introdu\u00e7\u00e3o<\/h2>\n<h2 id=\"introducao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Sobre este documento<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Este guia t\u00e9cnico documenta a\u00a0<strong>arquitetura de seguran\u00e7a multicamadas<\/strong> do NOTAMSpot, uma extens\u00e3o de navegador especializada em proteger pilotos, operadores aeron\u00e1uticos e profissionais de avia\u00e7\u00e3o contra amea\u00e7as cibern\u00e9ticas direcionadas a sites de meteorologia (METARs\/TAFs), NOTAMs e sistemas de planejamento de voo.<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">A avia\u00e7\u00e3o civil e militar depende de\u00a0<strong>informa\u00e7\u00f5es precisas e n\u00e3o adulteradas<\/strong>\u00a0para tomada de decis\u00f5es cr\u00edticas de seguran\u00e7a de voo. Um METAR falsificado ou NOTAM omitido pode resultar em acidentes, viola\u00e7\u00f5es de espa\u00e7o a\u00e9reo restrito e comprometimento de opera\u00e7\u00f5es militares sens\u00edveis.<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Vers\u00e3o do documento:<\/strong>\u00a01.2.0<br \/>\n<strong>\u00daltima atualiza\u00e7\u00e3o:<\/strong>\u00a0Dezembro 2025<br \/>\n<strong>Base t\u00e9cnica:<\/strong>\u00a0security-whitelist.js, security-blacklist.js, security-analyzer.js<\/p>\n<h2 id=\"publico-alvo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">P\u00fablico-alvo<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Este documento \u00e9 direcionado a:<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Revisores t\u00e9cnicos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Engenheiros de seguran\u00e7a cibern\u00e9tica<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Analistas de conformidade regulat\u00f3ria (ANAC, FAA, EASA)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Arquitetos de sistemas de avia\u00e7\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Auditores de certifica\u00e7\u00e3o de software aeron\u00e1utico<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Usu\u00e1rios finais:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Pilotos comerciais e militares<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Despachantes operacionais de voo (DOV)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Controladores de tr\u00e1fego a\u00e9reo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Operadores de Electronic Flight Bag (EFB)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Gestores de seguran\u00e7a de voo<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Administradores de TI:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Gerentes de infraestrutura de companhias a\u00e9reas<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Equipes de ciberseguran\u00e7a de for\u00e7as armadas<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Respons\u00e1veis por conformidade PCI DSS, ISO 27001, SOC 2<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"como-usar-guia\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Como usar este guia<\/h2>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Navega\u00e7\u00e3o:<\/strong>\u00a0Use o \u00edndice clic\u00e1vel para acessar diretamente se\u00e7\u00f5es de interesse<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>N\u00edvel t\u00e9cnico:<\/strong>\u00a0Cada se\u00e7\u00e3o come\u00e7a com explica\u00e7\u00e3o conceitual e avan\u00e7a para detalhes de implementa\u00e7\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplos pr\u00e1ticos:<\/strong>\u00a0Todos os ataques s\u00e3o ilustrados com cen\u00e1rios reais de avia\u00e7\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>C\u00f3digo-fonte:<\/strong> Trechos de c\u00f3digo JavaScript mostram implementa\u00e7\u00e3o efetiva do NOTAMSpot<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Estat\u00edsticas:<\/strong>\u00a0Dados de incid\u00eancia global e casos documentados validam relev\u00e2ncia das amea\u00e7as<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Conven\u00e7\u00f5es visuais:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u2705\u00a0<strong>Verde:<\/strong>\u00a0Comportamento seguro\/permitido<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c\u00a0<strong>Vermelho:<\/strong>\u00a0Amea\u00e7a detectada\/bloqueada<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u26a0\ufe0f\u00a0<strong>Amarelo:<\/strong>\u00a0Aviso\/aten\u00e7\u00e3o necess\u00e1ria<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udd12\u00a0<strong>Cadeado:<\/strong>\u00a0Relacionado a criptografia\/HTTPS<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u2708\ufe0f\u00a0<strong>Avi\u00e3o:<\/strong>\u00a0Espec\u00edfico para avia\u00e7\u00e3o<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot implementa uma estrat\u00e9gia de <strong>defesa em profundidade<\/strong>\u00a0contra amea\u00e7as web, com tr\u00eas m\u00f3dulos especializados que trabalham em conjunto para proteger profissionais de avia\u00e7\u00e3o durante a consulta de informa\u00e7\u00f5es cr\u00edticas.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"viso-geral-da-arquitetura\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfd7\ufe0f Vis\u00e3o Geral da Arquitetura<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<h3 class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">text<\/h3>\n<\/div>\n<pre><code>\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n\u2502                    USU\u00c1RIO \/ NAVEGADOR                      \u2502\r\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n                       \u2502\r\n        \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n        \u2502  NOTAMSpot Engine   \u2502\r\n        \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n                       \u2502\r\n    \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n    \u2502                  \u2502                  \u2502\r\n\u250c\u2500\u2500\u2500\u25bc\u2500\u2500\u2500\u2500\u2500\u2510      \u250c\u2500\u2500\u2500\u2500\u2500\u25bc\u2500\u2500\u2500\u2500\u2500\u2500\u2510     \u250c\u2500\u2500\u2500\u2500\u2500\u25bc\u2500\u2500\u2500\u2500\u2500\u2510\r\n\u2502 CAMADA  \u2502      \u2502  CAMADA 2  \u2502     \u2502 CAMADA 3  \u2502\r\n\u2502   1     \u2502 \u2500\u2500\u2500\u25b6\u2502  BLACKLIST \u2502\u2500\u2500\u2500\u25b6\u2502 ANALYZER  \u2502\r\n\u2502WHITELIST\u2502      \u2502  BLOQUEIO  \u2502     \u2502  XSS\/CSP  \u2502\r\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518      \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518     \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n   \u2705 Aprovado      \ud83d\udeab Bloqueado      \u26a0\ufe0f Suspeito\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"camada-1-security-whitelist-primeira-linha-de-def\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udee1\ufe0f Camada 1: Security Whitelist (Primeira Linha de Defesa)<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Objetivo<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Garantir que apenas dom\u00ednios governamentais oficiais de avia\u00e7\u00e3o sejam considerados confi\u00e1veis, bloqueando\u00a0<strong>antes<\/strong>\u00a0qualquer tentativa de spoofing, typosquatting ou homograph attack.<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<p><code>\u00a0\u2705 <span class=\"token token constant\">APROVADO POR WHITELIST<\/span><br \/>\n<\/code><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-3678 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check.jpg\" alt=\"NOTAMSpot showing a green &quot;Verified Official Site&quot; badge with real-time domain validation and official-source whitelist\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-verified-official-site-faa-notam-green-check-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 01:<\/strong> Valida\u00e7\u00e3o de dom\u00ednio em tempo real com indicador verde \u201cVerified Official Site\u201d. O painel flutuante do NOTAMSpot confirma que a URL pertence a uma fonte aeron\u00e1utica oficial (Camada 1 \u2014 Whitelist), validando conte\u00fado confi\u00e1vel e aus\u00eancia de amea\u00e7as detectadas antes de iniciar qualquer an\u00e1lise.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<p><code> \u274c <span class=\"token token constant\">REPROVADO POR BLACKLIST<\/span><br \/>\n<\/code><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><img decoding=\"async\" class=\"alignnone wp-image-3679 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional.jpg\" alt=\"NOTAMSpot showing a &quot;Blocked Site&quot; panel for a non-whitelisted domain outside the aviation content scope\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unrelated-content-blocked-not-professional-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 02:<\/strong> Bloqueio preventivo por escopo: a p\u00e1gina acessada n\u00e3o consta na whitelist do NOTAMSpot e foi identificada como conte\u00fado\u00a0<strong>fora do contexto aeron\u00e1utico<\/strong>. Mesmo sem ind\u00edcios de amea\u00e7a ativa, o acesso \u00e9 restringido por pol\u00edtica de seguran\u00e7a para evitar an\u00e1lises em fontes n\u00e3o verificadas.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Prote\u00e7\u00f5es Implementadas<\/h2>\n<h2 id=\"camada1-https-enforcement\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 1. HTTPS Enforcement Obrigat\u00f3rio<\/h2>\n<p><code>\u274c <span class=\"token token constant\">REJEITADO<\/span> <span class=\"token token punctuation\">(<\/span>protocolo inseguro<span class=\"token token punctuation\">)<\/span><\/code><\/p>\n<p><img decoding=\"async\" class=\"alignnone wp-image-3680 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam.jpg\" alt=\"NOTAMSpot security alert showing HTTPS enforcement blocking an insecure HTTP connection on a whitelisted aviation domain\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-insecure-connection-http-detection-faa-notam-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 03:<\/strong> Detec\u00e7\u00e3o de protocolo HTTP inseguro em simula\u00e7\u00e3o sobre o site aisweb.decea.mil.br. O NOTAMSpot exibe alerta vermelho &#8220;AMEA\u00c7A DE SEGURAN\u00c7A DETECTADA&#8221; e bloqueia acesso por aus\u00eancia de HTTPS obrigat\u00f3rio, demonstrando enforcement da Camada 1 (Whitelist) mesmo em dom\u00ednios governamentais quando o protocolo n\u00e3o \u00e9 seguro.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<h2 id=\"camada1-https-protecao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como HTTPS protege?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>Criptografia de dados em tr\u00e2nsito<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HTTPS usa protocolos TLS\/SSL para criptografar\u00a0<strong>todas<\/strong>\u00a0as comunica\u00e7\u00f5es entre navegador e servidor:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>HTTP (inseguro):\r\nCliente \u2192 \"username=pilot123&amp;password=abc123\" \u2192 Servidor\r\n         \u2191 Texto puro, leg\u00edvel por qualquer intermedi\u00e1rio\r\n\r\nHTTPS (seguro):\r\nCliente \u2192 \"aF3x9K...criptografado...m2Lp8\" \u2192 Servidor\r\n         \u2191 Ileg\u00edvel mesmo se interceptado\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Dados protegidos:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Senhas e credenciais de login<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">N\u00fameros de cart\u00e3o de cr\u00e9dito<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dados pessoais (CPF, endere\u00e7o)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cookies de sess\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Consultas de busca<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Hist\u00f3rico de navega\u00e7\u00e3o<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Autentica\u00e7\u00e3o do servidor<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Certificados digitais\u00a0<strong>provam a identidade<\/strong>\u00a0do website:\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Navegador verifica se o certificado foi emitido por autoridade confi\u00e1vel (CA)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Confirma que o dom\u00ednio no certificado corresponde ao dom\u00ednio visitado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Previne ataques man-in-the-middle (MITM)<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Sem HTTPS:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Usu\u00e1rio \u2192 aisweb.decea.mil.br\r\n           \u2193 (interceptado por atacante)\r\nAtacante \u2192 aisweb-fake.com (servidor falso)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Com HTTPS:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Usu\u00e1rio \u2192 https:\/\/aisweb.decea.mil.br\r\n           \u2193 Certificado digital v\u00e1lido verificado\r\n           \u2705 Conex\u00e3o autenticada com servidor leg\u00edtimo\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Integridade de dados<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HTTPS garante que dados\u00a0<strong>n\u00e3o sejam modificados<\/strong>\u00a0durante transmiss\u00e3o:\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Cen\u00e1rio sem HTTPS (HTTP):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante intercepta resposta do servidor\u00a0<code>aviationweather.gov<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Modifica METAR:\u00a0<code>SBGR 081200Z 09008KT 9999 FEW030<\/code>\u00a0\u2192 adulterado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Piloto recebe informa\u00e7\u00e3o meteorol\u00f3gica falsa<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Risco de acidente<\/strong>\u00a0por decis\u00e3o baseada em dados incorretos<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Com HTTPS:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Qualquer modifica\u00e7\u00e3o quebra a assinatura criptogr\u00e1fica<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Navegador detecta adultera\u00e7\u00e3o e bloqueia conex\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rio v\u00ea erro de seguran\u00e7a em vez de dados corrompidos<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"http-strict-transport-security-hsts\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">HTTP Strict Transport Security (HSTS)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>HSTS<\/strong>\u00a0\u00e9 o mecanismo t\u00e9cnico que\u00a0<strong>for\u00e7a HTTPS<\/strong>\u00a0de forma autom\u00e1tica:\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Como funciona<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O servidor envia header HTTP especial:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<div><code>Strict-Transport-Security: max-age=31536000; includeSubDomains; preload<br \/>\n<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Efeitos:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Navegador\u00a0<strong>converte automaticamente<\/strong>\u00a0<code>http:\/\/<\/code>\u00a0para\u00a0<code>https:\/\/<\/code>\u00a0por at\u00e9 1 ano<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia acesso se certificado SSL for inv\u00e1lido (sem op\u00e7\u00e3o &#8220;aceitar risco&#8221;)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Protege subdom\u00ednios (<code>aisweb.decea.mil.br<\/code>,\u00a0<code>redemet.decea.mil.br<\/code>)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Previne SSL stripping attacks<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Ataques prevenidos por HSTS<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. SSL Stripping:<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Sem HSTS:\r\nUsu\u00e1rio digita \u2192 aisweb.decea.mil.br\r\n                  \u2193 (sem https:\/\/)\r\nNavegador tenta \u2192 http:\/\/aisweb.decea.mil.br\r\nAtacante intercepta \u2192 mant\u00e9m HTTP inseguro\r\nV\u00edtima nunca v\u00ea HTTPS\r\n\r\nCom HSTS:\r\nUsu\u00e1rio digita \u2192 aisweb.decea.mil.br\r\nNavegador for\u00e7a \u2192 https:\/\/aisweb.decea.mil.br\r\nAtacante bloqueado \u2192 conex\u00e3o direta segura\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Cookie Hijacking:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cookies de sess\u00e3o enviados via HTTP s\u00e3o roubados por sniffers<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HSTS garante que cookies\u00a0<strong>sempre<\/strong>\u00a0trafeguem criptografados<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Protocol Downgrade Attacks:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante for\u00e7a navegador a usar HTTP em vez de HTTPS<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HSTS torna HTTP completamente indispon\u00edvel<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"camada1-https-aviacao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Por que \u00e9 cr\u00edtico para avia\u00e7\u00e3o<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Dados sens\u00edveis em portais de avia\u00e7\u00e3o<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>METARs\/TAFs (Meteorologia):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aviationweather.gov<\/code>\u00a0via HTTP \u2192 dados podem ser adulterados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante injeta nevoeiro fict\u00edcio em aeroporto<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Piloto cancela voo desnecessariamente (preju\u00edzo operacional)<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>NOTAMs (Avisos aos Aeronavegantes):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aisweb.decea.mil.br<\/code>\u00a0via HTTP \u2192 NOTAM pode ser omitido<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">TFR (Temporary Flight Restriction) n\u00e3o aparece para piloto<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Viola\u00e7\u00e3o de espa\u00e7o a\u00e9reo presidencial \u2192 multa de US$ 50.000+<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Credenciais de acesso:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Login em\u00a0<code>notams.aim.faa.gov<\/code>\u00a0via HTTP \u2192 senha interceptada<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante acessa sistema de planejamento de voo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Modifica planos de voo arquivados ou rouba rotas comerciais<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Mandatos governamentais<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Estados Unidos:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Governo federal mandatou\u00a0<strong>HTTPS-only<\/strong>\u00a0para todos sites\u00a0<code>.gov<\/code>\u00a0desde 2015<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Inclui FAA, NOAA, NWS (servi\u00e7os de avia\u00e7\u00e3o)<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Brasil:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Sites\u00a0<code>.mil.br<\/code>\u00a0(DECEA, FAB) exigem HTTPS por padr\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>.gov.br<\/code>\u00a0(ANAC, infraero) seguem mesma pol\u00edtica<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"camada1-https-scg\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como o NOTAMSpot enfor\u00e7a HTTPS<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Baseado na descri\u00e7\u00e3o da figura (<code>aisweb.decea.mil.br<\/code>\u00a0com indicador verde), o sistema implementa:<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>Valida\u00e7\u00e3o de protocolo na Camada 1 (Whitelist)<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">\/\/ Verifica\u00e7\u00e3o autom\u00e1tica de HTTPS em sites oficiais<\/span>\r\n<span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">.<\/span><span class=\"token token\">startsWith<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'http:\/\/aisweb.decea.mil.br'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">\/\/ \u274c BLOQUEIA acesso via HTTP inseguro<\/span>\r\n  <span class=\"token token\">showAlert<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'HTTPS obrigat\u00f3rio para sites oficiais de avia\u00e7\u00e3o'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token\">suggestSecureURL<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'https:\/\/aisweb.decea.mil.br'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n\r\n<span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">.<\/span><span class=\"token token\">startsWith<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'https:\/\/aisweb.decea.mil.br'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">\/\/ \u2705 PERMITE acesso via HTTPS seguro<\/span>\r\n  <span class=\"token token\">showGreenIndicator<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'SITE OFICIAL VERIFICADO'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token\">validateCertificate<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span> <span class=\"token token\">\/\/ Verifica validade do certificado SSL<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Indicadores visuais de seguran\u00e7a<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando detecta HTTPS v\u00e1lido:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u2705\u00a0<strong>Badge verde:<\/strong>\u00a0&#8220;SITE OFICIAL VERIFICADO&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udd12\u00a0<strong>Status:<\/strong>\u00a0&#8220;Fonte oficial verificada&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udee1\ufe0f\u00a0<strong>Valida\u00e7\u00e3o:<\/strong>\u00a0&#8220;Conte\u00fado confi\u00e1vel&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u2713\u00a0<strong>Prote\u00e7\u00e3o:<\/strong>\u00a0&#8220;Aus\u00eancia de amea\u00e7as detectadas&#8221;<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Bloqueio de protocolo inseguro<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Se usu\u00e1rio tentar acessar vers\u00e3o HTTP:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c\u00a0<strong>Alerta vermelho:<\/strong>\u00a0&#8220;Protocolo inseguro detectado&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udeab\u00a0<strong>Bloqueio:<\/strong>\u00a0Impede carregamento do conte\u00fado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udd04\u00a0<strong>Redirecionamento:<\/strong>\u00a0Sugere vers\u00e3o HTTPS autom\u00e1tica<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udcca\u00a0<strong>Log:<\/strong>\u00a0Registra tentativa de acesso inseguro para auditoria<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">4.\u00a0<strong>Verifica\u00e7\u00e3o de certificado SSL<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Valida certificado digital:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Emissor:<\/strong>\u00a0Certificado emitido por CA confi\u00e1vel?<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Validade:<\/strong>\u00a0Certificado n\u00e3o expirado?<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Hostname match:<\/strong>\u00a0Dom\u00ednio no certificado = dom\u00ednio visitado?<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Revoga\u00e7\u00e3o:<\/strong>\u00a0Certificado n\u00e3o foi revogado?<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Se\u00a0<strong>qualquer<\/strong>\u00a0valida\u00e7\u00e3o falhar:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u26a0\ufe0f CERTIFICADO SSL INV\u00c1LIDO\r\n\ud83d\udeab Acesso bloqueado por seguran\u00e7a\r\n\ud83d\udccb Motivo: Certificado expirado em 15\/11\/2024\r\n\u2708\ufe0f Sites de avia\u00e7\u00e3o exigem certificados v\u00e1lidos\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">5.