Report - security-fanpages.pages.net.br/gtm-links

Report Overview

Submitted URL
security-fanpages.pages.net.br/gtm-links
IP
172.64.144.240
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 06:04:13
Access
public
Website Title
Facebook
Final URL
security-fanpages.pages.net.br/gtm-links
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-17	542 B	33 kB	142.250.74.106
r3-pages-views.greatpages.com.br	unknown	2020-01-22	2022-12-22	2024-03-11	2.0 kB	331 B	104.17.208.68
cdn.greatpages.com.br	unknown	2020-01-22	2020-10-04	2024-03-11	2.0 kB	43 kB	104.17.209.68
security-fanpages.pages.net.br	unknown	2020-07-29	2024-04-09	2024-04-17	1.2 kB	46 kB	104.18.43.16
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-16	524 B	9.9 kB	104.16.79.73
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-17	1.6 kB	115 kB	216.58.207.227
cdn.greatsoftwares.com.br	585945	2020-02-08	2021-05-29	2024-02-29	992 B	25 kB	172.64.149.117

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	security-fanpages.pages.net.br/gtm-links	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	pages.net.br	Sinkholed
2024-04-17	medium	pages.net.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	security-fanpages.pages.net.br/gtm-links	540 B	2023-11-20	2024-04-17
Pretty URL security-fanpages.pages.net.br/gtm-links IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 23:56:30 Last Seen2024-04-17 08:04:15 Times Seen409 Hash 68001fcbccf4c89d9e378936cc9c59c8 10fde516faa0c9b775369282169b5f224c578683 4209d6e28acb2f88c72b86af4bc55057b3bd7c2f1de61cd2f91263d1ddf081ab Loading...

	security-fanpages.pages.net.br/gtm-links	220 B	2024-04-17	2024-04-17
Pretty URL security-fanpages.pages.net.br/gtm-links IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 08:04:15 Last Seen2024-04-17 08:04:15 Times Seen1 Hash 7e643ac221be850f2386ec6f9d5a6052 0b8bc281bd638abcc4b38ee294ec19c485119eaf 0bf99c62e82afdc7610cc44769d64701c089bbae6794f022e3a719697ffacc0f Loading...

	security-fanpages.pages.net.br/gtm-links	240 B	2024-04-17	2024-04-17
Pretty URL security-fanpages.pages.net.br/gtm-links IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 08:04:15 Last Seen2024-04-17 08:04:15 Times Seen1 Hash 06dd5d569667925896d76cfcaeffb84d 772e6e3a071c3bb7f89acf567d011c1a97662926 5230b95f4445285f3ad31bdde31d83c6ad56e61d1c7b7163e0bb214e5e7309e5 Loading...

	security-fanpages.pages.net.br/gtm-links	2.3 kB	2024-04-17	2024-04-17
Pretty URL security-fanpages.pages.net.br/gtm-links IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 08:04:15 Last Seen2024-04-17 08:04:15 Times Seen1 Hash 3dbdaf8e09df26f64209f1e7623f7161 c3c8ede4db4051ecbeea3a629d82ee297054788a 0fac3ad798ca2fd8fcec03c1eddfa0ec8f161d90c857c00d69ae1326ba6a6672 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	20 kB	2023-10-13	2024-04-29
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51:00 Last Seen2024-04-29 05:41:51 Times Seen28476 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/js.js	127 kB	2024-04-17	2024-04-17
Pretty URL cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/js.js IP 104.17.209.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 08:04:15 Last Seen2024-04-17 08:04:15 Times Seen2 Hash 9e1e3b8f220e54ea9f763ecaa8433e58 78af107e567e0cd14771a65dfc455d692426f142 6bee1ad505d1238184c850e05ecb7083d20aafc8538b890c4d542ba8e9e6ed2c Loading...