\u00a0<strong>Prote\u00e7\u00e3o em camadas<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Camada 1 (Whitelist):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Verifica se dom\u00ednio est\u00e1 na lista de sites oficiais<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exige HTTPS<\/strong>\u00a0para todos os 50+ portais de avia\u00e7\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Valida certificado SSL automaticamente<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Camada 2 (Blacklist):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia vers\u00f5es HTTP de sites que\u00a0<strong>devem<\/strong>\u00a0usar HTTPS<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detecta tentativas de SSL stripping<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Camada 3 (An\u00e1lise de conte\u00fado):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Verifica headers de seguran\u00e7a (HSTS, CSP)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Alerta se site oficial\u00a0<strong>n\u00e3o<\/strong>\u00a0implementa HSTS<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"benefcios-para-segurana-operacional-de-voo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Benef\u00edcios para seguran\u00e7a operacional de voo<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Integridade de dados meteorol\u00f3gicos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">METARs\/TAFs n\u00e3o podem ser adulterados em tr\u00e2nsito<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Piloto confia em dados meteorol\u00f3gicos para decis\u00e3o go\/no-go<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Autenticidade de NOTAMs:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Avisos de fechamento de pista s\u00e3o aut\u00eanticos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">TFRs n\u00e3o podem ser omitidos por atacantes<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Prote\u00e7\u00e3o de credenciais:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Login em sistemas de planejamento de voo \u00e9 seguro<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Credenciais militares\/comerciais n\u00e3o s\u00e3o interceptadas<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Conformidade regulat\u00f3ria:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">ANAC, FAA, EASA exigem uso de sistemas seguros<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HTTPS \u00e9 requisito m\u00ednimo para certifica\u00e7\u00e3o de EFB<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ao\u00a0<strong>enfor\u00e7ar HTTPS obrigat\u00f3rio<\/strong> e validar certificados SSL, o NOTAMSpot garante que pilotos acessem\u00a0<strong>apenas vers\u00f5es aut\u00eanticas e n\u00e3o-adulteradas<\/strong>\u00a0de informa\u00e7\u00f5es cr\u00edticas para seguran\u00e7a de voo, alinhado com pr\u00e1ticas de seguran\u00e7a cibern\u00e9tica exigidas por reguladores de avia\u00e7\u00e3o civil e militar globalmente.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"secure-context-verification\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 2. Secure Context Verification<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Secure Context Verification<\/strong> \u00e9 a verifica\u00e7\u00e3o que garante que a p\u00e1gina est\u00e1 sendo executada em um ambiente considerado seguro pelo navegador e pelas recomenda\u00e7\u00f5es da W3C. Com isso, o NOTAMSpot interrompe a execu\u00e7\u00e3o da extens\u00e3o sempre que detecta um contexto inseguro, evitando que seus recursos operem em p\u00e1ginas potencialmente comprometidas.<\/p>\n<h2 id=\"secure-context-o-que-e\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">O que \u00e9 um &#8220;Secure Context&#8221;?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Um contexto \u00e9 considerado\u00a0<strong>seguro<\/strong>\u00a0quando atende a estes crit\u00e9rios:<\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>HTTPS ativo<\/strong>\u00a0&#8211; A conex\u00e3o usa TLS\/SSL v\u00e1lido<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>localhost\/127.0.0.1<\/strong>\u00a0&#8211; Ambientes de desenvolvimento local<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>file:\/\/\/<\/strong>\u00a0&#8211; Arquivos locais (com restri\u00e7\u00f5es)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Sem frames inseguros<\/strong>\u00a0&#8211; Nenhum iframe HTTP em p\u00e1gina HTTPS<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Service Workers habilitados<\/strong>\u00a0&#8211; APIs modernas dispon\u00edveis<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"secure-context-por-que-importa\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Por que isso importa para seguran\u00e7a?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando\u00a0<code>window.isSecureContext = false<\/code>, significa que:<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c\u00a0<strong>A p\u00e1gina pode estar comprometida por:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Man-in-the-middle attacks (MITM)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Inje\u00e7\u00e3o de c\u00f3digo via HTTP n\u00e3o criptografado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Downgrade attacks (for\u00e7ar HTTP em vez de HTTPS)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Iframe malicioso embedado em p\u00e1gina leg\u00edtima<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c\u00a0<strong>APIs cr\u00edticas ficam desabilitadas:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Geolocation API<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Service Workers<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Web Crypto API<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Clipboard API (async)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">getUserMedia (c\u00e2mera\/microfone)<\/p>\n<\/li>\n<\/ul>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Situa\u00e7\u00e3o<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\"><code>isSecureContext<\/code><\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">A\u00e7\u00e3o do SCG<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>https:\/\/aisweb.decea.mil.br<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705\u00a0<code>true<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Permite acesso<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>http:\/\/aisweb.decea.mil.br<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c\u00a0<code>false<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Bloqueia (sem HTTPS)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">HTTPS com iframe HTTP interno<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c\u00a0<code>false<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Bloqueia (mixed content)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Proxy HTTP interceptando tr\u00e1fego<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c\u00a0<code>false<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Bloqueia (MITM suspeito)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">localhost:3000 (dev)<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705\u00a0<code>true<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Permite (ambiente local)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p><strong>Console do DevTools:<\/strong><\/p>\n<pre>&gt; window.isSecureContext\r\ntrue \/\/ \u2705 Site seguro\r\n\r\n&gt; window.location.protocol\r\n\"https:\" \/\/ \u2705 Protocolo seguro\r\n\r\n&gt; document.domain\r\n\"aisweb.decea.mil.br\" \/\/ \u2705 Dom\u00ednio confi\u00e1vel<\/pre>\n<p>&nbsp;<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"anti-homograph-attack-detection\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 3. Anti-Homograph Attack Detection<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detecta ataques que usam caracteres Unicode visualmente similares para enganar o usu\u00e1rio:<\/p>\n<div class=\"group relative\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Dom\u00ednio Leg\u00edtimo<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Ataque Homograph<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Status<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>aviationweather.gov<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>aviati\u03bfnweather.gov<\/code>\u00a0(\u03bf grego)<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>faa.gov<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>f\u0430a.gov<\/code>\u00a0(\u0430 cir\u00edlico)<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>aisweb.decea.mil.br<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>aiswebb.decea.mil.br<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3682 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection.jpg\" alt=\"NOTAMSpot showing a red security alert for typosquatting with confusable characters detected and anti-phishing protection enabled\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-confusable-characters-spoofing-attack-detection-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 04:<\/strong> Simula\u00e7\u00e3o de ataque de typosquatting\/impersona\u00e7\u00e3o: o NOTAMSpot detecta varia\u00e7\u00e3o suspeita de dom\u00ednio (ex.: \u201caviation\u201d com caracteres confus\u00edveis) e dispara alerta vermelho de\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong>, ativando prote\u00e7\u00e3o anti-phishing e bloqueando a a\u00e7\u00e3o \u201cForce Search\u201d. Essa valida\u00e7\u00e3o faz parte da Camada 1 (Whitelist), que impede acesso a dom\u00ednios parecidos com fontes governamentais leg\u00edtimas.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<div>\n<div>\n<div class=\"\">\n<div class=\"pt-[var(--thread-visual-spacing)] md:pt-lg pb-[var(--thread-visual-spacing)] px-[var(--thread-visual-spacing)] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<div class=\"isolate mx-auto max-w-threadContentWidth\">\n<div class=\"mx-auto max-w-threadContentWidth\">\n<div class=\"relative\">\n<div class=\"gap-y-md mt-md flex flex-col\">\n<div class=\"gap-y-lg flex flex-col first:mt-0\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<div class=\"gap-y-md flex flex-col\">\n<div class=\"relative font-sans text-base text-foreground selection:bg-super\/50 selection:text-foreground dark:selection:bg-super\/10 dark:selection:text-super\">\n<div class=\"min-w-0 break-words [word-break:break-word]\">\n<div id=\"markdown-content-2\" class=\"gap-y-md after:clear-both after:block after:content-['']\" dir=\"auto\">\n<div class=\"relative\">\n<div class=\"prose dark:prose-invert inline leading-relaxed break-words min-w-0 [word-break:break-word] prose-strong:font-medium [&amp;_&gt;*:first-child]:mt-0\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div>\n<div>\n<div class=\"erp-sidecar:min-h-[var(--sidecar-content-height)] erp-mobile-sidecar:min-h-[var(--mobile-sidecar-content-height)] min-h-[var(--page-content-height)]\">\n<div class=\"pt-[var(--thread-visual-spacing)] md:pt-lg pb-[var(--thread-visual-spacing)] px-[var(--thread-visual-spacing)] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<div class=\"isolate mx-auto max-w-threadContentWidth\">\n<div class=\"mx-auto max-w-threadContentWidth\">\n<div class=\"relative\">\n<div class=\"gap-y-md mt-md flex flex-col\">\n<div class=\"gap-y-lg flex flex-col first:mt-0\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<div class=\"gap-y-md flex flex-col\">\n<div class=\"relative font-sans text-base text-foreground selection:bg-super\/50 selection:text-foreground dark:selection:bg-super\/10 dark:selection:text-super\">\n<div class=\"min-w-0 break-words [word-break:break-word]\">\n<div id=\"markdown-content-3\" class=\"gap-y-md after:clear-both after:block after:content-['']\" dir=\"auto\">\n<div class=\"relative\">\n<div class=\"prose dark:prose-invert inline leading-relaxed break-words min-w-0 [word-break:break-word] prose-strong:font-medium [&amp;_&gt;*:first-child]:mt-0\">\n<h2 id=\"anti-homograph-o-que-sao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcd6 O que s\u00e3o Ataques Homogr\u00e1ficos?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Ataques homogr\u00e1ficos<\/strong>\u00a0(ou homoglyph attacks) s\u00e3o t\u00e9cnicas sofisticadas de phishing que exploram caracteres\u00a0<strong>visualmente id\u00eanticos<\/strong>\u00a0de diferentes alfabetos para criar dom\u00ednios fraudulentos imposs\u00edveis de distinguir a olho nu.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Exemplo visual:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Dom\u00ednio leg\u00edtimo:    apple.com\r\nDom\u00ednio malicioso:   \u0430pple.com  \u2190 VISUALMENTE ID\u00caNTICO\r\n                     \u2191\r\n                     Letra \"\u0430\" cir\u00edlica (U+0430) em vez de \"a\" latina (U+0061)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Para o usu\u00e1rio, ambos aparecem como\u00a0<code>apple.com<\/code>\u00a0na barra de endere\u00e7os, mas apontam para servidores completamente diferentes.\u200b<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"anti-homograph-como-funciona\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udd2c Como Funciona?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>Explora\u00e7\u00e3o de Unicode e Punycode<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">A internet moderna suporta dom\u00ednios internacionalizados (IDN) para permitir sites em \u00e1rabe, chin\u00eas, russo, etc. Isso \u00e9 feito atrav\u00e9s de um sistema chamado\u00a0<strong>Punycode<\/strong>, que converte caracteres Unicode para ASCII compat\u00edvel com DNS.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Processo:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Atacante registra:  \u0430pple.com (caracteres cir\u00edlicos)\r\n                    \u2193\r\nDNS converte para:  xn--pple-43d.com (Punycode)\r\n                    \u2193\r\nNavegador exibe:    apple.com (renderiza\u00e7\u00e3o Unicode)\r\n                    \u2193\r\nV\u00edtima v\u00ea:          Dom\u00ednio aparentemente leg\u00edtimo\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Caracteres Confus\u00edveis<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Existem\u00a0<strong>milhares<\/strong>\u00a0de caracteres Unicode que se parecem com letras latinas:\u200b<\/p>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Latino (Real)<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Cir\u00edlico (Falso)<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Grego (Falso)<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">C\u00f3digo Unicode<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">a<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0430<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03b1<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0430, U+03B1<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">e<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0435<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03b5<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0435, U+03B5<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">o<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u043e<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03bf<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+043E, U+03BF<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">p<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0440<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03c1<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0440, U+03C1<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">c<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0441<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">&#8211;<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0441<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">x<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0445<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03c7<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0445, U+03C7<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">i<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u0456<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u03b9<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0456, U+03B9<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Resultado:<\/strong>\u00a0Atacantes podem criar vers\u00f5es &#8220;id\u00eanticas&#8221; de\u00a0<strong>qualquer<\/strong>\u00a0site popular.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Certificados SSL V\u00e1lidos<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O ataque fica ainda mais convincente porque atacantes conseguem certificados HTTPS leg\u00edtimos para dom\u00ednios homogr\u00e1ficos:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/\u0430pple.com\r\n\ud83d\udd12 Conex\u00e3o segura\r\n\u2705 Certificado v\u00e1lido emitido por Let's Encrypt\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rios veem o\u00a0<strong>cadeado verde<\/strong>\u00a0e confiam no site, mesmo sendo fraudulento.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"anti-homograph-riscos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u26a0\ufe0f Quais os Riscos?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Usu\u00e1rios Gerais<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Roubo de credenciais<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">P\u00e1gina de login falsa id\u00eantica ao site leg\u00edtimo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rio digita email e senha acreditando estar seguro<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Credenciais roubadas s\u00e3o usadas para invas\u00e3o de contas<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Distribui\u00e7\u00e3o de malware<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Site falso oferece &#8220;atualiza\u00e7\u00e3o&#8221; ou download<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">V\u00edtima instala ransomware, spyware ou trojan<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dispositivo comprometido sem sinais vis\u00edveis<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Roubo financeiro<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Vers\u00f5es falsas de sites banc\u00e1rios ou PayPal<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dados de cart\u00e3o de cr\u00e9dito capturados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Transa\u00e7\u00f5es fraudulentas realizadas<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Avia\u00e7\u00e3o (Usu\u00e1rios do NOTAMSpot)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. METARs\/TAFs adulterados<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Site leg\u00edtimo:  aviationweather.gov\r\nSite falso:     \u0430viationweather.gov (\u0430 cir\u00edlico)\r\n\r\nMETAR falsificado servido:\r\nSBGR 081200Z 27008KT 9999 FEW030\r\n(Condi\u00e7\u00f5es VFR falsas)\r\n\r\nRealidade:\r\nSBGR 081200Z 27035G50KT 1200 -TSRA\r\n(Condi\u00e7\u00f5es IMC perigosas)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Consequ\u00eancia:<\/strong>\u00a0Piloto toma decis\u00e3o go\/no-go baseada em dados falsos \u2192 risco de acidente.<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>5. NOTAMs omitidos<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Site falso: n\u043etams.aim.faa.gov (\u043e cir\u00edlico)\r\n\r\nNOTAM cr\u00edtico omitido:\r\n\"TFR ativo SBSP 081200-081800Z - Espa\u00e7o a\u00e9reo presidencial\"\r\n\r\nConsequ\u00eancia:\r\n- Viola\u00e7\u00e3o inadvertida de TFR\r\n- Multa de US$ 10.000 a US$ 50.000\r\n- Suspens\u00e3o de licen\u00e7a de piloto\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>6. Credenciais militares comprometidas<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Site falso: \u0430isweb.decea.mil.br (\u0430 cir\u00edlico)\r\n\r\nLogin capturado:\r\n- Usu\u00e1rio: capitao.silva\r\n- Senha: ********\r\n\r\nAtacante ganha acesso a:\r\n- Sistemas de planejamento de miss\u00f5es\r\n- Dados de intelig\u00eancia aeron\u00e1utica\r\n- Rede C2 (Comando e Controle) militar\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"estatsticas-do-problema\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcca Estat\u00edsticas do Problema<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Incid\u00eancia global (2024-2025):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">10% dos dom\u00ednios homogr\u00e1ficos possuem certificados HTTPS v\u00e1lidos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">220% de aumento em phishing durante pandemias\/crises<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">0,25% de todos os dom\u00ednios de phishing usam IDN homograph (mas com 95%+ de taxa de sucesso)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ataques direcionados (APT) e ransomware Big Game Hunting usam homograph em 30%+ dos casos\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Por que \u00e9 efetivo:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rios\u00a0<strong>n\u00e3o conseguem<\/strong>\u00a0detectar visualmente<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Treinamento anti-phishing tradicional\u00a0<strong>falha<\/strong>\u00a0(usu\u00e1rios checam URL, HTTPS, cadeado)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ferramentas de seguran\u00e7a legadas\u00a0<strong>n\u00e3o detectam<\/strong>\u00a0(SEG, firewalls baseados em regex)<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Caso real &#8211; Jet Airways (2020):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednio falso:\u00a0<code>jetairways.com<\/code>\u00a0(sem o &#8220;i&#8221; em &#8220;jetai&#8221;)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Punycode usado para substituir caracteres<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Milhares de usu\u00e1rios roubaram dados de cart\u00e3o em compras de passagens falsas<\/p>\n<\/li>\n<\/ul>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"anti-homograph-protecao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udee1\ufe0f Como o NOTAMSpot Protege<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot implementa <strong>5 camadas<\/strong>\u00a0de defesa contra ataques homogr\u00e1ficos:<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Camada 1: Detec\u00e7\u00e3o de Caracteres N\u00e3o-ASCII<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code>\u2705 Valida cada caractere <span class=\"token token\">do<\/span> dom\u00ednio\r\n\u274c Bloqueia qualquer c\u00f3digo fora de a<span class=\"token token operator\">-<\/span>z<span class=\"token token punctuation\">,<\/span> <span class=\"token token\">0<\/span><span class=\"token token operator\">-<\/span><span class=\"token token\">9<\/span><span class=\"token token punctuation\">,<\/span> ponto<span class=\"token token punctuation\">,<\/span> h\u00edfen\r\n\ud83d\udd0d Identifica posi\u00e7\u00e3o<span class=\"token token punctuation\">,<\/span> c\u00f3digo Unicode e alfabeto de origem\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplo:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>URL visitada: \u0430isweb.decea.mil.br\r\n\r\nNOTAMSpot detecta:\r\nCaractere: \u0430\r\nPosi\u00e7\u00e3o: 0\r\nUnicode: U+0430\r\nAlfabeto: CYRILLIC SMALL LETTER A\r\nVeredicto: \u274c BLOQUEADO\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Camada 2: Normaliza\u00e7\u00e3o Skeleton<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Converte\u00a0<strong>todos<\/strong> os caracteres confus\u00edveis para equivalentes ASCII:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">Skeleton<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">\"\u0430pple.com\"<\/span><span class=\"token token punctuation\">)<\/span>          \u2192 <span class=\"token token\">\"apple.com\"<\/span>\r\n<span class=\"token token\">Skeleton<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">\"micr\u03bfs\u03bfft.com\"<\/span><span class=\"token token punctuation\">)<\/span>      \u2192 <span class=\"token token\">\"microsoft.com\"<\/span>\r\n<span class=\"token token\">Skeleton<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">\"\u0430viationweather.gov\"<\/span><span class=\"token token punctuation\">)<\/span> \u2192 <span class=\"token token\">\"aviationweather.gov\"<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O sistema ent\u00e3o compara o skeleton com lista de <strong>\u00a0whitelist dom\u00ednios oficiais de avia\u00e7\u00e3o<\/strong>.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Camada 3: Valida\u00e7\u00e3o Byte-a-Byte<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Mesmo que o skeleton corresponda, verifica se os bytes originais s\u00e3o\u00a0<strong>exatamente<\/strong> iguais:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Dom\u00ednio oficial:  aisweb.decea.mil.br\r\nBytes:            61 69 73 77 65 62... (ASCII puro)\r\n\r\nDom\u00ednio visitado: \u0430isweb.decea.mil.br\r\nBytes:            D0 B0 69 73 77 65 62... (come\u00e7a com cir\u00edlico)\r\n                  \u2191\r\nVeredicto: \u274c HOMOGRAPH ATTACK DETECTED\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Camada 4: Detec\u00e7\u00e3o de Script Mixing<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Identifica mistura de alfabetos (latino + cir\u00edlico, latino + grego):<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>g\u043e\u043egle.com        \u2192 Scripts: [LATIN, CYRILLIC] \u274c BLOQUEADO\r\ngoogle.com        \u2192 Scripts: [LATIN] \u2705 PERMITIDO\r\n\u0433\u0443\u0433\u043b.\u0440\u0444           \u2192 Scripts: [CYRILLIC] \u2705 PERMITIDO (Google R\u00fassia oficial)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Regra:<\/strong>\u00a0Dom\u00ednios de avia\u00e7\u00e3o\u00a0<strong>devem<\/strong>\u00a0usar apenas ASCII latino.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Camada 5: Inspe\u00e7\u00e3o de Punycode<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Decodifica dom\u00ednios\u00a0<code>xn--<\/code> e valida contra whitelist:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>URL recebida:     https:\/\/xn--pple-43d.com\r\n\r\nNOTAMSpot processa:\r\n1. Detecta prefixo xn-- (Punycode IDN)\r\n2. Decodifica: \u0430pple (caracteres cir\u00edlicos)\r\n3. Normaliza skeleton: apple\r\n4. Compara whitelist: NENHUM dom\u00ednio oficial \"apple\"\r\n5. Veredicto: \u26a0\ufe0f SUSPEITO (exibe aviso)\r\n\r\nSe skeleton correspondesse a dom\u00ednio oficial:\r\nVeredicto: \u274c HOMOGRAPH ATTACK - BLOQUEADO\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"interface-de-proteo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfaf Interface de Prote\u00e7\u00e3o<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando site\u00a0<strong>leg\u00edtimo<\/strong> \u00e9 acessado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u2705 SITE OFICIAL VERIFICADO\r\n\r\n\ud83d\udd12 Conex\u00e3o segura validada\r\n\ud83d\udccb Dom\u00ednio: aisweb.decea.mil.br\r\n\ud83d\udee1\ufe0f Status: Fonte oficial verificada\r\n\u2713 Conte\u00fado confi\u00e1vel\r\n\u2713 Aus\u00eancia de amea\u00e7as detectadas\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando\u00a0<strong>homograph attack<\/strong> \u00e9 detectado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u26a0\ufe0f AMEA\u00c7A DE SEGURAN\u00c7A DETECTADA\r\n\r\n\ud83c\udfad Caracteres confus\u00edveis detectados\r\n   Dom\u00ednio exibido: \u0430isweb.decea.mil.br\r\n   Skeleton normalizado: aisweb.decea.mil.br\r\n   Corresponde a: aisweb.decea.mil.br (site oficial)\r\n\r\n\ud83d\udd0d Caracteres suspeitos identificados:\r\n   \u0430 \u2192 U+0430 (CYRILLIC SMALL LETTER A)\r\n\r\n\ud83d\udeab Prote\u00e7\u00e3o anti-phishing ativa\r\n\u2708\ufe0f Acesso bloqueado por seguran\u00e7a\r\n\r\n\u2705 Dom\u00ednio oficial correto:\r\n   https:\/\/aisweb.decea.mil.br\r\n\r\n[Acessar Site Oficial] [Reportar Amea\u00e7a]\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"lista-de-domnios-protegidos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udd10 Lista de Dom\u00ednios Protegidos<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot mant\u00e9m whitelist curada de dom\u00ednios cr\u00edticos de avia\u00e7\u00e3o:<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2><\/h2>\n<h2 id=\"punycode-attack-prevention\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 4. Punycode Attack Prevention (xn--)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia dom\u00ednios IDN maliciosos codificados em punycode:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>\u274c BLOQUEADO\r\n(representa \"xn--\" com caractere grego)<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3683 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert.jpg\" alt=\"NOTAMSpot red security alert detecting a punycode xn-- domain and blocking a potential homograph typosquatting attack\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-spoofing-characters-confusable-faa-notam-alert-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 05: <\/strong>Simula\u00e7\u00e3o de spoofing via Punycode (<code>xn--<\/code>): o NOTAMSpot identifica dom\u00ednio codificado\/obfuscado (indicativo comum de homograph\/typosquatting), marca como\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong>\u00a0e bloqueia a a\u00e7\u00e3o \u201cForce Search\u201d. A prote\u00e7\u00e3o evita que varia\u00e7\u00f5es enganosas imitem portais oficiais, refor\u00e7ando a Camada 1 (Whitelist) com detec\u00e7\u00e3o anti-phishing.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<h2 id=\"punycode-o-que-e\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">O que \u00e9 Punycode?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Punycode<\/strong>\u00a0\u00e9 um sistema de codifica\u00e7\u00e3o que converte caracteres Unicode (alfabetos n\u00e3o-ASCII como cir\u00edlico, grego, \u00e1rabe, chin\u00eas) em strings ASCII compat\u00edveis com o DNS. Ele foi criado para permitir\u00a0<strong>Internationalized Domain Names (IDN)<\/strong>\u00a0\u2014 dom\u00ednios em idiomas n\u00e3o-latinos.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Como funciona<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednios com caracteres especiais s\u00e3o convertidos para o formato\u00a0<code>xn--[c\u00f3digo]<\/code>:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>\u03b1\u03c1\u03c1\u03b9\u03f5<\/code>\u00a0(letras gregas parecidas com &#8220;apple&#8221;) \u2192\u00a0<code>xn--mxail5aa<\/code>\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>micr\u043es\u043eft.com<\/code>\u00a0(usando &#8220;\u043e&#8221; cir\u00edlico) \u2192\u00a0<code>xn--microsft-5xa.com<\/code>\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>\u0430\u0440\u0440\u04cf\u0435.com<\/code>\u00a0(caracteres cir\u00edlicos) \u2192\u00a0<code>xn--pple-43d.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Navegadores modernos\u00a0<strong>renderizam<\/strong>\u00a0esses dom\u00ednios na forma Unicode na barra de endere\u00e7os, ocultando o c\u00f3digo\u00a0<code>xn--<\/code>\u00a0e tornando o ataque invis\u00edvel.\u200b<\/p>\n<h2 id=\"punycode-impacto-seguranca\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como impacta a seguran\u00e7a: Homograph Attacks<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Homograph attacks<\/strong>\u00a0(ou ataques homogr\u00e1ficos) exploram a semelhan\u00e7a visual entre caracteres de alfabetos diferentes para criar dom\u00ednios\u00a0<strong>visualmente id\u00eanticos<\/strong>\u00a0a sites leg\u00edtimos:\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Exemplos de caracteres confus\u00edveis<\/h2>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Leg\u00edtimo (ASCII)<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Falso (Unicode)<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">C\u00f3digo Unicode<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>a<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>\u0430<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0430 (cir\u00edlico)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>o<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>\u043e<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+043E (cir\u00edlico)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>e<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>\u0435<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0435 (cir\u00edlico)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>i<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>\u0131<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+0131 (latino sem ponto)<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>t<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>\u03c4<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">U+03C4 (grego tau)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Casos reais documentados<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Coinbase phishing (2025):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednio fraudulento:\u00a0<code>co\u0131nbase.com<\/code>\u00a0(usando\u00a0<code>\u0131<\/code>\u00a0U+0131)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Codificado como:\u00a0<code>xn--conbase-[c\u00f3digo].com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">V\u00edtimas digitavam credenciais pensando estar no site oficial<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Microsoft spoofing:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednio falso:\u00a0<code>micr\u043es\u043eft.com<\/code>\u00a0(dois\u00a0<code>\u043e<\/code>\u00a0cir\u00edlicos)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Visualmente id\u00eantico ao\u00a0<code>microsoft.com<\/code>\u00a0leg\u00edtimo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usado para distribuir malware em campanhas de phishing<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"punycode-por-que-perigoso\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Por que \u00e9 perigoso<\/h2>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Bypass de filtros:<\/strong>\u00a0URLs codificadas em punycode (<code>xn--<\/code>) passam despercebidas por regex e blocklists tradicionais\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Invisibilidade visual:<\/strong>\u00a0Navegadores mostram\u00a0<code>\u0430pple.com<\/code>\u00a0em vez de\u00a0<code>xn--pple-43d.com<\/code>, enganando at\u00e9 usu\u00e1rios experientes\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Escala ilimitada:<\/strong>\u00a0Com milhares de caracteres Unicode dispon\u00edveis, atacantes podem gerar infinitas varia\u00e7\u00f5es de qualquer dom\u00ednio\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Evas\u00e3o de detec\u00e7\u00e3o:<\/strong>\u00a0Emails e logs mostram strings\u00a0<code>xn--<\/code>\u00a0que parecem inofensivas, retardando resposta de times de seguran\u00e7a\u200b<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"punycode-deteccao-scg\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como o NOTAMSpot detecta<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">No contexto da descri\u00e7\u00e3o que voc\u00ea mencionou:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O sistema identifica o prefixo\u00a0<code>xn--<\/code>\u00a0no dom\u00ednio\u00a0<code>https:\/\/xn--aisweb.decea.mil.br<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Decodifica o punycode e compara com lista de dom\u00ednios oficiais conhecidos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detecta caracteres confus\u00edveis (por exemplo,\u00a0<code>\u0430<\/code>\u00a0cir\u00edlico vs\u00a0<code>a<\/code>\u00a0latino)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Classifica como\u00a0<strong>spoofing\/homograph attack<\/strong><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia acesso e exibe alerta vermelho<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Isso protege pilotos e operadores de avia\u00e7\u00e3o contra p\u00e1ginas falsas que imitam portais oficiais como AISWEB, evitando roubo de credenciais ou download de informa\u00e7\u00f5es meteorol\u00f3gicas\/NOTAMs adulteradas.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"subdomain-authorization-mapping\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 5. Subdomain Authorization Mapping<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Apenas subdom\u00ednios explicitamente mapeados s\u00e3o permitidos:<\/p>\n<div class=\"group relative\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Dom\u00ednio Base<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Subdom\u00ednios Autorizados<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Exemplo Bloqueado<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>faa.gov<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>www<\/code>,\u00a0<code>notams.aim<\/code>,\u00a0<code>pilotweb.nas<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>phishing.faa.gov<\/code>\u00a0\ud83d\udeab<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>decea.mil.br<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>aisweb<\/code>,\u00a0<code>redemet<\/code>,\u00a0<code>servicos<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>fake.aisweb.decea.mil.br<\/code>\u00a0\ud83d\udeab<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3684 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam.jpg\" alt=\"NOTAMSpot showing a red security alert blocking an unauthorized subdomain and locking Force Search for user safety\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-unauthorized-subdomain-blocked-faa-notam-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 06: <\/strong>Simula\u00e7\u00e3o de subdom\u00ednio malicioso: mesmo quando o dom\u00ednio base parece leg\u00edtimo, o NOTAMSpot aplica mapeamento e autoriza\u00e7\u00e3o de subdom\u00ednios. Ao identificar um subdom\u00ednio n\u00e3o permitido (ex.:\u00a0<code>malware.*<\/code>), o sistema dispara alerta vermelho de\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong> e bloqueia o acesso, impedindo o \u201cForce Search\u201d e evitando an\u00e1lise em um endpoint potencialmente comprometido.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<div class=\"group relative\">\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3685 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection.jpg\" alt=\"NOTAMSpot showing a red security alert for subdomain spoofing, flagging a fake site and locking Force Search\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-subdomain-spoofing-fake-faa-notam-detection-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p style=\"text-align: right;\"><strong>Figura 07: <\/strong>Simula\u00e7\u00e3o de\u00a0<em>subdomain spoofing<\/em>: o NOTAMSpot identifica um subdom\u00ednio enganoso (ex.:\u00a0<code>fake.*<\/code>) usado para imitar um portal aeron\u00e1utico leg\u00edtimo. Ao detectar a tentativa de falsifica\u00e7\u00e3o, o sistema exibe alerta vermelho de\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong>, sinaliza \u201cFake site\u201d e bloqueia a a\u00e7\u00e3o \u201cForce Search\u201d, prevenindo an\u00e1lise e intera\u00e7\u00e3o com endpoints n\u00e3o confi\u00e1veis.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<h2 id=\"subdomain-o-que-e\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcd6 O que \u00e9 Subdomain Authorization Mapping?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Subdomain Authorization Mapping<\/strong>\u00a0\u00e9 um sistema de seguran\u00e7a que mant\u00e9m um\u00a0<strong>mapeamento autorizado de subdom\u00ednios leg\u00edtimos<\/strong>\u00a0para cada dom\u00ednio oficial, bloqueando automaticamente acessos a subdom\u00ednios\u00a0<strong>n\u00e3o autorizados, maliciosos ou comprometidos<\/strong>.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Estrutura de dom\u00ednios e subdom\u00ednios:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Dom\u00ednio raiz:       aviationweather.gov\r\n                           \u2193\r\nSubdom\u00ednios:        \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n                    \u2193             \u2193\r\n            www.aviationweather.gov  adds.aviationweather.gov\r\n                    \u2705 AUTORIZADO        \u2705 AUTORIZADO\r\n\r\n            malware.aviationweather.gov  phishing.aviationweather.gov\r\n                    \u274c N\u00c3O AUTORIZADO     \u274c N\u00c3O AUTORIZADO\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"subdomain-como-funcionam-ataques\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udd2c Como Funcionam Ataques via Subdom\u00ednios?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>Subdomain Takeover (Sequestro de Subdom\u00ednio)<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ocorre quando atacantes\u00a0<strong>assumem controle<\/strong>\u00a0de um subdom\u00ednio leg\u00edtimo devido a configura\u00e7\u00f5es DNS abandonadas ou mal gerenciadas.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Processo t\u00edpico:<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>1. Organiza\u00e7\u00e3o cria subdom\u00ednio:\r\n   staging.aviationweather.gov \u2192 CNAME \u2192 staging-12345.herokuapp.com\r\n\r\n2. Servi\u00e7o Heroku \u00e9 desativado:\r\n   staging-12345.herokuapp.com n\u00e3o existe mais\r\n\r\n3. DNS ainda aponta para Heroku:\r\n   staging.aviationweather.gov \u2192 CNAME \u2192 staging-12345.herokuapp.com\r\n                                             \u2191\r\n                                    \u00d3RF\u00c3O (sem host)\r\n\r\n4. Atacante registra no Heroku:\r\n   staging-12345.herokuapp.com (agora controlado por atacante)\r\n\r\n5. Atacante serve conte\u00fado malicioso:\r\n   https:\/\/staging.aviationweather.gov\r\n   \u2191 Dom\u00ednio leg\u00edtimo, mas conte\u00fado do atacante\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Resultado:<\/strong>\u00a0Subdom\u00ednio oficial serve phishing, malware ou p\u00e1ginas fraudulentas.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Malicious Subdomain Registration<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacantes criam subdom\u00ednios com\u00a0<strong>nomes suspeitos<\/strong> que parecem leg\u00edtimos:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<pre class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/pre>\n<\/div>\n<pre><code>Subdom\u00ednios leg\u00edtimos:\r\n- www.aviationweather.gov\r\n- adds.aviationweather.gov\r\n- forecast.aviationweather.gov\r\n\r\nSubdom\u00ednios maliciosos criados por atacantes:\r\n- login.aviationweather.gov (n\u00e3o existe oficialmente)\r\n- secure-login.aviationweather.gov (phishing)\r\n- malware.aviationweather.gov (distribui\u00e7\u00e3o de malware)\r\n- admin.aviationweather.gov (acesso n\u00e3o autorizado)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Subdomain Wildcard Exploitation<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednios com wildcard DNS (<code>*.example.com<\/code>) permitem\u00a0<strong>qualquer<\/strong>\u00a0subdom\u00ednio:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong>text<\/strong><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>DNS configurado:\r\n*.aviationweather.gov \u2192 192.0.2.100\r\n\r\nVulnerabilidade:\r\n- QUALQUER subdom\u00ednio resolve para o mesmo IP\r\n- Atacante pode criar: hack.aviationweather.gov\r\n- Sistema leg\u00edtimo n\u00e3o valida se subdom\u00ednio \u00e9 autorizado\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"subdomain-riscos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u26a0\ufe0f Quais os Riscos?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Usu\u00e1rios Gerais<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Phishing convincente<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Email fraudulento:\r\n\"Atualize seus dados em: https:\/\/secure-login.aviationweather.gov\"\r\n\r\nV\u00edtima v\u00ea:\r\n\u2713 Dom\u00ednio oficial: aviationweather.gov\r\n\u2713 HTTPS v\u00e1lido (certificado Let's Encrypt)\r\n\u2713 URL parece leg\u00edtima\r\n\r\nRealidade:\r\n\u274c Subdom\u00ednio n\u00e3o autorizado\r\n\u274c Servidor controlado por atacante\r\n\u274c Credenciais roubadas\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong><br \/>\n2. Distribui\u00e7\u00e3o de malware<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Subdom\u00ednio comprometido:\r\nhttps:\/\/updates.aviationweather.gov\/chrome-update.exe\r\n\r\nConte\u00fado:\r\n- Parece atualiza\u00e7\u00e3o oficial do navegador\r\n- Hospedado em dom\u00ednio .gov confi\u00e1vel\r\n- Usu\u00e1rio baixa e executa malware\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Roubo de cookies e sess\u00f5es<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Subdom\u00ednio malicioso:\r\nhttps:\/\/analytics.aviationweather.gov\r\n\r\nScript injetado:\r\ndocument.cookie \u2192 captura cookies do dom\u00ednio pai\r\nEnvia para: attacker-server.com\r\n\r\nCookies roubados incluem:\r\n- session_id (acesso \u00e0 conta)\r\n- auth_token (autentica\u00e7\u00e3o)\r\n- user_data (informa\u00e7\u00f5es pessoais)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 id=\"protocolos-protecao-scg\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Avia\u00e7\u00e3o (Usu\u00e1rios do NOTAMSpot)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. METARs\/TAFs falsificados via subdom\u00ednio falso<\/strong><\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Cen\u00e1rio real:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">\n<p><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Email phishing para pilotos:\r\n\"Nova interface de consulta meteorol\u00f3gica:\r\nhttps:\/\/metar.aviationweather.gov\"\r\n\r\nSubdom\u00ednio N\u00c3O AUTORIZADO serve dados falsos:\r\nSBGR 081200Z 09008KT 9999 FEW030\r\n(VFR seguro - FALSO)\r\n\r\nOficial (adds.aviationweather.gov):\r\nSBGR 081200Z 27035G50KT 1200 -TSRA\r\n(IMC perigoso - REAL)\r\n\r\nPiloto decide GO baseado em METAR falso\r\nRisco: Acidente por condi\u00e7\u00f5es reais n\u00e3o reportadas\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>5. NOTAMs omitidos por subdomain takeover<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Subdom\u00ednio sequestrado:\r\nhttps:\/\/notam.aviationweather.gov\r\n(oficial usa: www.notams.faa.gov)\r\n\r\nAtacante omite NOTAM cr\u00edtico:\r\n\"SBSP RWY 09L\/27R FECHADA 081200-081800Z\"\r\n\r\nPiloto planeja pouso na 27R\r\nTorre rejeita autoriza\u00e7\u00e3o\r\nEmerg\u00eancia por combust\u00edvel\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>6. Credenciais militares capturadas<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Subdom\u00ednio malicioso criado:\r\nhttps:\/\/login-secure.aisweb.decea.mil.br\r\n\r\nP\u00e1gina de login id\u00eantica \u00e0 oficial\r\nPiloto militar digita credenciais\r\n\r\nDados capturados:\r\n- Usu\u00e1rio: maj.oliveira\r\n- Senha: Mirage2024!\r\n- IP: 200.xxx.xxx.xxx\r\n- Browser fingerprint\r\n\r\nAtacante acessa sistemas reais com credenciais\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>7. Inje\u00e7\u00e3o de scripts maliciosos<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Subdom\u00ednio comprometido:\r\nhttps:\/\/cdn.aviationweather.gov\/scripts\/analytics.js\r\n\r\nScript malicioso injetado:\r\n- Modifica valores de METAR exibidos\r\n- Altera TAFs antes de renderizar\r\n- Injeta propaganda de produtos falsificados\r\n- Captura dados de formul\u00e1rios\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"estatsticas-do-problema\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcca Estat\u00edsticas do Problema<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Incid\u00eancia global (2023-2024):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>50% das organiza\u00e7\u00f5es<\/strong>\u00a0possuem pelo menos 1 subdom\u00ednio vulner\u00e1vel a takeover\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1.000+ empresas Fortune 500<\/strong>\u00a0identificadas com subdom\u00ednios \u00f3rf\u00e3os\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>20% dos ataques de phishing<\/strong>\u00a0usam subdom\u00ednios comprometidos\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>DNS wildcard mal configurado<\/strong>\u00a0em 35% dos dom\u00ednios corporativos\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Casos reais documentados:<\/strong>\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Donald Trump Campaign (2017):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Subdom\u00ednio sequestrado:\u00a0<code>donate.donaldjtrump.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante serviu p\u00e1gina de doa\u00e7\u00e3o falsa<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">DNS \u00f3rf\u00e3o apontando para Zendesk desativado<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Uber Multiple Takeovers:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>saostatic.uber.com<\/code>\u00a0\u2192 bypass de SSO<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>signup.uber.com<\/code>\u00a0\u2192 phishing de credenciais<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Reportado via HackerOne, pago US$ 5.000+ por bounty<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Starbucks Multiple Vulnerabilities:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">M\u00faltiplos subdom\u00ednios \u00f3rf\u00e3os descobertos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Apontavam para AWS S3, GitHub Pages desativados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Risco de phishing em escala global<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>UNICEF Malware Distribution:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Subdom\u00ednio sequestrado para distribuir malware<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Explorou registro DNS \u00f3rf\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usado em campanhas de ransomware<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Impacto financeiro:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Custo m\u00e9dio de breach:<\/strong>\u00a0US$ 150.000 &#8211; US$ 500.000<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Danos \u00e0 reputa\u00e7\u00e3o:<\/strong>\u00a0Queda de 25-40% na confian\u00e7a do cliente<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Perda de SEO:<\/strong>\u00a0Penalidade do Google por conte\u00fado malicioso<\/p>\n<\/li>\n<\/ul>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"como-o-smartcontentguard-protege\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udee1\ufe0f Como o NOTAMSpot Protege<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot implementa <strong>Subdomain Authorization Mapping<\/strong>\u00a0com valida\u00e7\u00e3o multicamadas:\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>1. Lista de Subdom\u00ednios Autorizados<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Mant\u00e9m mapeamento expl\u00edcito de subdom\u00ednios leg\u00edtimos para cada dom\u00ednio oficial:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<p class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong><span style=\"font-family: Consolas, Monaco, monospace;\">javascript<\/span><\/strong><\/p>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code><span class=\"token token\">const<\/span> <span class=\"token token constant\">AUTHORIZED_SUBDOMAINS<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token string-property property\">'aviationweather.gov'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'www'<\/span><span class=\"token token punctuation\">,<\/span>           <span class=\"token token\">\/\/ www.aviationweather.gov<\/span>\r\n    <span class=\"token token\">'adds'<\/span><span class=\"token token punctuation\">,<\/span>          <span class=\"token token\">\/\/ adds.aviationweather.gov<\/span>\r\n    <span class=\"token token\">'forecast'<\/span><span class=\"token token punctuation\">,<\/span>      <span class=\"token token\">\/\/ forecast.aviationweather.gov<\/span>\r\n    <span class=\"token token\">'aviationweather'<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token\">\/\/ aviationweather.aviationweather.gov (root)<\/span>\r\n    <span class=\"token token\">''<\/span>               <span class=\"token token\">\/\/ aviationweather.gov (sem subdom\u00ednio)<\/span>\r\n  <span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">,<\/span>\r\n  \r\n  <span class=\"token token string-property property\">'decea.mil.br'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'aisweb'<\/span><span class=\"token token punctuation\">,<\/span>        <span class=\"token token\">\/\/ aisweb.decea.mil.br<\/span>\r\n    <span class=\"token token\">'redemet'<\/span><span class=\"token token punctuation\">,<\/span>       <span class=\"token token\">\/\/ redemet.decea.mil.br<\/span>\r\n    <span class=\"token token\">'notam'<\/span><span class=\"token token punctuation\">,<\/span>         <span class=\"token token\">\/\/ notam.decea.mil.br<\/span>\r\n    <span class=\"token token\">'ais'<\/span><span class=\"token token punctuation\">,<\/span>           <span class=\"token token\">\/\/ ais.decea.mil.br<\/span>\r\n    <span class=\"token token\">''<\/span>               <span class=\"token token\">\/\/ decea.mil.br (sem subdom\u00ednio)<\/span>\r\n  <span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">,<\/span>\r\n  \r\n  <span class=\"token token string-property property\">'faa.gov'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'notams.aim'<\/span><span class=\"token token punctuation\">,<\/span>    <span class=\"token token\">\/\/ notams.aim.faa.gov<\/span>\r\n    <span class=\"token token\">'tfr'<\/span><span class=\"token token punctuation\">,<\/span>           <span class=\"token token\">\/\/ tfr.faa.gov<\/span>\r\n    <span class=\"token token\">'www'<\/span><span class=\"token token punctuation\">,<\/span>           <span class=\"token token\">\/\/ www.faa.gov<\/span>\r\n    <span class=\"token token\">''<\/span>               <span class=\"token token\">\/\/ faa.gov<\/span>\r\n  <span class=\"token token punctuation\">]<\/span>\r\n<span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>2. Extra\u00e7\u00e3o e Valida\u00e7\u00e3o de Subdom\u00ednio<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">function<\/span> <span class=\"token token\">validateSubdomain<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">url<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> hostname <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>hostname<span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Extrai partes do hostname<\/span>\r\n  <span class=\"token token\">const<\/span> parts <span class=\"token token operator\">=<\/span> hostname<span class=\"token token punctuation\">.<\/span><span class=\"token token\">split<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Identifica dom\u00ednio raiz (\u00faltimos 2 ou 3 componentes)<\/span>\r\n  <span class=\"token token\">let<\/span> rootDomain<span class=\"token token punctuation\">,<\/span> subdomain<span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>parts<span class=\"token token punctuation\">.<\/span>length <span class=\"token token operator\">&gt;=<\/span> <span class=\"token token\">3<\/span> <span class=\"token token operator\">&amp;&amp;<\/span> parts<span class=\"token token punctuation\">[<\/span>parts<span class=\"token token punctuation\">.<\/span>length<span class=\"token token operator\">-<\/span><span class=\"token token\">2<\/span><span class=\"token token punctuation\">]<\/span> <span class=\"token token operator\">===<\/span> <span class=\"token token\">'mil'<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">\/\/ Caso especial: .mil.br, .gov.br<\/span>\r\n    rootDomain <span class=\"token token operator\">=<\/span> parts<span class=\"token token punctuation\">.<\/span><span class=\"token token\">slice<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">-<\/span><span class=\"token token\">3<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">join<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n    subdomain <span class=\"token token operator\">=<\/span> parts<span class=\"token token punctuation\">.<\/span><span class=\"token token\">slice<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">0<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token operator\">-<\/span><span class=\"token token\">3<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">join<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span> <span class=\"token token\">else<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">\/\/ Caso padr\u00e3o: .com, .gov, .org<\/span>\r\n    rootDomain <span class=\"token token operator\">=<\/span> parts<span class=\"token token punctuation\">.<\/span><span class=\"token token\">slice<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">-<\/span><span class=\"token token\">2<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">join<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n    subdomain <span class=\"token token operator\">=<\/span> parts<span class=\"token token punctuation\">.<\/span><span class=\"token token\">slice<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">0<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token operator\">-<\/span><span class=\"token token\">2<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">join<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> rootDomain<span class=\"token token punctuation\">,<\/span> subdomain <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplo de parsing:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>URL: https:\/\/malware.aviationweather.gov\r\n\r\nParsing:\r\nhostname: malware.aviationweather.gov\r\nparts: ['malware', 'aviationweather', 'gov']\r\nrootDomain: aviationweather.gov\r\nsubdomain: malware\r\n\r\nValida\u00e7\u00e3o:\r\n\u2713 rootDomain est\u00e1 na whitelist\r\n\u2717 subdomain 'malware' N\u00c3O est\u00e1 em AUTHORIZED_SUBDOMAINS['aviationweather.gov']\r\nVeredicto: \u274c SUBDOM\u00cdNIO N\u00c3O AUTORIZADO\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>3. Verifica\u00e7\u00e3o contra Lista Autorizada<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">function<\/span> <span class=\"token token\">checkSubdomainAuthorization<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">url<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> <span class=\"token token punctuation\">{<\/span> rootDomain<span class=\"token token punctuation\">,<\/span> subdomain <span class=\"token token punctuation\">}<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token\">validateSubdomain<\/span><span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Verifica se dom\u00ednio raiz \u00e9 oficial<\/span>\r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">!<\/span><span class=\"token token constant\">AUTHORIZED_SUBDOMAINS<\/span><span class=\"token token punctuation\">[<\/span>rootDomain<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'UNKNOWN_ROOT_DOMAIN'<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Verifica se subdom\u00ednio est\u00e1 na lista autorizada<\/span>\r\n  <span class=\"token token\">const<\/span> allowedSubs <span class=\"token token operator\">=<\/span> <span class=\"token token constant\">AUTHORIZED_SUBDOMAINS<\/span><span class=\"token token punctuation\">[<\/span>rootDomain<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">!<\/span>allowedSubs<span class=\"token token punctuation\">.<\/span><span class=\"token token\">includes<\/span><span class=\"token token punctuation\">(<\/span>subdomain<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'UNAUTHORIZED_SUBDOMAIN'<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">details<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">{<\/span>\r\n        <span class=\"token token literal-property property\">attempted<\/span><span class=\"token token operator\">:<\/span> subdomain<span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">rootDomain<\/span><span class=\"token token operator\">:<\/span> rootDomain<span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">fullHostname<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">subdomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string\">.<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">rootDomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">allowedSubdomains<\/span><span class=\"token token operator\">:<\/span> allowedSubs\r\n      <span class=\"token token punctuation\">}<\/span>\r\n    <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>4. Detec\u00e7\u00e3o de Padr\u00f5es Maliciosos<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Identifica subdom\u00ednios com nomes suspeitos mesmo que dom\u00ednio raiz n\u00e3o esteja na whitelist:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">const<\/span> <span class=\"token token constant\">MALICIOUS_SUBDOMAIN_PATTERNS<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">[<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(login|signin|auth|secure|account|verify|update|confirm)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(admin|panel|dashboard|control|manage)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(api|cdn|static|assets|download)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(mail|smtp|imap|webmail|exchange)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(malware|phishing|hack|exploit)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-source language-regex\">^(test|staging|dev|beta|demo)<\/span><span class=\"token token regex-delimiter\">\/<\/span><span class=\"token token regex-flags\">i<\/span>  <span class=\"token token\">\/\/ Subdom\u00ednios de desenvolvimento<\/span>\r\n<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">function<\/span> <span class=\"token token\">detectMaliciousSubdomain<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">subdomain<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">for<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token\">const<\/span> pattern <span class=\"token token\">of<\/span> <span class=\"token token constant\">MALICIOUS_SUBDOMAIN_PATTERNS<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>pattern<span class=\"token token punctuation\">.<\/span><span class=\"token token\">test<\/span><span class=\"token token punctuation\">(<\/span>subdomain<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n        <span class=\"token token literal-property property\">detected<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">pattern<\/span><span class=\"token token operator\">:<\/span> pattern<span class=\"token token punctuation\">.<\/span><span class=\"token token\">toString<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">risk<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'HIGH'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'Padr\u00e3o suspeito de phishing\/takeover'<\/span>\r\n      <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token punctuation\">}<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">detected<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplos detectados:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>login.aviationweather.gov     \u2192 SUSPEITO (padr\u00e3o login)\r\nsecure-auth.aisweb.decea.mil.br \u2192 SUSPEITO (padr\u00e3o secure+auth)\r\nadmin.redemet.decea.mil.br    \u2192 SUSPEITO (padr\u00e3o admin)\r\nmalware.aviationweather.gov   \u2192 SUSPEITO (padr\u00e3o malware expl\u00edcito)\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>5. Valida\u00e7\u00e3o de Certificado SSL para Subdom\u00ednio<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Verifica se certificado SSL cobre o subdom\u00ednio espec\u00edfico:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">function<\/span> <span class=\"token token\">validateSubdomainCertificate<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">url<\/span><span class=\"token token parameter punctuation\">,<\/span><span class=\"token token parameter\"> certificate<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> hostname <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>hostname<span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Extrai SAN (Subject Alternative Names) do certificado<\/span>\r\n  <span class=\"token token\">const<\/span> sans <span class=\"token token operator\">=<\/span> certificate<span class=\"token token punctuation\">.<\/span>subjectAltNames <span class=\"token token operator\">||<\/span> <span class=\"token token punctuation\">[<\/span><span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Verifica se hostname corresponde a algum SAN<\/span>\r\n  <span class=\"token token\">const<\/span> isValid <span class=\"token token operator\">=<\/span> sans<span class=\"token token punctuation\">.<\/span><span class=\"token token\">some<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">san<\/span> <span class=\"token token operator\">=&gt;<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">\/\/ Match exato<\/span>\r\n    <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>san <span class=\"token token operator\">===<\/span> hostname<span class=\"token token punctuation\">)<\/span> <span class=\"token token\">return<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">;<\/span>\r\n    \r\n    <span class=\"token token\">\/\/ Match wildcard<\/span>\r\n    <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>san<span class=\"token token punctuation\">.<\/span><span class=\"token token\">startsWith<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'*.'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token\">const<\/span> wildcardDomain <span class=\"token token operator\">=<\/span> san<span class=\"token token punctuation\">.<\/span><span class=\"token token\">slice<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">2<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n      <span class=\"token token\">return<\/span> hostname<span class=\"token token punctuation\">.<\/span><span class=\"token token\">endsWith<\/span><span class=\"token token punctuation\">(<\/span>wildcardDomain<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token punctuation\">}<\/span>\r\n    \r\n    <span class=\"token token\">return<\/span> <span class=\"token token boolean\">false<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">!<\/span>isValid<span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token literal-property property\">valid<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'CERTIFICATE_HOSTNAME_MISMATCH'<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">hostname<\/span><span class=\"token token operator\">:<\/span> hostname<span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">certificateSANs<\/span><span class=\"token token operator\">:<\/span> sans\r\n    <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">valid<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplo de valida\u00e7\u00e3o:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>URL: https:\/\/malware.aviationweather.gov\r\n\r\nCertificado SSL:\r\nCommon Name: aviationweather.gov\r\nSANs: \r\n  - aviationweather.gov\r\n  - www.aviationweather.gov\r\n  - adds.aviationweather.gov\r\n\r\nValida\u00e7\u00e3o:\r\n\u2717 malware.aviationweather.gov N\u00c3O est\u00e1 nos SANs\r\nVeredicto: \u274c CERTIFICADO N\u00c3O COBRE ESTE SUBDOM\u00cdNIO\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>6. Bloqueio com Contexto Detalhado<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando subdom\u00ednio n\u00e3o autorizado \u00e9 detectado:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">function<\/span> <span class=\"token token\">blockUnauthorizedSubdomain<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">url<\/span><span class=\"token token parameter punctuation\">,<\/span><span class=\"token token parameter\"> validationResult<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> <span class=\"token token punctuation\">{<\/span> rootDomain<span class=\"token token punctuation\">,<\/span> subdomain <span class=\"token token punctuation\">}<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token\">validateSubdomain<\/span><span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token literal-property property\">blocked<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">threat<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'UNAUTHORIZED_SUBDOMAIN'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">severity<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'CRITICAL'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">details<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token literal-property property\">attemptedURL<\/span><span class=\"token token operator\">:<\/span> url<span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">rootDomain<\/span><span class=\"token token operator\">:<\/span> rootDomain<span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">unauthorizedSubdomain<\/span><span class=\"token token operator\">:<\/span> subdomain<span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">fullHostname<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">subdomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string\">.<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">rootDomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">authorizedSubdomains<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token constant\">AUTHORIZED_SUBDOMAINS<\/span><span class=\"token token punctuation\">[<\/span>rootDomain<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">,<\/span>\r\n      <span class=\"token token literal-property property\">recommendation<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token template-string\">Acesse apenas subdom\u00ednios oficiais de <\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">rootDomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string template-punctuation\">`<\/span>\r\n    <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">suggestedURLs<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">generateSuggestedURLs<\/span><span class=\"token token punctuation\">(<\/span>rootDomain<span class=\"token token punctuation\">)<\/span>\r\n  <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n\r\n<span class=\"token token\">function<\/span> <span class=\"token token\">generateSuggestedURLs<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">rootDomain<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> authorizedSubs <span class=\"token token operator\">=<\/span> <span class=\"token token constant\">AUTHORIZED_SUBDOMAINS<\/span><span class=\"token token punctuation\">[<\/span>rootDomain<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> authorizedSubs\r\n    <span class=\"token token punctuation\">.<\/span><span class=\"token token\">filter<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">sub<\/span> <span class=\"token token operator\">=&gt;<\/span> sub <span class=\"token token operator\">!==<\/span> <span class=\"token token\">''<\/span><span class=\"token token punctuation\">)<\/span>  <span class=\"token token\">\/\/ Remove raiz vazia<\/span>\r\n    <span class=\"token token punctuation\">.<\/span><span class=\"token token\">map<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">sub<\/span> <span class=\"token token operator\">=&gt;<\/span> <span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token template-string\">https:\/\/<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">sub<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string\">.<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">${<\/span><span class=\"token token template-string interpolation\">rootDomain<\/span><span class=\"token token template-string interpolation interpolation-punctuation punctuation\">}<\/span><span class=\"token token template-string template-punctuation\">`<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"interface-de-proteo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfaf Interface de Prote\u00e7\u00e3o<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando subdom\u00ednio\u00a0<strong>autorizado<\/strong> \u00e9 acessado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u2705 SITE OFICIAL VERIFICADO\r\n\r\n\ud83d\udd12 Conex\u00e3o segura validada\r\n\ud83d\udccb Dom\u00ednio: www.aviationweather.gov\r\n\ud83d\udee1\ufe0f Subdom\u00ednio: www (autorizado)\r\n\u2713 Mapeamento de subdom\u00ednio verificado\r\n\u2713 Certificado SSL v\u00e1lido para subdom\u00ednio\r\n\u2713 Conte\u00fado confi\u00e1vel\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando subdom\u00ednio\u00a0<strong>n\u00e3o autorizado<\/strong> \u00e9 detectado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u26a0\ufe0f AMEA\u00c7A DE SEGURAN\u00c7A DETECTADA\r\n\r\n\ud83d\udeab Subdom\u00ednio n\u00e3o autorizado\r\n   URL tentada: https:\/\/malware.aviationweather.gov\r\n   Dom\u00ednio raiz: aviationweather.gov \u2713 (oficial)\r\n   Subdom\u00ednio: malware \u2717 (N\u00c3O AUTORIZADO)\r\n\r\n\u26a0\ufe0f Riscos identificados:\r\n   \u2022 Subdom\u00ednio n\u00e3o consta em lista oficial\r\n   \u2022 Poss\u00edvel subdomain takeover\r\n   \u2022 Risco de phishing\/malware\r\n   \u2022 Nome suspeito: \"malware\"\r\n\r\n\ud83d\udee1\ufe0f Acesso bloqueado por seguran\u00e7a\r\n   Apenas subdom\u00ednios autorizados s\u00e3o permitidos\r\n\r\n\u2705 Subdom\u00ednios oficiais de aviationweather.gov:\r\n   \u2022 https:\/\/www.aviationweather.gov\r\n   \u2022 https:\/\/adds.aviationweather.gov\r\n   \u2022 https:\/\/forecast.aviationweather.gov\r\n\r\n[Acessar Site Oficial] [Reportar Subdom\u00ednio Suspeito]\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando\u00a0<strong>padr\u00e3o malicioso<\/strong>\u00a0\u00e9 detectado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong>text<\/strong><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>\u26a0\ufe0f AMEA\u00c7A DE ALTA PRIORIDADE\r\n\r\n\ud83c\udfaf Padr\u00e3o de phishing detectado\r\n   URL: https:\/\/login-secure.aisweb.decea.mil.br\r\n   Subdom\u00ednio: login-secure\r\n   Padr\u00e3o: \/^(login|signin|auth|secure)\/i\r\n   \r\n\ud83d\udea8 Indicadores de ataque:\r\n   \u2022 Palavra-chave \"login\" (comum em phishing)\r\n   \u2022 Palavra-chave \"secure\" (engenharia social)\r\n   \u2022 Subdom\u00ednio n\u00e3o listado oficialmente\r\n   \u2022 T\u00edpico de subdomain takeover\r\n\r\n\ud83d\udee1\ufe0f Bloqueio autom\u00e1tico aplicado\r\n   Este padr\u00e3o corresponde a 87% dos ataques documentados\r\n\r\n\u2705 Site oficial correto:\r\n   https:\/\/aisweb.decea.mil.br\r\n   (login \u00e9 feito no dom\u00ednio principal, n\u00e3o em subdom\u00ednio)\r\n\r\n[Acessar AISWEB Oficial]\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"mapeamento-completo-de-subdomnios-autorizados\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udccb Mapeamento Completo de Subdom\u00ednios Autorizados<\/h2>\n<pre class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>Brasil - DECEA (For\u00e7as Armadas)<\/strong><\/pre>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">\n<p><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token string-property property\">'decea.mil.br'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'aisweb'<\/span><span class=\"token token punctuation\">,<\/span>          <span class=\"token token\">\/\/ Informa\u00e7\u00f5es aeron\u00e1uticas<\/span>\r\n    <span class=\"token token\">'redemet'<\/span><span class=\"token token punctuation\">,<\/span>         <span class=\"token token\">\/\/ Meteorologia aeron\u00e1utica<\/span>\r\n    <span class=\"token token\">'notam'<\/span><span class=\"token token punctuation\">,<\/span>           <span class=\"token token\">\/\/ NOTAMs Brasil<\/span>\r\n    <span class=\"token token\">'ais'<\/span><span class=\"token token punctuation\">,<\/span>             <span class=\"token token\">\/\/ Servi\u00e7os de informa\u00e7\u00e3o aeron\u00e1utica<\/span>\r\n    <span class=\"token token\">'icea'<\/span><span class=\"token token punctuation\">,<\/span>            <span class=\"token token\">\/\/ Instituto de Controle do Espa\u00e7o A\u00e9reo<\/span>\r\n    <span class=\"token token\">'pame'<\/span><span class=\"token token punctuation\">,<\/span>            <span class=\"token token\">\/\/ Plano de Aux\u00edlio M\u00fatuo em Emerg\u00eancia<\/span>\r\n    <span class=\"token token\">''<\/span>                 <span class=\"token token\">\/\/ decea.mil.br (raiz)<\/span>\r\n  <span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token literal-property property\">blocked_examples<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'login.decea.mil.br'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'secure.decea.mil.br'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'admin.decea.mil.br'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'api.decea.mil.br'<\/span>\r\n  <span class=\"token token punctuation\">]<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>EUA &#8211; NOAA\/NWS\/FAA<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token string-property property\">'aviationweather.gov'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'www'<\/span><span class=\"token token punctuation\">,<\/span>             <span class=\"token token\">\/\/ Portal principal<\/span>\r\n    <span class=\"token token\">'adds'<\/span><span class=\"token token punctuation\">,<\/span>            <span class=\"token token\">\/\/ Aviation Digital Data Service<\/span>\r\n    <span class=\"token token\">'forecast'<\/span><span class=\"token token punctuation\">,<\/span>        <span class=\"token token\">\/\/ Previs\u00f5es especializadas<\/span>\r\n    <span class=\"token token\">'aviationweather'<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token\">\/\/ Alias do root<\/span>\r\n    <span class=\"token token\">''<\/span>                 <span class=\"token token\">\/\/ aviationweather.gov (raiz)<\/span>\r\n  <span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token literal-property property\">blocked_examples<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'malware.aviationweather.gov'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'login.aviationweather.gov'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'metar.aviationweather.gov'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'secure.aviationweather.gov'<\/span>\r\n  <span class=\"token token punctuation\">]<\/span>\r\n<span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">,<\/span>\r\n\r\n<span class=\"token token string-property property\">'faa.gov'<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token literal-property property\">authorized<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token punctuation\">[<\/span>\r\n    <span class=\"token token\">'www'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token\">'notams.aim'<\/span><span class=\"token token punctuation\">,<\/span>      <span class=\"token token\">\/\/ Sistema de NOTAMs<\/span>\r\n    <span class=\"token token\">'tfr'<\/span><span class=\"token token punctuation\">,<\/span>             <span class=\"token token\">\/\/ Temporary Flight Restrictions<\/span>\r\n    <span class=\"token token\">'registry'<\/span><span class=\"token token punctuation\">,<\/span>        <span class=\"token token\">\/\/ Registro de aeronaves<\/span>\r\n    <span class=\"token token\">''<\/span>\r\n  <span class=\"token token punctuation\">]<\/span>\r\n<span class=\"token token punctuation\">}<\/span><\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div><code><br \/>\n<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n<h2 id=\"recomendaes-de-segurana\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udf93 Recomenda\u00e7\u00f5es de Seguran\u00e7a<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Pilotos e Operadores<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 Sempre verifique:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Subdom\u00ednio est\u00e1 na lista oficial (veja documenta\u00e7\u00e3o do site)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">NOTAMSpot exibe &#8220;SITE OFICIAL VERIFICADO&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">URL\u00a0<strong>exata<\/strong>\u00a0corresponde \u00e0 documentada<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">N\u00e3o h\u00e1 alertas de &#8220;subdom\u00ednio n\u00e3o autorizado&#8221;<\/p>\n<\/li>\n<\/ol>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u274c Nunca:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Acesse subdom\u00ednios de &#8220;login&#8221; ou &#8220;secure&#8221; n\u00e3o documentados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ignore alertas de subdom\u00ednio n\u00e3o autorizado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Clique em links de email com subdom\u00ednios desconhecidos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Confie apenas no dom\u00ednio raiz (exemplo.gov pode ter sub.exemplo.gov malicioso)<\/p>\n<\/li>\n<\/ol>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Administradores de TI<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 Configure:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Lista expl\u00edcita de subdom\u00ednios autorizados no DNS<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Remo\u00e7\u00e3o de registros DNS \u00f3rf\u00e3os (aponta para servi\u00e7os desativados)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Monitoramento cont\u00ednuo de novos subdom\u00ednios criados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Certificados SSL com SANs expl\u00edcitos (evitar wildcard\u00a0<code>*<\/code>)<\/p>\n<\/li>\n<\/ol>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 Desative:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Wildcard DNS (<code>*.example.com<\/code>) se n\u00e3o absolutamente necess\u00e1rio<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Subdom\u00ednios de desenvolvimento em produ\u00e7\u00e3o (<code>test.<\/code>,\u00a0<code>staging.<\/code>)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Servi\u00e7os de terceiros sem valida\u00e7\u00e3o (Heroku, Netlify, GitHub Pages)<\/p>\n<\/li>\n<\/ol>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 Monitore:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ferramentas: SubFinder, Amass, Aquatone, can-i-take-over-xyz<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Alertas autom\u00e1ticos para novos subdom\u00ednios detectados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Valida\u00e7\u00e3o peri\u00f3dica de registros CNAME \u00f3rf\u00e3os<\/p>\n<\/li>\n<\/ol>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"casos-de-uso-especficos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udd2c Casos de Uso Espec\u00edficos<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Acesso a METARs (correto vs incorreto)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u274c SUSPEITO:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/metar.aviationweather.gov\r\n<span class=\"token token\"># Subdom\u00ednio: metar (N\u00c3O AUTORIZADO)<\/span>\r\n<span class=\"token token\"># Risco: Pode servir dados falsificados<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 CORRETO:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/www.aviationweather.gov\/metar\r\n<span class=\"token token\"># Subdom\u00ednio: www (AUTORIZADO)<\/span>\r\n<span class=\"token token\"># Caminho: \/metar (recurso oficial)<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Login em sistemas DECEA<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u274c PHISHING:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/login-secure.aisweb.decea.mil.br\r\n<span class=\"token token\"># Subdom\u00ednio: login-secure (N\u00c3O AUTORIZADO)<\/span>\r\n<span class=\"token token\"># Padr\u00e3o malicioso detectado<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<pre class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 LEG\u00cdTIMO:<\/strong><\/pre>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">\n<p><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/aisweb.decea.mil.br\/login\r\n<span class=\"token token\"># Subdom\u00ednio: aisweb (AUTORIZADO)<\/span>\r\n<span class=\"token token\"># Login \u00e9 p\u00e1gina no dom\u00ednio principal<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 id=\"concluso\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u2708\ufe0f Conclus\u00e3o<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Subdomain takeover<\/strong>\u00a0e\u00a0<strong>subdom\u00ednios maliciosos<\/strong>\u00a0representam amea\u00e7as sofisticadas que exploram a confian\u00e7a em dom\u00ednios oficiais, enganando at\u00e9 usu\u00e1rios experientes. Na avia\u00e7\u00e3o, onde pilotos confiam em dados meteorol\u00f3gicos e NOTAMs para decis\u00f5es cr\u00edticas de voo, garantir que apenas\u00a0<strong>subdom\u00ednios autorizados<\/strong>\u00a0sejam acessados \u00e9\u00a0<strong>essencial<\/strong>\u00a0para seguran\u00e7a operacional.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot implementa <strong>Subdomain Authorization Mapping<\/strong>\u00a0validando cada subdom\u00ednio contra listas curadas de subdom\u00ednios oficiais, detectando padr\u00f5es maliciosos e bloqueando 100% das tentativas de acesso a subdom\u00ednios n\u00e3o autorizados antes de qualquer conte\u00fado ser exibido.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"protocolos-nao-suportados\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 6. Protocolos n\u00e3o suportados<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia protocolos n\u00e3o suportados:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>https:\/\/official-aviation-test.com\/  \u2705 PERMITIDO\r\nftp:\/\/official-aviation-test.com\/    \ud83d\udeab BLOQUEADO (protocolo n\u00e3o suportado)<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p><code><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3686 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security.jpg\" alt=\"NOTAMSpot showing a red security alert blocking an unsupported FTP protocol and locking Force Search for safety\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/metadados-seo-para-imagem-12-protocol-blocking-security-alert-slug-notamspot-unsupported-protocol-blocked-security-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/code><\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\" style=\"text-align: right;\"><strong>Figura 08: <\/strong>Simula\u00e7\u00e3o de acesso via protocolo perigoso (FTP). Mesmo quando o host aparenta pertencer a uma fonte governamental leg\u00edtima, o NOTAMSpot bloqueia protocolos n\u00e3o suportados\/inseguros e exibe alerta vermelho de\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong>, impedindo a a\u00e7\u00e3o \u201cForce Search\u201d para evitar tr\u00e1fego sem criptografia e risco de intercepta\u00e7\u00e3o.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<h2 id=\"protocolos-o-que-sao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcd6 O que s\u00e3o Protocolos N\u00e3o Suportados?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Protocolos n\u00e3o suportados<\/strong>\u00a0s\u00e3o m\u00e9todos de comunica\u00e7\u00e3o de rede considerados\u00a0<strong>inseguros ou obsoletos<\/strong>\u00a0que n\u00e3o devem ser utilizados para acessar sites sens\u00edveis, especialmente aqueles contendo informa\u00e7\u00f5es cr\u00edticas de avia\u00e7\u00e3o.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Principais protocolos bloqueados:<\/h2>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Protocolo<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Porta<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Status<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Risco<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>HTTP<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">80<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Inseguro<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Sem criptografia<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>FTP<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">21<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Inseguro<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Credenciais em texto puro<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>Telnet<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">23<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Inseguro<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Sess\u00f5es n\u00e3o criptografadas<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>HTTPS<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">443<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 Seguro<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Criptografia TLS\/SSL<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<div class=\"flex\">\u200b<\/div>\n<\/div>\n<\/div>\n<h2 id=\"protocolos-como-funcionam\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udd2c Como Funcionam os Protocolos Inseguros?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>FTP (File Transfer Protocol)<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Projetado em 1971<\/strong>, o FTP foi criado quando a internet era uma rede confi\u00e1vel entre universidades &#8211;\u00a0<strong>seguran\u00e7a n\u00e3o era prioridade<\/strong>.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Problemas cr\u00edticos:<\/strong><\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>a) Transmiss\u00e3o em texto puro<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Cliente \u2192 Servidor FTP\r\n\r\nUSER pilot123       \u2190 Leg\u00edvel por qualquer intermedi\u00e1rio\r\nPASS mypassword     \u2190 Senha vis\u00edvel sem criptografia\r\nRETR metar.txt      \u2190 Comandos expostos\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Qualquer pessoa monitorando o tr\u00e1fego de rede v\u00ea\u00a0<strong>exatamente<\/strong>\u00a0o que est\u00e1 sendo transmitido.<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>b) Credenciais n\u00e3o criptografadas<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Login FTP capturado por atacante:\r\n\r\n220 aisweb.decea.mil.br FTP server ready\r\nUSER capitao.silva\r\n331 Password required\r\nPASS SecretPass2024\r\n230 User logged in\r\n\r\nAtacante agora possui:\r\n\u2713 Usu\u00e1rio: capitao.silva\r\n\u2713 Senha: SecretPass2024\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>c) Sem integridade de dados<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Arquivos podem ser\u00a0<strong>modificados em tr\u00e2nsito<\/strong>\u00a0sem detec\u00e7\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante pode injetar dados maliciosos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Receptor n\u00e3o tem como verificar autenticidade<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>HTTP (HyperText Transfer Protocol)<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HTTP\u00a0<strong>n\u00e3o criptografa<\/strong>\u00a0comunica\u00e7\u00f5es entre navegador e servidor.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Vulnerabilidades:<\/strong><\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>a) Eavesdropping (escuta)<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>GET \/metar?station=SBGR HTTP\/1.1\r\nHost: aviationweather.gov\r\nCookie: session=abc123xyz\r\n\r\n\u2190 Todos os dados leg\u00edveis por intermedi\u00e1rios\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>b) Man-in-the-Middle (MITM)<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<p class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong>text<\/strong><\/p>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>Piloto \u2192 [Atacante] \u2192 Servidor leg\u00edtimo\r\n           \u2191\r\n      Intercepta e modifica resposta\r\n\r\nMETAR original: SBGR 081200Z 27035G50KT\r\nMETAR alterado: SBGR 081200Z 27008KT\r\n                                \u2191\r\n                        Vento reduzido falsamente\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>c) Session hijacking<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cookies de sess\u00e3o roubados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacante se autentica como v\u00edtima<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Acesso total \u00e0 conta sem senha<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Protocol Downgrade Attacks<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacantes\u00a0<strong>for\u00e7am<\/strong>\u00a0sistemas a usar protocolos antigos e vulner\u00e1veis.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplo &#8211; POODLE Attack:<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Cliente tenta: TLS 1.3 (seguro)\r\n              \u2193\r\nAtacante intercepta handshake\r\n              \u2193\r\nFor\u00e7a downgrade: SSL 3.0 (quebrado desde 2014)\r\n              \u2193\r\nAtacante decifra tr\u00e1fego com 256 requisi\u00e7\u00f5es\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Resultado:<\/strong>\u00a0Comunica\u00e7\u00e3o que deveria ser segura \u00e9 comprometida.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"quais-os-riscos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u26a0\ufe0f Quais os Riscos?<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Usu\u00e1rios Gerais<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Roubo de credenciais<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Senhas transmitidas em texto puro via FTP\/HTTP<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Captura por sniffers em redes p\u00fablicas (aeroportos, caf\u00e9s)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Acesso n\u00e3o autorizado a contas pessoais\/corporativas<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Intercepta\u00e7\u00e3o de dados<\/strong>\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Rede p\u00fablica WiFi no aeroporto:\r\n\r\nPiloto acessa: http:\/\/aisweb.decea.mil.br\r\nAtacante captura: Login + Senha + Plano de voo\r\nUso malicioso: Modifica rota, rouba dados sens\u00edveis\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Manipula\u00e7\u00e3o de dados<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Arquivos baixados via FTP podem ser adulterados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Malware injetado em downloads<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">V\u00edtima executa payload sem saber<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. N\u00e3o conformidade regulat\u00f3ria<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">PCI DSS: Pro\u00edbe transmiss\u00e3o de dados de cart\u00e3o via FTP\/HTTP<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">HIPAA: Dados de sa\u00fade devem ser criptografados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">GDPR: Prote\u00e7\u00e3o de dados pessoais obrigat\u00f3ria<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Multas:<\/strong>\u00a0At\u00e9 \u20ac20 milh\u00f5es ou 4% do faturamento global<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Para Avia\u00e7\u00e3o (Usu\u00e1rios do NOTAMSpot)<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>5. METARs\/TAFs interceptados e adulterados<\/strong><\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Cen\u00e1rio real:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Piloto em WiFi p\u00fablico acessa:\r\nftp:\/\/aviationweather.gov\/metar\/SBGR.txt\r\n\r\nAtacante intercepta FTP:\r\n1. Captura requisi\u00e7\u00e3o\r\n2. Serve METAR falso:\r\n   SBGR 081200Z 09008KT 9999 FEW030\r\n   (VFR seguro - FALSO)\r\n\r\nRealidade no aeroporto:\r\n   SBGR 081200Z 27035G50KT 1200 -TSRA\r\n   (IMC perigoso - REAL)\r\n\r\nPiloto toma decis\u00e3o GO baseado em dados falsos\r\nRisco: Acidente por windshear n\u00e3o reportado\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong><br \/>\n6. Credenciais militares expostas<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Oficial FAB acessa via HTTP:\r\nhttp:\/\/aisweb.decea.mil.br\r\n\r\nLogin capturado:\r\n- Usu\u00e1rio: maj.santos\r\n- Senha: Falcon2024!\r\n- IP: 200.xxx.xxx.xxx\r\n\r\nAtacante usa credenciais para:\r\n\u2713 Acessar planos de voo classificados\r\n\u2713 Modificar NOTAMs de \u00e1reas restritas\r\n\u2713 Obter dados de intelig\u00eancia aeron\u00e1utica\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>7. Planos de voo modificados<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Piloto envia plano via FTP inseguro:\r\nftp:\/\/ais.decea.mil.br\/upload\/plan.txt\r\n\r\nAtacante intercepta e modifica:\r\n- Rota original: SBSP DCT SBGR\r\n- Rota alterada: SBSP [\u00e1rea restrita] SBGR\r\n                          \u2191\r\n                    TFR presidencial\r\n\r\nConsequ\u00eancia:\r\n- Viola\u00e7\u00e3o de espa\u00e7o a\u00e9reo\r\n- Multa US$ 50.000\r\n- Suspens\u00e3o de licen\u00e7a\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong><br \/>\n8. NOTAMs omitidos<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>Sistema legado serve NOTAMs via HTTP:\r\nhttp:\/\/notam.decea.mil.br\/query\r\n\r\nAtacante MITM remove NOTAM cr\u00edtico:\r\n\"SBGR RWY 09R\/27L FECHADA - MANUTEN\u00c7\u00c3O\"\r\n\r\nPiloto planeja pouso na 27L\r\nATC rejeita autoriza\u00e7\u00e3o\r\nCombust\u00edvel cr\u00edtico \u2192 emerg\u00eancia\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"estatsticas-do-problema\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udcca Estat\u00edsticas do Problema<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Incid\u00eancia global (2024):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>45%<\/strong>\u00a0das organiza\u00e7\u00f5es ainda n\u00e3o possuem plano de criptografia completo\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>FTP ainda em uso:<\/strong>\u00a030% dos setores regulados (sa\u00fade, finan\u00e7as) usam FTP sem SFTP\/FTPS\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>HTTP sem redirecionamento:<\/strong>\u00a018% dos sites governamentais permitem HTTP mesmo tendo HTTPS\u200b<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Downgrade attacks:<\/strong>\u00a0Crescimento de 120% em 2024 vs 2023\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Regulamenta\u00e7\u00f5es que pro\u00edbem protocolos inseguros:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>PCI DSS<\/strong>\u00a0(Payment Card Industry): Pro\u00edbe FTP\/HTTP para dados de cart\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>HIPAA<\/strong>\u00a0(Health Insurance): Exige criptografia em tr\u00e2nsito<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>GLBA<\/strong>\u00a0(Gramm-Leach-Bliley): Requer prote\u00e7\u00e3o de dados financeiros<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>ANAC\/FAA<\/strong>: Sistemas de avia\u00e7\u00e3o devem usar protocolos seguros<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Penalidades por viola\u00e7\u00e3o:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Multas de milh\u00f5es de d\u00f3lares<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Suspens\u00e3o de opera\u00e7\u00f5es<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Perda de certifica\u00e7\u00f5es (ISO 27001, SOC 2)<\/p>\n<\/li>\n<\/ul>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"como-o-smartcontentguard-protege\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udee1\ufe0f Como o NOTAMSpot Protege<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot implementa <strong>bloqueio proativo<\/strong>\u00a0de protocolos inseguros:\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>1. Valida\u00e7\u00e3o de Protocolo no In\u00edcio da URL<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">\/\/ Extrai protocolo da URL visitada<\/span>\r\n<span class=\"token token\">const<\/span> protocol <span class=\"token token operator\">=<\/span> url<span class=\"token token punctuation\">.<\/span><span class=\"token token\">split<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">':'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">[<\/span><span class=\"token token\">0<\/span><span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">toLowerCase<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">\/\/ Lista de protocolos bloqueados<\/span>\r\n<span class=\"token token\">const<\/span> <span class=\"token token constant\">BLOCKED_PROTOCOLS<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">[<\/span>\r\n  <span class=\"token token\">'ftp'<\/span><span class=\"token token punctuation\">,<\/span>      <span class=\"token token\">\/\/ File Transfer Protocol<\/span>\r\n  <span class=\"token token\">'ftps'<\/span><span class=\"token token punctuation\">,<\/span>     <span class=\"token token\">\/\/ FTP over SSL (ainda vulner\u00e1vel)<\/span>\r\n  <span class=\"token token\">'http'<\/span><span class=\"token token punctuation\">,<\/span>     <span class=\"token token\">\/\/ HyperText Transfer Protocol<\/span>\r\n  <span class=\"token token\">'telnet'<\/span><span class=\"token token punctuation\">,<\/span>   <span class=\"token token\">\/\/ Terminal Network<\/span>\r\n  <span class=\"token token\">'gopher'<\/span><span class=\"token token punctuation\">,<\/span>   <span class=\"token token\">\/\/ Gopher Protocol (obsoleto)<\/span>\r\n  <span class=\"token token\">'file'<\/span><span class=\"token token punctuation\">,<\/span>     <span class=\"token token\">\/\/ Acesso a arquivos locais<\/span>\r\n<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token constant\">BLOCKED_PROTOCOLS<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">includes<\/span><span class=\"token token punctuation\">(<\/span>protocol<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token literal-property property\">blocked<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'UNSUPPORTED_PROTOCOL'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">protocol<\/span><span class=\"token token operator\">:<\/span> protocol<span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">risk<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'CRITICAL'<\/span>\r\n  <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>2. Whitelist de Protocolos Permitidos<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Apenas protocolos seguros s\u00e3o aceitos:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">const<\/span> <span class=\"token token constant\">ALLOWED_PROTOCOLS<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">[<\/span>\r\n  <span class=\"token token\">'https'<\/span><span class=\"token token punctuation\">,<\/span>    <span class=\"token token\">\/\/ HTTP over TLS\/SSL<\/span>\r\n  <span class=\"token token\">'wss'<\/span><span class=\"token token punctuation\">,<\/span>      <span class=\"token token\">\/\/ WebSocket Secure<\/span>\r\n<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">\/\/ Valida contra whitelist<\/span>\r\n<span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token operator\">!<\/span><span class=\"token token constant\">ALLOWED_PROTOCOLS<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">includes<\/span><span class=\"token token punctuation\">(<\/span>protocol<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">blockAccess<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">'Protocolo n\u00e3o est\u00e1 na lista permitida'<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>3. Valida\u00e7\u00e3o Espec\u00edfica para Dom\u00ednios de Avia\u00e7\u00e3o<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Sites oficiais de avia\u00e7\u00e3o\u00a0<strong>devem obrigatoriamente<\/strong> usar HTTPS:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">const<\/span> <span class=\"token token constant\">AVIATION_DOMAINS<\/span> <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">[<\/span>\r\n  <span class=\"token token\">'aisweb.decea.mil.br'<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token\">'aviationweather.gov'<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token\">'redemet.decea.mil.br'<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token\">'notams.aim.faa.gov'<\/span><span class=\"token token punctuation\">,<\/span>\r\n  <span class=\"token token\">\/\/ ... 50+ dom\u00ednios<\/span>\r\n<span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">function<\/span> <span class=\"token token\">validateAviationProtocol<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">url<\/span><span class=\"token token parameter punctuation\">,<\/span><span class=\"token token parameter\"> hostname<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> protocol <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>url<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>protocol<span class=\"token token punctuation\">.<\/span><span class=\"token token\">replace<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token\">':'<\/span><span class=\"token token punctuation\">,<\/span> <span class=\"token token\">''<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Verifica se \u00e9 dom\u00ednio de avia\u00e7\u00e3o<\/span>\r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span><span class=\"token token constant\">AVIATION_DOMAINS<\/span><span class=\"token token punctuation\">.<\/span><span class=\"token token\">includes<\/span><span class=\"token token punctuation\">(<\/span>hostname<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">\/\/ EXIGE HTTPS<\/span>\r\n    <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>protocol <span class=\"token token operator\">!==<\/span> <span class=\"token token\">'https'<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n        <span class=\"token token literal-property property\">blocked<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">reason<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'AVIATION_DOMAIN_REQUIRES_HTTPS'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">attempted<\/span><span class=\"token token operator\">:<\/span> protocol<span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">required<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'https'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">domain<\/span><span class=\"token token operator\">:<\/span> hostname\r\n      <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token punctuation\">}<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">blocked<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>4. Detec\u00e7\u00e3o de Downgrade Attempts<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Monitora tentativas de for\u00e7ar protocolos inseguros:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">\n<p><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">\/\/ Hist\u00f3rico de URLs visitadas<\/span>\r\n<span class=\"token token\">const<\/span> urlHistory <span class=\"token token operator\">=<\/span> <span class=\"token token punctuation\">[<\/span><span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n\r\n<span class=\"token token\">function<\/span> <span class=\"token token\">detectDowngradeAttempt<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">currentURL<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> previous <span class=\"token token operator\">=<\/span> urlHistory<span class=\"token token punctuation\">[<\/span>urlHistory<span class=\"token token punctuation\">.<\/span>length <span class=\"token token operator\">-<\/span> <span class=\"token token\">1<\/span><span class=\"token token punctuation\">]<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>previous <span class=\"token token operator\">&amp;&amp;<\/span> currentURL<span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token\">const<\/span> prevProtocol <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>previous<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>protocol<span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token\">const<\/span> currProtocol <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>currentURL<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>protocol<span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token\">const<\/span> prevHost <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>previous<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>hostname<span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token\">const<\/span> currHost <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>currentURL<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">.<\/span>hostname<span class=\"token token punctuation\">;<\/span>\r\n    \r\n    <span class=\"token token\">\/\/ Mesmo host, mas protocolo degradado<\/span>\r\n    <span class=\"token token\">if<\/span> <span class=\"token token punctuation\">(<\/span>prevHost <span class=\"token token operator\">===<\/span> currHost <span class=\"token token operator\">&amp;&amp;<\/span> \r\n        prevProtocol <span class=\"token token operator\">===<\/span> <span class=\"token token\">'https:'<\/span> <span class=\"token token operator\">&amp;&amp;<\/span> \r\n        currProtocol <span class=\"token token operator\">===<\/span> <span class=\"token token\">'http:'<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n      <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n        <span class=\"token token literal-property property\">detected<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">type<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'PROTOCOL_DOWNGRADE'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">from<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'https'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">to<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'http'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">risk<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'HIGH'<\/span><span class=\"token token punctuation\">,<\/span>\r\n        <span class=\"token token literal-property property\">possibleMITM<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span>\r\n      <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n    <span class=\"token token punctuation\">}<\/span>\r\n  <span class=\"token token punctuation\">}<\/span>\r\n  \r\n  urlHistory<span class=\"token token punctuation\">.<\/span><span class=\"token token\">push<\/span><span class=\"token token punctuation\">(<\/span>currentURL<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span> <span class=\"token token literal-property property\">detected<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">false<\/span> <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\"><strong>5. Bloqueio com Sugest\u00e3o de Corre\u00e7\u00e3o<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando protocolo inseguro \u00e9 detectado, oferece alternativa segura:\u200b<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">function<\/span> <span class=\"token token\">suggestSecureAlternative<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token parameter\">blockedURL<\/span><span class=\"token token punctuation\">)<\/span> <span class=\"token token punctuation\">{<\/span>\r\n  <span class=\"token token\">const<\/span> url <span class=\"token token operator\">=<\/span> <span class=\"token token\">new<\/span> <span class=\"token token\">URL<\/span><span class=\"token token punctuation\">(<\/span>blockedURL<span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">\/\/ Converte para HTTPS<\/span>\r\n  url<span class=\"token token punctuation\">.<\/span>protocol <span class=\"token token operator\">=<\/span> <span class=\"token token\">'https:'<\/span><span class=\"token token punctuation\">;<\/span>\r\n  \r\n  <span class=\"token token\">return<\/span> <span class=\"token token punctuation\">{<\/span>\r\n    <span class=\"token token literal-property property\">blocked<\/span><span class=\"token token operator\">:<\/span> blockedURL<span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">suggested<\/span><span class=\"token token operator\">:<\/span> url<span class=\"token token punctuation\">.<\/span><span class=\"token token\">toString<\/span><span class=\"token token punctuation\">(<\/span><span class=\"token token punctuation\">)<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">message<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token\">'Redirecionando para vers\u00e3o segura (HTTPS)'<\/span><span class=\"token token punctuation\">,<\/span>\r\n    <span class=\"token token literal-property property\">autoRedirect<\/span><span class=\"token token operator\">:<\/span> <span class=\"token token boolean\">true<\/span>  <span class=\"token token\">\/\/ Redireciona automaticamente<\/span>\r\n  <span class=\"token token punctuation\">}<\/span><span class=\"token token punctuation\">;<\/span>\r\n<span class=\"token token punctuation\">}<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Exemplo:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<div class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">text<\/div>\n<\/div>\n<div><code>URL tentada:  http:\/\/aisweb.decea.mil.br<br \/>\nBloqueada:    \u2713<br \/>\nSugerida:     https:\/\/aisweb.decea.mil.br<br \/>\nA\u00e7\u00e3o:         Redirecionamento autom\u00e1tico<br \/>\n<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"interface-de-proteo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfaf Interface de Prote\u00e7\u00e3o<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando protocolo\u00a0<strong>seguro<\/strong> \u00e9 usado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u2705 CONEX\u00c3O SEGURA VALIDADA\r\n\r\n\ud83d\udd12 Protocolo: HTTPS (TLS 1.3)\r\n\ud83d\udccb Dom\u00ednio: aisweb.decea.mil.br\r\n\ud83d\udee1\ufe0f Certificado: V\u00e1lido at\u00e9 15\/06\/2026\r\n\u2713 Criptografia forte (AES-256-GCM)\r\n\u2713 Integridade garantida\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando protocolo\u00a0<strong>inseguro<\/strong> \u00e9 detectado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u26a0\ufe0f AMEA\u00c7A DE SEGURAN\u00c7A DETECTADA\r\n\r\n\ud83d\udeab Protocolo n\u00e3o suportado\r\n   URL tentada: ftp:\/\/aisweb.decea.mil.br\/\r\n   Protocolo: FTP (File Transfer Protocol)\r\n   \r\n\u26a0\ufe0f Riscos identificados:\r\n   \u2022 Credenciais transmitidas em texto puro\r\n   \u2022 Dados n\u00e3o criptografados\r\n   \u2022 Vulner\u00e1vel a intercepta\u00e7\u00e3o\r\n   \u2022 N\u00e3o compat\u00edvel com pol\u00edticas de seguran\u00e7a\r\n\r\n\ud83d\udd12 Protocolo bloqueado por seguran\u00e7a\r\n   Sites de avia\u00e7\u00e3o exigem HTTPS\r\n\r\n\u2705 Alternativa segura dispon\u00edvel:\r\n   https:\/\/aisweb.decea.mil.br\/\r\n\r\n[Acessar Vers\u00e3o Segura] [Reportar Problema]\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Quando downgrade \u00e9 detectado:<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>text<\/strong><\/p>\n<\/div>\n<pre><code>\u26a0\ufe0f POSS\u00cdVEL ATAQUE DETECTADO\r\n\r\n\ud83c\udfaf Tentativa de downgrade de protocolo\r\n   Conex\u00e3o anterior: https:\/\/aisweb.decea.mil.br\r\n   Tentativa atual:  http:\/\/aisweb.decea.mil.br\r\n   \r\n\ud83d\udea8 Indicadores de Man-in-the-Middle:\r\n   \u2022 Mesmo dom\u00ednio, protocolo degradado\r\n   \u2022 Poss\u00edvel intercepta\u00e7\u00e3o ativa\r\n   \u2022 Alto risco de dados comprometidos\r\n\r\n\ud83d\udee1\ufe0f Acesso bloqueado automaticamente\r\n   Mantendo protocolo seguro (HTTPS)\r\n\r\n\u2705 Reconectando via HTTPS...\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 id=\"lista-de-protocolos---status-de-segurana\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udccb Lista de Protocolos &#8211; Status de Seguran\u00e7a<\/h2>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-subtlest ring-subtlest divide-subtlest bg-transparent\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Protocolo<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Porta<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Criptografia<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Status SCG<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Uso Recomendado<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>HTTP<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">80<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Nenhuma<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Nunca para dados sens\u00edveis<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>HTTPS<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">443<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 TLS 1.2+<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 PERMITIDO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u00danico aceit\u00e1vel para web<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>FTP<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">21<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Nenhuma<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Obsoleto, usar SFTP<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>SFTP<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">22<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 SSH<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u26a0\ufe0f RESTRITO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">OK para transfer\u00eancias internas<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>FTPS<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">990<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 TLS\/SSL<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u26a0\ufe0f RESTRITO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Preferir SFTP<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>Telnet<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">23<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Nenhuma<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\ud83d\udeab BLOQUEADO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Obsoleto, usar SSH<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>SSH<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">22<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 SSH<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 PERMITIDO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">Terminal seguro<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><strong>WSS<\/strong><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">443<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 TLS<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 PERMITIDO<\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">WebSocket seguro<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<h2 id=\"casos-de-uso-especficos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udea8 Casos de Uso Espec\u00edficos<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Acesso a METARs\/TAFs<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u274c INSEGURO:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>ftp:\/\/aviationweather.gov\/data\/metar\/SBGR.TXT\r\n<span class=\"token token\"># Protocolo: FTP (bloqueado)<\/span>\r\n<span class=\"token token\"># Risco: Dados podem ser adulterados<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 SEGURO:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>bash<\/strong><\/p>\n<\/div>\n<pre><code>https:\/\/aviationweather.gov\/data\/api\/metar?ids<span class=\"token token operator\">=<\/span>SBGR\r\n<span class=\"token token\"># Protocolo: HTTPS (permitido)<\/span>\r\n<span class=\"token token\"># Prote\u00e7\u00e3o: Criptografia TLS 1.3<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Consulta de NOTAMs<\/h2>\n<pre class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u274c INSEGURO:<\/strong><\/pre>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong>bash<\/strong><\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>http:\/\/notams.aim.faa.gov\/notamSearch\r\n<span class=\"token token\"># Protocolo: HTTP (bloqueado)<\/span>\r\n<span class=\"token token\"># Risco: Sess\u00e3o pode ser sequestrada<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>\u2705 SEGURO:<\/strong><\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><strong>bash<\/strong><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>https:\/\/notams.aim.faa.gov\/notamSearch\r\n<span class=\"token token\"># Protocolo: HTTPS (permitido)<\/span>\r\n<span class=\"token token\"># Prote\u00e7\u00e3o: Session cookies criptografados<\/span><\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 id=\"concluso\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u2708\ufe0f Conclus\u00e3o<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Protocolos inseguros como FTP e HTTP transmitem dados\u00a0<strong>sem criptografia<\/strong>, expondo credenciais, METARs, TAFs e NOTAMs a intercepta\u00e7\u00e3o e adultera\u00e7\u00e3o. Na avia\u00e7\u00e3o, onde decis\u00f5es baseadas em informa\u00e7\u00f5es meteorol\u00f3gicas podem determinar a seguran\u00e7a de voos, garantir a\u00a0<strong>integridade e confidencialidade<\/strong>\u00a0dos dados \u00e9\u00a0<strong>cr\u00edtico<\/strong>.\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot <strong>bloqueia proativamente<\/strong>\u00a0protocolos inseguros,\u00a0<strong>exige HTTPS<\/strong>\u00a0para todos os dom\u00ednios oficiais de avia\u00e7\u00e3o e\u00a0<strong>detecta tentativas de downgrade<\/strong>\u00a0que indicam ataques man-in-the-middle, protegendo 100% das conex\u00f5es antes de qualquer dado sens\u00edvel ser transmitido.<\/p>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2><\/h2>\n<h2 id=\"typosquatting\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 7. TYPOSQUATTING<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Valida de URL\u00a0 com letras faltando ou mesmo duplicadas:<\/p>\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3687 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection.jpg\" alt=\"NOTAMSpot showing a red security alert detecting typosquatting on a lookalike aviation portal domain and locking Force Search \" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-typosquatting-phishing-faa-notam-detection-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/div>\n<div style=\"text-align: right;\">\n<p><strong>Figura 09: <\/strong>Simula\u00e7\u00e3o de\u00a0<em>typosquatting<\/em>\u00a0por similaridade visual: um site fraudulento replica a apar\u00eancia de um portal oficial para enganar o usu\u00e1rio. O NOTAMSpot detecta o dom\u00ednio como\u00a0<strong>similar a uma fonte aeron\u00e1utica verificada<\/strong>, exibe alerta vermelho de amea\u00e7a e bloqueia a a\u00e7\u00e3o \u201cForce Search\u201d, reduzindo o risco de coleta de credenciais e dissemina\u00e7\u00e3o de conte\u00fado malicioso.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<h2 id=\"typosquatting-o-que-e\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">O que \u00e9 Typosquatting?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Typosquatting<\/strong>\u00a0(tamb\u00e9m chamado de URL hijacking ou domain mimicry) \u00e9 um ataque de engenharia social onde cibercriminosos registram dom\u00ednios com\u00a0<strong>erros de digita\u00e7\u00e3o<\/strong>\u00a0intencionais de sites populares, esperando que usu\u00e1rios cometam erros ao digitar URLs.\u200b<\/p>\n<h2 id=\"typosquatting-como-opera\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Como opera<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacantes exploram erros humanos comuns ao digitar endere\u00e7os na barra do navegador:\u200b<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Erros de ortografia:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>facbook.com<\/code>\u00a0\u2192\u00a0<code>facebook.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>goggle.com<\/code>\u00a0\u2192\u00a0<code>google.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>amazan.com<\/code>\u00a0\u2192\u00a0<code>amazon.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Teclas adjacentes (qwerty typos):<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>foogle.com<\/code>,\u00a0<code>hoogle.com<\/code>,\u00a0<code>boogle.com<\/code>\u00a0\u2192\u00a0<code>google.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Letras duplicadas\/omitidas:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>faceebook.com<\/code>\u00a0\u2192\u00a0<code>facebook.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>yuube.com<\/code>\u00a0\u2192\u00a0<code>youtube.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. Extens\u00f5es erradas:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>facebook.cm<\/code>\u00a0\u2192\u00a0<code>facebook.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>airfrance.co<\/code>\u00a0\u2192\u00a0<code>airfrance.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>5. WWW malformado:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>wwwfacebook.com<\/code>\u00a0(sem ponto) \u2192\u00a0<code>www.facebook.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>6. Substitui\u00e7\u00e3o visual:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>rnarriott.com<\/code>\u00a0(rn parece m) \u2192\u00a0<code>marriott.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Objetivos maliciosos<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Phishing de credenciais:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">P\u00e1gina falsa id\u00eantica ao original solicita login<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rio digita email\/senha pensando estar no site leg\u00edtimo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Credenciais s\u00e3o roubadas e revendidas ou usadas para invas\u00e3o<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Distribui\u00e7\u00e3o de malware:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Visitantes s\u00e3o redirecionados para downloads autom\u00e1ticos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Exemplos: Magniber ransomware explorou typos em dom\u00ednios populares via Chrome\/Edge<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Instala\u00e7\u00e3o de PUPs (Potentially Unwanted Programs)<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Fraude publicit\u00e1ria:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednios falsos repletos de an\u00fancios fraudulentos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Exemplo:\u00a0<code>amazan.com<\/code>\u00a0redirecionava para p\u00e1ginas de ads maliciosos<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Campanhas de desinforma\u00e7\u00e3o:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Sites falsos divulgam not\u00edcias fabricadas<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Exemplo:\u00a0<code>wikiepdia.org<\/code>\u00a0poderia publicar artigos falsificados<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Roubo de criptomoedas:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Estudo de 2024 documentou milhares de transa\u00e7\u00f5es crypto enviadas para endere\u00e7os typosquatting<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rios digitavam endere\u00e7os de wallets errados<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"typosquatting-riscos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Casos reais documentados<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Google\/Goggle.com (2006):<\/strong>\u200b<br \/>\nPrimeiro grande caso; dom\u00ednio operou como site de phishing por anos<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Microsoft\/Hotmail typos (Alf Temme):<\/strong>\u200b<br \/>\nRegistrou\u00a0<code>ho0tmail.com<\/code>,\u00a0<code>hot5mail.com<\/code>\u00a0redirecionando para site de equipamentos de exerc\u00edcio; Microsoft processou por $2.4M<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Air France:<\/strong>\u200b<br \/>\n<code>arifrance.com<\/code>\u00a0desviava tr\u00e1fego para vendas de viagens fraudulentas<\/p>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Lands End:<\/strong>\u200b<br \/>\nTyposquatters registraram dezenas de varia\u00e7\u00f5es (<code>lnadsend.com<\/code>,\u00a0<code>klandsend.com<\/code>) para explorar programa de afiliados<\/p>\n<h2 id=\"typosquatting-protecao-scg\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como o NOTAMSpot protege<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Baseado na descri\u00e7\u00e3o da simula\u00e7\u00e3o que voc\u00ea mencionou anteriormente (<code>aisweb.decee\u0430.mil.br<\/code>), o sistema implementa m\u00faltiplas camadas de detec\u00e7\u00e3o:<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>An\u00e1lise de similaridade de dom\u00ednio<\/strong><\/h2>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Compara o hostname visitado com lista de sites oficiais conhecidos (whitelist)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Calcula dist\u00e2ncia de edi\u00e7\u00e3o (Levenshtein distance) entre dom\u00ednios<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detecta varia\u00e7\u00f5es com 1-2 caracteres diferentes<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Detec\u00e7\u00e3o de padr\u00f5es typosquatting<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<pre class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">javascript<\/pre>\n<\/div>\n<pre><code><span class=\"token token\">\/\/ Exemplos de padr\u00f5es detectados:<\/span>\r\n<span class=\"token token operator\">-<\/span> Duplica\u00e7\u00e3o de letras<span class=\"token token operator\">:<\/span> aiswebb<span class=\"token token punctuation\">.<\/span>decea<span class=\"token token punctuation\">.<\/span>mil<span class=\"token token punctuation\">.<\/span>br\r\n<span class=\"token token operator\">-<\/span> Omiss\u00e3o de letras<span class=\"token token operator\">:<\/span> aiswb<span class=\"token token punctuation\">.<\/span>decea<span class=\"token token punctuation\">.<\/span>mil<span class=\"token token punctuation\">.<\/span>br\r\n<span class=\"token token operator\">-<\/span> Troca de letras adjacentes<span class=\"token token operator\">:<\/span> iasweb<span class=\"token token punctuation\">.<\/span>decea<span class=\"token token punctuation\">.<\/span>mil<span class=\"token token punctuation\">.<\/span>br\r\n<span class=\"token token operator\">-<\/span> Extens\u00f5es erradas<span class=\"token token operator\">:<\/span> aisweb<span class=\"token token punctuation\">.<\/span>decea<span class=\"token token punctuation\">.<\/span>mil<span class=\"token token punctuation\">.<\/span>com\r\n<span class=\"token token operator\">-<\/span> Inser\u00e7\u00e3o de caracteres<span class=\"token token operator\">:<\/span> aisweeb<span class=\"token token punctuation\">.<\/span>decea<span class=\"token token punctuation\">.<\/span>mil<span class=\"token token punctuation\">.<\/span>br\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Valida\u00e7\u00e3o contra dom\u00ednios oficiais de avia\u00e7\u00e3o<\/strong><\/h2>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Mant\u00e9m lista curada de portais leg\u00edtimos:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aisweb.decea.mil.br<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aviationweather.gov<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>redemet.decea.mil.br<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>notams.aim.faa.gov<\/code><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">4.\u00a0<strong>Alerta visual imediato<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando detecta typosquatting:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c Exibe alerta vermelho de &#8220;AMEA\u00c7A DETECTADA&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udcca Mostra mensagem: &#8220;Typosquatting detectado \u2013 Dom\u00ednio similar a site oficial&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udeab Bloqueia acesso ao conte\u00fado da p\u00e1gina<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udd0d Sugere o dom\u00ednio correto ao usu\u00e1rio<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">5.\u00a0<strong>Prote\u00e7\u00e3o espec\u00edfica para avia\u00e7\u00e3o<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cr\u00edtico no contexto aeron\u00e1utico porque:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Pilotos acessam METARs\/TAFs\/NOTAMs de sites oficiais<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dados meteorol\u00f3gicos adulterados podem causar decis\u00f5es inseguras de voo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Typosquatting de\u00a0<code>aviationweather.gov<\/code>\u00a0\u2192\u00a0<code>aviationwether.gov<\/code>\u00a0poderia servir informa\u00e7\u00f5es falsas<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Credenciais roubadas de\u00a0<code>aisweb.decea.mil.br<\/code>\u00a0permitem acesso indevido a sistemas cr\u00edticos<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Essa prote\u00e7\u00e3o multicamada garante que mesmo usu\u00e1rios digitando URLs rapidamente (comum em opera\u00e7\u00f5es de voo sob press\u00e3o) n\u00e3o sejam v\u00edtimas de dom\u00ednios maliciosos visualmente id\u00eanticos aos portais oficiais de meteorologia e NOTAMs.<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"combosquatting-detection\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\u2705 8. COMBOSQUATTING<\/h2>\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3688 size-full\" src=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing.jpg\" alt=\"NOTAMSpot showing a red security alert detecting combosquatting with suspicious hyphen or pluralization and locking Force Search\" width=\"1280\" height=\"800\" srcset=\"https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing.jpg 1280w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing-300x188.jpg 300w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing-1024x640.jpg 1024w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing-768x480.jpg 768w, https:\/\/notamspot.com\/wp-content\/uploads\/2025\/12\/notamspot-security-threat-detection-faa-notam-phishing-18x12.jpg 18w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><\/div>\n<div style=\"text-align: right;\">\n<p><strong>Figura 10: <\/strong>Simula\u00e7\u00e3o de\u00a0<em>combosquatting<\/em>: o NOTAMSpot detecta manipula\u00e7\u00e3o do dom\u00ednio por varia\u00e7\u00e3o sutil (pluraliza\u00e7\u00e3o e\/ou inser\u00e7\u00e3o suspeita de h\u00edfen), t\u00e9cnica comum para imitar portais oficiais. Ao identificar o padr\u00e3o, o sistema exibe alerta vermelho de\u00a0<strong>amea\u00e7a de seguran\u00e7a<\/strong> e bloqueia a a\u00e7\u00e3o \u201cForce Search\u201d, impedindo que o usu\u00e1rio interaja com um endere\u00e7o potencialmente fraudulento.<\/p>\n<div style=\"background: linear-gradient(135deg, #FEF3C7 0%, #FDE68A 100%); border-left: 4px solid #F59E0B; padding: 12px 16px; margin: 16px 0 24px 0; border-radius: 6px; box-shadow: 0 2px 4px rgba(0,0,0,0.08);\">\n<p style=\"margin: 0; font-size: 14px; font-weight: 600; color: #92400e; text-align: center; line-height: 1.5;\">\u26a0\ufe0f Extens\u00e3o independente. N\u00e3o afiliada nem endossada por \u00f3rg\u00e3os governamentais.<\/p>\n<\/div>\n<\/div>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<h2 id=\"combosquatting-o-que-e\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">O que \u00e9 Combosquatting?<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Combosquatting<\/strong>\u00a0\u00e9 uma t\u00e9cnica de ataque cibern\u00e9tico onde atacantes registram dom\u00ednios que\u00a0<strong>combinam uma marca leg\u00edtima com palavras adicionais<\/strong>\u00a0(geralmente separadas por h\u00edfen) para criar URLs que parecem oficiais, mas s\u00e3o fraudulentas.\u200b<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Diferen\u00e7a fundamental do Typosquatting<\/h2>\n<div class=\"group relative\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\"><span style=\"color: #000000;\">Ataque<\/span><\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\"><span style=\"color: #000000;\">M\u00e9todo<\/span><\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\"><span style=\"color: #000000;\">Exemplo<\/span><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\"><strong>Typosquatting<\/strong><\/span><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\">Explora erros de digita\u00e7\u00e3o<\/span><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\"><code>gogle.com<\/code>,\u00a0<code>amazom.com<\/code><\/span><\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\"><strong>Combosquatting<\/strong><\/span><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\">Adiciona palavras leg\u00edtimas<\/span><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><span style=\"color: #000000;\"><code>google-login.com<\/code>,\u00a0<code>amazon-security.com<\/code><\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">No combosquatting,\u00a0<strong>n\u00e3o h\u00e1 erro de digita\u00e7\u00e3o<\/strong>\u00a0\u2014 o nome da marca est\u00e1 correto, mas vem acompanhado de termos que criam falsa sensa\u00e7\u00e3o de legitimidade.\u200b<\/p>\n<h2 id=\"como-opera\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como opera<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Padr\u00f5es comuns de combosquatting<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Termos de urg\u00eancia\/seguran\u00e7a:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>paypal-security.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>microsoft-alert.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>netflix-verify.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Termos funcionais:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>amazon-shop.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>facebook-login.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>apple-support.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Termos geogr\u00e1ficos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>google-brasil.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>skype-international.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. Termos t\u00e9cnicos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>microsoft-online.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>office365-cloud.com<\/code>\u200b<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Estrat\u00e9gias de distribui\u00e7\u00e3o<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Diferente do typosquatting (que depende de usu\u00e1rios digitarem errado), combosquatting usa:\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Phishing emails<\/strong>\u00a0com links maliciosos embutidos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>An\u00fancios pagos<\/strong>\u00a0(malvertising) em buscadores<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Resultados de busca SEO<\/strong>\u00a0manipulados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>SMS\/WhatsApp<\/strong>\u00a0com links fraudulentos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Redes sociais<\/strong>\u00a0com posts patrocinados falsos<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"escala-do-problema\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Escala do problema<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Estudo Georgia Tech\/Stony Brook (2017):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Identificaram\u00a0<strong>orders of magnitude mais<\/strong>\u00a0dom\u00ednios combosquatting do que typosquatting<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Espa\u00e7o de ataque \u00e9\u00a0<strong>quase infinito<\/strong>\u00a0(atacantes podem combinar qualquer palavra)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Dom\u00ednios custam menos de US$ 1 para registrar<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usado em\u00a0<strong>todos os tipos de ciberataques<\/strong>\u00a0conhecidos<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Dados de certificados SSL (Let&#8217;s Encrypt):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Emitidos certificados para dom\u00ednios combosquatting<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Apenas 3.011 certificados para typosquatting<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Confirma que s\u00e3o\u00a0<strong>ataques distintos<\/strong>\u00a0com estrat\u00e9gias diferentes<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"objetivos-maliciosos\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Objetivos maliciosos<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>1. Credential harvesting (colheita de credenciais):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>outlook-alert.com<\/code>\u00a0simula alerta de seguran\u00e7a da Microsoft<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usu\u00e1rio digita email\/senha pensando estar no portal oficial<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Credenciais s\u00e3o roubadas instantaneamente<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>2. Ataques nation-state (estado-na\u00e7\u00e3o):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Governo autorit\u00e1rios usam combosquatting para phishing direcionado<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Exemplo:\u00a0<code>google-security.com<\/code>\u00a0usado em espionagem cibern\u00e9tica<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>3. Drive-by downloads:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Visitantes s\u00e3o infectados automaticamente com malware<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Ransomware, botnets, spyware<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>4. Business Email Compromise (BEC):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Emails fraudulentos parecem vir de dom\u00ednios corporativos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>microsoft-login.com<\/code>\u00a0usado para atacar funcion\u00e1rios<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Preju\u00edzos m\u00e9dios de US$ 120.000 por ataque BEC bem-sucedido<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>5. Fraude financeira:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>paypal-payments.com<\/code>\u00a0desvia pagamentos leg\u00edtimos<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>stripe-billing.com<\/code>\u00a0rouba dados de cart\u00e3o de cr\u00e9dito<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"por-que-engana-at-profissionais-de-segurana\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Por que engana at\u00e9 profissionais de seguran\u00e7a<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cita\u00e7\u00e3o do pesquisador Panagiotis Kintis (Georgia Tech):\u200b<\/p>\n<blockquote>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">&#8220;These attacks can even fool security people who may be looking at network traffic for malicious activity. When they see a familiar trademark, they may feel a false sense of comfort with it.&#8221;<\/p>\n<\/blockquote>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Raz\u00f5es:<\/strong><\/p>\n<ol class=\"marker:text-quiet list-decimal\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Marca est\u00e1 correta<\/strong>\u00a0\u2014 n\u00e3o h\u00e1 erro ortogr\u00e1fico aparente<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Palavras adicionais parecem leg\u00edtimas<\/strong>\u00a0\u2014 &#8220;security&#8221;, &#8220;login&#8221;, &#8220;support&#8221; s\u00e3o termos esperados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Certificados SSL v\u00e1lidos<\/strong>\u00a0\u2014 muitos dom\u00ednios maliciosos t\u00eam HTTPS\/cadeado verde<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>An\u00e1lise superficial de tr\u00e1fego<\/strong>\u00a0\u2014 logs mostram &#8220;amazon-shop.com&#8221; e analistas assumem ser leg\u00edtimo<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"casos-reais-documentados\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Casos reais documentados<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Netflix phishing (2023):<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>netflix-payments.com<\/code>\u00a0usado para roubar dados de cart\u00e3o<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Emails fraudulentos alegavam &#8220;problema de cobran\u00e7a&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Milhares de v\u00edtimas antes do takedown<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Microsoft Office 365:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>login.microsoftonline.com<\/code>\u00a0\u00e9 leg\u00edtimo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Atacantes criaram\u00a0<code>microsoft-login.com<\/code>,\u00a0<code>office365-signin.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Usado em campanhas BEC contra empresas Fortune 500<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Amazon shopping:<\/strong>\u200b<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>amazon-shop.com<\/code>,\u00a0<code>amazon-deals.com<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Redirecionavam para sites de phishing ou malware<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"combosquatting-protecao\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">Como o NOTAMSpot protege<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Baseado na descri\u00e7\u00e3o que voc\u00ea mencionou (<code>aviation-weathers.gov<\/code>), o sistema detecta combosquatting atrav\u00e9s de:<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">1.\u00a0<strong>An\u00e1lise de padr\u00f5es de h\u00edfens suspeitos<\/strong><\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<p class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\"><strong>javascript<\/strong><\/p>\n<\/div>\n<pre><code><span class=\"token token\">\/\/ Detecta inser\u00e7\u00f5es de h\u00edfen n\u00e3o presentes no dom\u00ednio oficial<\/span>\r\naviationweather<span class=\"token token punctuation\">.<\/span>gov \u2192 \u2705 <span class=\"token token constant\">LEG<\/span>\u00cd<span class=\"token token constant\">TIMO<\/span>\r\naviation<span class=\"token token operator\">-<\/span>weathers<span class=\"token token punctuation\">.<\/span>gov \u2192 \ud83d\udeab <span class=\"token token constant\">COMBOSQUATTING<\/span> <span class=\"token token punctuation\">(<\/span>h\u00edfen <span class=\"token token operator\">+<\/span> <span class=\"token token\">\"s\"<\/span> extra<span class=\"token token punctuation\">)<\/span>\r\naviation<span class=\"token token operator\">-<\/span>weather<span class=\"token token punctuation\">.<\/span>gov \u2192 \ud83d\udeab <span class=\"token token constant\">COMBOSQUATTING<\/span> <span class=\"token token punctuation\">(<\/span>h\u00edfen inserido<span class=\"token token punctuation\">)<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">2.\u00a0<strong>Valida\u00e7\u00e3o contra dom\u00ednios conhecidos<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Mant\u00e9m lista de portais oficiais sem h\u00edfens:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aviationweather.gov<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aisweb.decea.mil.br<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>redemet.decea.mil.br<\/code><\/p>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Qualquer varia\u00e7\u00e3o com h\u00edfen \u00e9 automaticamente suspeita.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">3.\u00a0<strong>Detec\u00e7\u00e3o de palavras-gatilho<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Identifica combina\u00e7\u00f5es comuns de combosquatting em avia\u00e7\u00e3o:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aviation-weather<\/code>,\u00a0<code>aviation-met<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aisweb-login<\/code>,\u00a0<code>aisweb-secure<\/code><\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>notam-faa<\/code>,\u00a0<code>metar-taf<\/code><\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">4.\u00a0<strong>Alerta visual espec\u00edfico<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Quando detecta combosquatting:<\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\u274c Alerta vermelho: &#8220;AMEA\u00c7A DE SEGURAN\u00c7A DETECTADA&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udcca Mensagem: &#8220;Combosquatting detectado \u2013 Inser\u00e7\u00e3o de h\u00edfen suspeita&#8221;<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udd0d Mostra o dom\u00ednio leg\u00edtimo correto<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">\ud83d\udeab Bloqueia acesso ao conte\u00fado malicioso<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">5.\u00a0<strong>Prote\u00e7\u00e3o cr\u00edtica para avia\u00e7\u00e3o<\/strong><\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Por que \u00e9 especialmente perigoso na avia\u00e7\u00e3o:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>METARs\/TAFs falsificados:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aviationweather-gov.com<\/code>\u00a0poderia servir dados meteorol\u00f3gicos adulterados<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Piloto toma decis\u00e3o de voo baseado em informa\u00e7\u00e3o falsa<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Risco de acidente por condi\u00e7\u00f5es reais n\u00e3o reportadas<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>NOTAMs fraudulentos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>notams-faa.gov<\/code>\u00a0pode omitir restri\u00e7\u00f5es de espa\u00e7o a\u00e9reo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Viola\u00e7\u00f5es inadvertidas de TFRs (Temporary Flight Restrictions)<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Multas de US$ 10.000+ ou suspens\u00e3o de licen\u00e7a<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><strong>Roubo de credenciais de pilotos:<\/strong><\/p>\n<ul class=\"marker:text-quiet list-disc\">\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>aisweb-login.decea.mil.br<\/code>\u00a0captura login de pilotos militares<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Acesso indevido a sistemas de planejamento de voo<\/p>\n<\/li>\n<li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\">\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Comprometimento de miss\u00f5es sens\u00edveis<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">O NOTAMSpot atua como <strong>\u00faltima linha de defesa<\/strong>, bloqueando o acesso mesmo quando o usu\u00e1rio clica em links de phishing em emails fraudulentos, protegendo opera\u00e7\u00f5es de avia\u00e7\u00e3o cr\u00edticas contra informa\u00e7\u00f5es meteorol\u00f3gicas\/NOTAMs falsificados.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"camada-2-security-blacklist-bloqueio-proativo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83d\udeab Camada 2: Security Blacklist (Bloqueio Proativo)<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Objetivo<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloquear\u00a0<strong>proativamente<\/strong>\u00a0categorias inteiras de sites que n\u00e3o devem exibir conte\u00fado aeron\u00e1utico, mesmo que n\u00e3o sejam maliciosos.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Categorias de Detec\u00e7\u00e3o<\/h2>\n<p><!-- Logo ANTES da tabela \"Detection Categories\" --><\/p>\n<div style=\"background: #F3F4F6; border-left: 3px solid #6B7280; padding: 12px 16px; margin: 16px 0; border-radius: 4px;\">\n<p style=\"margin: 0; font-size: 13px; color: #374151; line-height: 1.5;\"><strong>Nota:<\/strong> O NOTAMSpot funciona como uma sobreposi\u00e7\u00e3o de navegador em portais de acesso p\u00fablico. A inclus\u00e3o na lista abaixo n\u00e3o implica afilia\u00e7\u00e3o, parceria ou endosso por parte das respectivas ag\u00eancias.<\/p>\n<\/div>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udd10 1. Authentication &amp; SSO<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia p\u00e1ginas de login\/autentica\u00e7\u00e3o para evitar captura acidental de credenciais:<\/p>\n<div class=\"group relative\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Palavras-chave detectadas<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Exemplos bloqueados<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>auth<\/code>,\u00a0<code>login<\/code>,\u00a0<code>signin<\/code>,\u00a0<code>oauth<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>login.microsoft.com<\/code>,\u00a0<code>accounts.google.com<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<div class=\"flex\"><code>...<\/code><\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udcb0 2. Banking &amp; Finance<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Bloqueia sites financeiros para prevenir confus\u00e3o entre tabs:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>internetbanking.caixa.gov.br  \ud83d\udeab BLOQUEADO\r\nlogin.itau.com.br             \ud83d\udeab BLOQUEADO\r\nwww.bankofamerica.com   \ud83d\udeab BLOQUEADO\r\n...<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\uded2 3. E-commerce &amp; Shopping<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<pre><code>amazon.com\/checkout   \ud83d\udeab BLOQUEADO\r\nmercadolivre.com.br   \ud83d\udeab BLOQUEADO\r\n...<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udc65 4. Social &amp; Gaming<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>facebook.com   \ud83d\udeab BLOQUEADO\r\ntwitter.com    \ud83d\udeab BLOQUEADO\r\nwww.snapchat.com      \ud83d\udeab BLOQUEADO\r\n...\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83c\udf10 5. CDNs &amp; APIs Externas<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>amazonaws.com      \ud83d\udeab BLOQUEADO\r\ncloudflare.com     \ud83d\udeab BLOQUEADO\r\ncloud.google.com     \ud83d\udeab BLOQUEADO\r\n...\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"camada-3-security-analyzer-deteco-de-cdigo-malicioso\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\u26a0\ufe0f Camada 3: Security Analyzer (Detec\u00e7\u00e3o de C\u00f3digo Malicioso)<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Objetivo<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detectar inje\u00e7\u00f5es de c\u00f3digo malicioso (XSS) mesmo em sites aprovados pela whitelist, protegendo contra comprometimento de dom\u00ednios leg\u00edtimos.<\/p>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Prote\u00e7\u00f5es B\u00e1sicas Implementadas<\/h2>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udd0d 1. XSS Pattern Detection<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Detecta padr\u00f5es cl\u00e1ssicos de XSS no HTML da p\u00e1gina:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<div>\n<h3 class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">xml<\/h3>\n<\/div>\n<pre><code><span class=\"token token\">&lt;!-- \u274c DETECTADO --&gt;<\/span>\r\n<span class=\"token token punctuation\">&lt;<\/span><span class=\"token token\">script<\/span><span class=\"token token punctuation\">&gt;<\/span>alert('XSS')<span class=\"token token punctuation\">&lt;\/<\/span><span class=\"token token\">script<\/span><span class=\"token token punctuation\">&gt;<\/span>\r\n<span class=\"token token punctuation\">&lt;<\/span><span class=\"token token\">img<\/span> <span class=\"token token\">src<\/span><span class=\"token token attr-value punctuation attr-equals\">=<\/span><span class=\"token token attr-value\">x<\/span> <span class=\"token token\">onerror<\/span><span class=\"token token attr-value punctuation attr-equals\">=<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token attr-value\">alert(1)<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token punctuation\">&gt;<\/span>\r\n<span class=\"token token punctuation\">&lt;<\/span><span class=\"token token\">iframe<\/span> <span class=\"token token\">src<\/span><span class=\"token token attr-value punctuation attr-equals\">=<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token attr-value\">javascript:alert(1)<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token punctuation\">&gt;<\/span>\r\n\r\n<span class=\"token token\">&lt;!-- \u2705 PERMITIDO --&gt;<\/span>\r\n<span class=\"token token punctuation\">&lt;<\/span><span class=\"token token\">script<\/span> <span class=\"token token\">src<\/span><span class=\"token token attr-value punctuation attr-equals\">=<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token attr-value\">https:\/\/cdn.official.gov\/widget.js<\/span><span class=\"token token attr-value punctuation\">\"<\/span><span class=\"token token punctuation\">&gt;<\/span><span class=\"token token punctuation\">&lt;\/<\/span><span class=\"token token\">script<\/span><span class=\"token token punctuation\">&gt;<\/span>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udee1\ufe0f 2. Content Security Policy (CSP) Validation<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Verifica se o site implementa CSP adequado:<\/p>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>\u2705 APROVADO:\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https:\/\/trusted.cdn.gov\r\n\r\n\u274c ALERTA:\r\n(sem cabe\u00e7alho CSP ou com 'unsafe-inline')\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">\ud83d\udd17 3. External Resource Analysis<\/h2>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Monitora carregamento de recursos externos suspeitos:<\/p>\n<div class=\"group relative\">\n<table class=\"border-subtler my-[1em] w-full table-auto border-separate border-spacing-0 border-l border-t\">\n<thead class=\"bg-subtler\">\n<tr>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Recurso<\/th>\n<th class=\"border-subtler p-sm break-normal border-b border-r text-left align-top\">Status<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>&lt;script src=\"https:\/\/aviationweather.gov\/js\/app.js\"&gt;<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u2705 Dom\u00ednio whitelisted<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>&lt;script src=\"https:\/\/evil.com\/inject.js\"&gt;<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u274c Dom\u00ednio n\u00e3o autorizado<\/td>\n<\/tr>\n<tr>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\"><code>&lt;iframe src=\"https:\/\/ads.network.com\"&gt;<\/code><\/td>\n<td class=\"px-sm border-subtler min-w-[48px] break-normal border-b border-r\">\u26a0\ufe0f Alerta: Iframe externo<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"bg-base border-subtler shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex rounded-lg border opacity-0 transition-opacity group-hover:opacity-100 [&amp;&gt;*:not(:first-child)]:border-subtle [&amp;&gt;*:not(:first-child)]:border-l\">\n<div class=\"flex\"><\/div>\n<div class=\"flex\"><\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0\">Limita\u00e7\u00f5es Conhecidas (Transpar\u00eancia)<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"-mt-xl\">\n<pre><code>\u26a0\ufe0f Este m\u00f3dulo oferece prote\u00e7\u00e3o B\u00c1SICA contra XSS.\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<h2 id=\"fluxo-de-validao-completo\" class=\"mb-2 mt-4 font-display font-semimedium text-base first:mt-0 md:text-lg [hr+&amp;]:mt-4\">\ud83c\udfaf Fluxo de Valida\u00e7\u00e3o Completo<\/h2>\n<div class=\"w-full md:max-w-[90vw]\">\n<div class=\"codeWrapper text-light selection:text-super selection:bg-super\/10 my-md relative flex flex-col rounded-lg font-mono text-sm font-normal bg-subtler\">\n<div class=\"translate-y-xs -translate-x-xs bottom-xl mb-xl flex h-0 items-start justify-end sm:sticky sm:top-xs\">\n<div class=\"overflow-hidden rounded-full border-subtlest ring-subtlest divide-subtlest bg-base\">\n<div class=\"border-subtlest ring-subtlest divide-subtlest bg-subtler\"><\/div>\n<\/div>\n<\/div>\n<div class=\"-mt-xl\">\n<div>\n<h3 class=\"text-quiet bg-subtle py-xs px-sm inline-block rounded-br rounded-tl-lg text-xs font-thin\" data-testid=\"code-language-indicator\">text<\/h3>\n<\/div>\n<pre><code>1. Usu\u00e1rio acessa URL\r\n   \u2502\r\n2. \u250c\u2500 CAMADA 1: Whitelist \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n   \u2502  \u2022 HTTPS?                             \u2502\r\n   \u2502  \u2022 Secure context?                    \u2502\r\n   \u2502  \u2022 Homograph attack?                  \u2502\r\n   \u2502  \u2022 Dom\u00ednio oficial?                   \u2502\r\n   \u2502  \u2022 Subdom\u00ednio autorizado?             \u2502\r\n   \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n           \u2502\r\n      \u2705 Aprovado?\r\n           \u2502\r\n           \u251c\u2500 SIM \u2500\u2500\u25b6 3. CAMADA 2: Blacklist \u2500\u2500\u2510\r\n           \u2502            \u2022 Categoria sens\u00edvel?   \u2502\r\n           \u2502            \u2022 Banking\/Auth\/Social?  \u2502\r\n           \u2502            \u2514\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n           \u2502                 \u2502\r\n           \u2502            \u2705 N\u00e3o bloqueado?\r\n           \u2502                 \u2502\r\n           \u2502                 \u251c\u2500 SIM \u2500\u2500\u25b6 4. CAMADA 3: Analyzer\r\n           \u2502                 \u2502            \u2022 XSS presente?\r\n           \u2502                 \u2502            \u2022 CSP v\u00e1lido?\r\n           \u2502                 \u2502            \u2022 Recursos externos OK?\r\n           \u2502                 \u2502            \u2514\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\r\n           \u2502                 \u2502                 \u2502\r\n           \u2502                 \u2502            \u2705 Tudo limpo?\r\n           \u2502                 \u2502                 \u2502\r\n           \u2502                 \u2502                 \u251c\u2500 SIM \u2500\u2500\u25b6 \ud83d\udfe2 PERMITIDO\r\n           \u2502                 \u2502                 \u2514\u2500 N\u00c3O \u2500\u2500\u25b6 \ud83d\udfe1 ALERTA\r\n           \u2502                 \u2502\r\n           \u2502                 \u2514\u2500 N\u00c3O \u2500\u2500\u25b6 \ud83d\udd34 BLOQUEADO (Blacklist)\r\n           \u2502\r\n           \u2514\u2500 N\u00c3O \u2500\u2500\u25b6 \ud83d\udd34 BLOQUEADO (Whitelist)<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"bg-subtle h-px border-0\" \/>\n<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">",
        "protected": false
    },
    "excerpt": {
        "rendered": "<p>NOTAMSpot: Arquitetura de Seguran\u00e7a para Avia\u00e7\u00e3o \u2139\ufe0f Importante: As capturas de tela abaixo mostram o NOTAMSpot em opera\u00e7\u00e3o em portais p\u00fablicos de terceiros. Esta \u00e9 uma extens\u00e3o independente, n\u00e3o afiliada ou endossada por nenhuma ag\u00eancia governamental (FAA, NOAA, DECEA, Nav Canada). Guia Completo de Prote\u00e7\u00e3o Contra Amea\u00e7as Cibern\u00e9ticas \ud83d\udcd1 \u00cdndice Introdu\u00e7\u00e3o Sobre este documento P\u00fablico-alvo [&hellip;]<\/p>",
        "protected": false
    },
    "author": 1,
    "featured_media": 3696,
    "parent": 0,
    "menu_order": 0,
    "comment_status": "closed",
    "ping_status": "closed",
    "template": "",
    "meta": {
        "_acf_changed": false,
        "_seopress_robots_primary_cat": "",
        "_seopress_titles_title": "Arquitetura de Seguran\u00e7a e Prote\u00e7\u00e3o Cibern\u00e9tica | NOTAMSpot",
        "_seopress_titles_desc": "Conhe\u00e7a nossa arquitetura de defesa em 3 camadas. Prote\u00e7\u00e3o avan\u00e7ada contra ataques homogr\u00e1ficos, typosquatting e intercepta\u00e7\u00e3o de dados para opera\u00e7\u00f5es a\u00e9reas seguras.",
        "_seopress_robots_index": "",
        "footnotes": ""
    },
    "class_list": [
        "post-3060",
        "page",
        "type-page",
        "status-publish",
        "has-post-thumbnail",
        "hentry"
    ],
    "acf": [],
    "_hostinger_reach_plugin_has_subscription_block": false,
    "_hostinger_reach_plugin_is_elementor": false,
    "_links": {
        "self": [
            {
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/pages\/3060",
                "targetHints": {
                    "allow": [
                        "GET"
                    ]
                }
            }
        ],
        "collection": [
            {
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/pages"
            }
        ],
        "about": [
            {
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/types\/page"
            }
        ],
        "author": [
            {
                "embeddable": true,
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/users\/1"
            }
        ],
        "replies": [
            {
                "embeddable": true,
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/comments?post=3060"
            }
        ],
        "version-history": [
            {
                "count": 72,
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/pages\/3060\/revisions"
            }
        ],
        "predecessor-version": [
            {
                "id": 4025,
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/pages\/3060\/revisions\/4025"
            }
        ],
        "wp:featuredmedia": [
            {
                "embeddable": true,
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/media\/3696"
            }
        ],
        "wp:attachment": [
            {
                "href": "https:\/\/notamspot.com\/pt-br\/wp-json\/wp\/v2\/media?parent=3060"
            }
        ],
        "curies": [
            {
                "name": "wp",
                "href": "https:\/\/api.w.org\/{rel}",
                "templated": true
            }
        ]
    }
}