HTTP Transactions (14)

URL IP Response Size

r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiVmRrYkdONU5YZFpWMlJzWTNrMWRWcFlVWFZaYmtsMldqTlNkRXhYZUhCaWJYUjZSRkJNY25wVk9Ua1ZKeU9WSmFjRE5tUkdSWWN6UmhTRkl3WTBoTk5reDVPWHBhVjA0eFkyMXNNR1ZUTVcxWlZ6VjNXViIsImQiOiIyMDI0LTA0LTE3IDA2OjAzOjQ4IiwiZSI6IkdQYWdlcy45OTc3MTcxMzMzMzgyODUzMiIsImkiOiJjeERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qbG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6aHBUMmxLVVZsWFpHeFdiV3hzWkhsSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldETkNiR051VG5aaWJVWnpZVmh3YUZwSE9HbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXRE5hYUdKSE9YbEphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhbUl5TlRCYVdGWnJZakU1ZEdJeVZtdFpVMGsyU1dwQmFXWlJlRmxOUkd0RGVtTURSeWJWVktZVmhQYldaYVJ6TmxlVXB3V2tZNWJrbHFiMmxOZW1OM1RVUnJlRWxwZDJsaFYxSm1ZMGRHYm1GWE5XaEphbTlwVGxSamVFOUVaM2RKYVhkcFlWZFNabHBIT1hSaFZ6VndZbmxKTmtscVJUTk5SR2MxVDBOSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmtSemx5V2xjMGFVOXROVEZpUjNkelNXMXNkV1JIVm01amJVWnFXVmM1WmxwdFJtcGFWMHAyWWpKMFptTkhiRFJhVjNobVlVZEdhV0ZYZUhCa1IwWjVTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTllNbFl5V2xjMU1HSXhPVEJhV0U0d1dsTkpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVEwazJZbTVXYzJKRGQybGhWelV3V2xka2VWbFhUbWhpTVRsdFdWZE9iRmx0T1haaE1UbDNZVmhvYkdKR09XeGtiVloxWkVjNVpsbFhUbXhqTTA1MlNXcHZhVlZIUm01YVZscHdXbGhqYVUiLCJjIjoiIn0=

104.17.208.68

200 OK

31 B

URL GET HTTP/2
r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiVmRrYkdONU5YZFpWMlJzWTNrMWRWcFlVWFZaYmtsMldqTlNkRXhYZUhCaWJYUjZSRkJNY25wVk9Ua1ZKeU9WSmFjRE5tUkdSWWN6UmhTRkl3WTBoTk5reDVPWHBhVjA0eFkyMXNNR1ZUTVcxWlZ6VjNXViIsImQiOiIyMDI0LTA0LTE3IDA2OjAzOjQ4IiwiZSI6IkdQYWdlcy45OTc3MTcxMzMzMzgyODUzMiIsImkiOiJjeERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qbG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6aHBUMmxLVVZsWFpHeFdiV3hzWkhsSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldETkNiR051VG5aaWJVWnpZVmh3YUZwSE9HbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXRE5hYUdKSE9YbEphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhbUl5TlRCYVdGWnJZakU1ZEdJeVZtdFpVMGsyU1dwQmFXWlJlRmxOUkd0RGVtTURSeWJWVktZVmhQYldaYVJ6TmxlVXB3V2tZNWJrbHFiMmxOZW1OM1RVUnJlRWxwZDJsaFYxSm1ZMGRHYm1GWE5XaEphbTlwVGxSamVFOUVaM2RKYVhkcFlWZFNabHBIT1hSaFZ6VndZbmxKTmtscVJUTk5SR2MxVDBOSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmtSemx5V2xjMGFVOXROVEZpUjNkelNXMXNkV1JIVm01amJVWnFXVmM1WmxwdFJtcGFWMHAyWWpKMFptTkhiRFJhVjNobVlVZEdhV0ZYZUhCa1IwWjVTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTllNbFl5V2xjMU1HSXhPVEJhV0U0d1dsTkpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVEwazJZbTVXYzJKRGQybGhWelV3V2xka2VWbFhUbWhpTVRsdFdWZE9iRmx0T1haaE1UbDNZVmhvYkdKR09XeGtiVloxWkVjNVpsbFhUbXhqTTA1MlNXcHZhVlZIUm01YVZscHdXbGhqYVUiLCJjIjoiIn0=
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerLet's Encrypt
Subjectgreatpages.com.br
Fingerprint23:11:38:70:56:AD:E1:10:EA:87:A0:D0:53:20:0C:66:3E:6A:A6:1E
ValiditySat, 13 Apr 2024 14:25:19 GMT - Fri, 12 Jul 2024 14:25:18 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
b1a8ecd5c3f464c5ae872401ae1929c1
ec82b7e06d38b93eba0dd68108140711cfa86eb5
49d1cf6777396141389bf9230460e84cc9bf6260594eb25095297d5ab3098b90

HTTP Headers

GET /?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiVmRrYkdONU5YZFpWMlJzWTNrMWRWcFlVWFZaYmtsMldqTlNkRXhYZUhCaWJYUjZSRkJNY25wVk9Ua1ZKeU9WSmFjRE5tUkdSWWN6UmhTRkl3WTBoTk5reDVPWHBhVjA0eFkyMXNNR1ZUTVcxWlZ6VjNXViIsImQiOiIyMDI0LTA0LTE3IDA2OjAzOjQ4IiwiZSI6IkdQYWdlcy45OTc3MTcxMzMzMzgyODUzMiIsImkiOiJjeERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qbG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6aHBUMmxLVVZsWFpHeFdiV3hzWkhsSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldETkNiR051VG5aaWJVWnpZVmh3YUZwSE9HbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXRE5hYUdKSE9YbEphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhbUl5TlRCYVdGWnJZakU1ZEdJeVZtdFpVMGsyU1dwQmFXWlJlRmxOUkd0RGVtTURSeWJWVktZVmhQYldaYVJ6TmxlVXB3V2tZNWJrbHFiMmxOZW1OM1RVUnJlRWxwZDJsaFYxSm1ZMGRHYm1GWE5XaEphbTlwVGxSamVFOUVaM2RKYVhkcFlWZFNabHBIT1hSaFZ6VndZbmxKTmtscVJUTk5SR2MxVDBOSmMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmtSemx5V2xjMGFVOXROVEZpUjNkelNXMXNkV1JIVm01amJVWnFXVmM1WmxwdFJtcGFWMHAyWWpKMFptTkhiRFJhVjNobVlVZEdhV0ZYZUhCa1IwWjVTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTllNbFl5V2xjMU1HSXhPVEJhV0U0d1dsTkpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVEwazJZbTVXYzJKRGQybGhWelV3V2xka2VWbFhUbWhpTVRsdFdWZE9iRmx0T1haaE1UbDNZVmhvYkdKR09XeGtiVloxWkVjNVpsbFhUbXhqTTA1MlNXcHZhVlZIUm01YVZscHdXbGhqYVUiLCJjIjoiIn0= HTTP/1.1
Host: r3-pages-views.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 06:03:48 GMT
content-type: application/json
content-length: 31
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 875a36cd3a28930d-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/css.css

104.17.209.68

200 OK

5.5 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/css.css
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23775), with no line terminators
Size
5.5 kB (5458 bytes)
Hash
06f9449818c01039f25e5cd4686d9c8a
a2fd5ef535a23063f5c3c25f98d6787e61da5221
72c418a30aff20bae37c91da77adf77d1c0381d97577f7f4b1a81b99bb19c71d

HTTP Headers

GET /security-fanpages.pages.net.br-gtm-links/1713139816/css.css HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 06:03:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"06f9449818c01039f25e5cd4686d9c8a"
Last-Modified: Mon, 15 Apr 2024 00:10:17 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Thu, 17 Apr 2025 06:03:48 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 875a36cd3aa292ce-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/js.js

104.17.209.68

200 OK

27 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/js.js
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15962), with CRLF line terminators
Size
27 kB (26752 bytes)
Hash
9e1e3b8f220e54ea9f763ecaa8433e58
78af107e567e0cd14771a65dfc455d692426f142
6bee1ad505d1238184c850e05ecb7083d20aafc8538b890c4d542ba8e9e6ed2c

HTTP Headers

GET /security-fanpages.pages.net.br-gtm-links/1713139816/js.js HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 06:03:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"9e1e3b8f220e54ea9f763ecaa8433e58"
Last-Modified: Mon, 15 Apr 2024 00:10:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Thu, 17 Apr 2025 06:03:48 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 875a36cd3e129304-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

security-fanpages.pages.net.br/cdn-cgi/rum?

104.18.43.16

204 No Content

0 B

URL POST HTTP/3
security-fanpages.pages.net.br/cdn-cgi/rum?
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerLet's Encrypt
Subjectpages.net.br
Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63
ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: security-fanpages.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 3601
Origin: https://security-fanpages.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/gtm-links
Cookie: __cf_bm=KdHquVHJ3FyJuHMvLeItfgAZXIbNyVdvfbg2W80pFds-1713333828-1.0.1.1-mH7n7I.vOupO_XALMVk_BiwkLyuSjbbGQ4lvolvRMLzgymLWo6bpu92SlRXrSO5DCJ9q7XkgEy_NEvfAS8fiEw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Wed, 17 Apr 2024 06:03:49 GMT
access-control-allow-origin: https://security-fanpages.pages.net.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 875a36cf4a1e92d6-CPH
x-frame-options: DENY
x-content-type-options: nosniff

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.79.73

200 OK

9.5 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
9.5 kB (9516 bytes)
Hash
3ef244692df80a91e80308e630343e0e
2b473dee27a37b117afb4b86c51df311a4c29a7e
90173519a35239db9334100f664d704c06cad80293a76c2a7140780f355aa04d

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://security-fanpages.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 06:03:48 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a36cce84cabd5-CPH
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://security-fanpages.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 530929
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://security-fanpages.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 530929
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://security-fanpages.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 48971
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a09c4165948011.jpg

104.17.209.68

200 OK

8.3 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a09c4165948011.jpg
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 359x202, components 3
Size
8.3 kB (8250 bytes)
Hash
aea1b5ceef56c59ba09b97a61e765ded
7be38dce077d87f83bc2ca2b58d10bed96e2c805
b17baac0bb42b458551824f223e82a9f5d6c67547cfe486f2e956198d599f135

HTTP Headers

GET /security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a09c4165948011.jpg HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 06:03:49 GMT
Content-Type: image/jpeg
Content-Length: 8250
Connection: keep-alive
ETag: "aea1b5ceef56c59ba09b97a61e765ded"
Last-Modified: Mon, 15 Apr 2024 00:10:17 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Thu, 17 Apr 2025 06:03:49 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 875a36cfde9292ce-CPH
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a0946002889250.jpg

104.17.209.68

200 OK

860 B

URL GET HTTP/1.1
cdn.greatpages.com.br/security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a0946002889250.jpg
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 75x37, components 3
Size
860 B (860 bytes)
Hash
9aef481ad8d2216387f45c625ea2a31f
dff9168c2a9cb0f5d50380c8ac46db0f29095d77
07f3f58b5f9dd2725280426b151930df862c16c2ba4c6ddf49f60ff53973b563

HTTP Headers

GET /security-fanpages.pages.net.br-gtm-links/1713139816/imagens/desktop/571880_1_1713128229661c4325a0946002889250.jpg HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 06:03:49 GMT
Content-Type: image/jpeg
Content-Length: 860
Connection: keep-alive
ETag: "9aef481ad8d2216387f45c625ea2a31f"
Last-Modified: Mon, 15 Apr 2024 00:10:17 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Thu, 17 Apr 2025 06:03:49 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 875a36cfd9f49304-CPH
alt-svc: h3=":443"; ma=86400

cdn.greatsoftwares.com.br/arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg

172.64.149.117

200 OK

21 kB

URL GET HTTP/2
cdn.greatsoftwares.com.br/arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg
IP
172.64.149.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subjectgreatsoftwares.com.br
Fingerprint96:B6:5C:22:35:FE:CA:7C:23:16:AA:F8:FC:7B:DF:3C:0A:4A:8E:A9
ValiditySun, 07 Apr 2024 02:09:24 GMT - Sat, 06 Jul 2024 02:09:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 200x200, components 3
Size
21 kB (20702 bytes)
Hash
b72d4c8c5d43b92da6346aa170ee5fc5
4b1a79dafd2587503a87a722801956a749c45998
342fa71f19a2f177a181fd2082ccadc72c18afac22b07a700c90cc403cdf23b2

HTTP Headers

GET /arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg HTTP/1.1
Host: cdn.greatsoftwares.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 06:03:50 GMT
content-type: image/jpeg
content-length: 20702
x-guploader-uploadid: ABPtcPq2vYYcDeZEsxgiQAfi5cz6zyzp2Rs-7lH47QfdX-CwIXJHt6sCtas4glHdwtE9nMjXCT5evUUAtdX_QF8
cache-control: public, max-age=31536000
expires: Thu, 17 Apr 2025 06:03:50 GMT
last-modified: Mon, 08 Apr 2024 15:08:17 GMT
etag: "b72d4c8c5d43b92da6346aa170ee5fc5"
x-goog-generation: 1712588897186010
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20702
x-goog-hash: crc32c=pA8XxQ==, md5=ty1MjF1DuS2mNGqhcO5fxQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875a36d04f8692d3-CPH
X-Firefox-Spdy: h2

cdn.greatsoftwares.com.br/arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg

172.64.149.117

200 OK

2.6 kB

URL GET HTTP/2
cdn.greatsoftwares.com.br/arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg
IP
172.64.149.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subjectgreatsoftwares.com.br
Fingerprint96:B6:5C:22:35:FE:CA:7C:23:16:AA:F8:FC:7B:DF:3C:0A:4A:8E:A9
ValiditySun, 07 Apr 2024 02:09:24 GMT - Sat, 06 Jul 2024 02:09:23 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.6 kB (2622 bytes)
Hash
a4c6824e512c2e64000b91b18a8d0a5d
4a675590703c8822fb0dbd32f6e9b0f024876a95
cb25c190725efef16f16257686f1887af948f3afb4169dc37a78fc3735aee5d2

HTTP Headers

GET /arquivos/paginas/370091-23116e76ea3183b21bacb4f843bcbc7e.jpg HTTP/1.1
Host: cdn.greatsoftwares.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 06:03:50 GMT
content-type: image/webp
content-length: 2622
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=20702
content-disposition: inline; filename="370091-23116e76ea3183b21bacb4f843bcbc7e.webp"
vary: Accept
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
etag: "b72d4c8c5d43b92da6346aa170ee5fc5"
expires: Thu, 17 Apr 2025 06:03:50 GMT
last-modified: Mon, 08 Apr 2024 15:08:17 GMT
x-goog-generation: 1712588897186010
x-goog-hash: crc32c=pA8XxQ==, md5=ty1MjF1DuS2mNGqhcO5fxQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20702
x-guploader-uploadid: ABPtcPq2vYYcDeZEsxgiQAfi5cz6zyzp2Rs-7lH47QfdX-CwIXJHt6sCtas4glHdwtE9nMjXCT5evUUAtdX_QF8
cf-cache-status: HIT
age: 0
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875a36d04f8b92d3-CPH
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.106

200 OK

33 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://security-fanpages.pages.net.br/gtm-links
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
33 kB (32688 bytes)
Hash
6db8e34051d2aa7a381c147aeed707a2
aa0a308fab9759d7d5ebb3acef8718f046aa28e3
83ce6011d294e20493cb3b1609ef50c7df06a76aac724379ab47881f0a6f6950

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security-fanpages.pages.net.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 06:03:49 GMT
date: Wed, 17 Apr 2024 06:03:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

security-fanpages.pages.net.br/gtm-links

104.18.43.16

200 OK

45 kB

URL User Request GET HTTP/2
security-fanpages.pages.net.br/gtm-links
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpages.net.br
Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63
ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT

File type

Size
45 kB (45286 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gtm-links HTTP/1.1
Host: security-fanpages.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 06:03:48 GMT
content-type: text/html
cache-control: max-age=0
great-server: GreatApps
great-service: gpages-r3-pages
set-cookie: __cf_bm=KdHquVHJ3FyJuHMvLeItfgAZXIbNyVdvfbg2W80pFds-1713333828-1.0.1.1-mH7n7I.vOupO_XALMVk_BiwkLyuSjbbGQ4lvolvRMLzgymLWo6bpu92SlRXrSO5DCJ9q7XkgEy_NEvfAS8fiEw; path=/; expires=Wed, 17-Apr-24 06:33:48 GMT; domain=.security-fanpages.pages.net.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a36c94d6d8f61-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP