Report - uclck.ru/YNxpE

Report Overview

Visited public
2023-09-30 11:59:18
Tags
URL
uclck.ru/YNxpE
Finishing URL
oiu8iretz.pages.dev.br/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-29 23:21:57	2.2 kB	118 kB	216.58.207.227
r3-pages-views.greatpages.com.br	unknown	2020-01-22	2022-12-22 15:46:40	2023-09-29 15:48:59	2.0 kB	331 B	104.17.209.68
uclck.ru	unknown	2022-01-19	2022-01-19 23:11:36	2023-07-07 15:03:58	472 B	39 kB	188.114.97.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-29 21:07:23	536 B	22 kB	142.250.74.138
cdn.greatpages.com.br	unknown	2020-01-22	2020-10-04 12:55:49	2023-09-29 15:48:58	1.9 kB	131 kB	104.17.209.68
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-09-29 18:12:34	510 B	34 kB	104.16.56.101
cdn.greatapps.com.br	unknown	2021-04-29	2022-12-13 02:10:55	2023-09-29 14:31:03	448 B	3.0 kB	104.16.140.234
oiu8iretz.pages.dev.br	unknown	2021-03-10	2023-09-29 22:12:12	2023-09-30 03:43:11	1.6 kB	39 kB	104.18.43.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-29	medium	oiu8iretz.pages.dev.br/	Facebook, Inc.
2023-09-29	medium	oiu8iretz.pages.dev.br/	Facebook, Inc.
2023-09-29	medium	oiu8iretz.pages.dev.br/	Facebook, Inc.
2023-09-29	medium	uclck.ru/YNxpE	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-30	medium	uclck.ru	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	oiu8iretz.pages.dev.br/	ScriptElement	202 B	2024-08-21	2024-08-21
Pretty URL oiu8iretz.pages.dev.br/ IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:28 Last Seen2024-08-21 05:28 Times Seen2 Hash 0fd876acb2c265e7248347db76a8ec43 cd599adf88d2294d116098d10574445084939ff7 86300526160b9425eb7bc8ce964175c63631203a608bd52f1de06b329efba5c5 Loading...

	oiu8iretz.pages.dev.br/	ScriptElement	222 B	2024-08-21	2024-08-21
Pretty URL oiu8iretz.pages.dev.br/ IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:28 Last Seen2024-08-21 05:28 Times Seen2 Hash 36c9eb32ee55258a56b2581c9d932e67 f80d96e96e0d704fd7ccdb578bfc887fea3f8b28 0bde38a9e1431107ade030c4a29ff24af3cf4239f2ad174caa8624f7c9b5ff3b Loading...

	static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854	ScriptElement	20 kB	2023-07-20	2025-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-20 20:39 Last Seen2025-04-26 10:13 Times Seen7605 Hash efeb2542712dce8a2c51cf68396e4a05 ac9ce350c598644c7b7f6186aaf0368eb077d396 c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Loading...

	cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/js.js	ScriptElement	118 kB	2024-08-21	2024-08-21
Pretty URL cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/js.js IP 104.17.209.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:28 Last Seen2024-08-21 05:28 Times Seen1 Hash fcc423ad53dd93b7658a1ac83b188ffd ac2221f33e2f36fa592ea302c4c59ddf2f1c826b 432799cca5410caf8520f28fb6d20fa9034ac482b77cd4b492a8eea0845ec7b8 Loading...

HTTP Transactions (16)

URL IP Response Size

cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/css.css

104.17.209.68

200 OK

5.4 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/css.css
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23372), with no line terminators
Size
5.4 kB (5390 bytes)
Hash
aeff40a345dee30a2832b52e5eb7e046
113a15ae973d45f3c95cc87860d1021ccf68f5b4
7cd684139d86fdd64582a8d2e26e0738ebe2b1d9454e1db69d9a9fe3a7688d94

HTTP Headers

GET /oiu8iretz.pages.dev.br/1695998572/css.css HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 30 Sep 2023 11:59:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=23775
ETag: W/"06f9449818c01039f25e5cd4686d9c8a"
Last-Modified: Fri, 29 Sep 2023 14:42:54 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 21
Expires: Sun, 29 Sep 2024 11:59:01 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 80ec4c2289305691-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

104.16.56.101

200 OK

34 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
IP
104.16.56.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
34 kB (33491 bytes)
Hash
cde3102bd8f2fee962e73d0d44f195ee
c9a63bb2f98eee66c7280f4812e846bc5eb7b8e7
797b640b42234864ef8cb6720a4000fa7abf18d863a5f5b601ee7299c9033135

HTTP Headers

GET /beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 30 Sep 2023 11:59:01 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.7.1"
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 80ec4c225f4456af-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.greatapps.com.br/_greatpages/default.ico

104.16.140.234

2.4 kB

URL GET
cdn.greatapps.com.br/_greatpages/default.ico
IP
104.16.140.234:0
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatapps.com.br
FingerprintB3:01:21:DF:4B:6D:51:1F:1F:50:71:A5:5C:96:6A:22:A3:F2:2F:E8
ValidityTue, 13 Dec 2022 00:00:00 GMT - Wed, 13 Dec 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Size
2.4 kB (2429 bytes)
Hash
0b9e3a6603b2f6b07aae446a03dd19ee
c4d246d42d0df2936b877c1e8dde52dc19827b81
ebeb64f7dc27cbaa3bbb2322a37a0fd9e3af28a14166087760b641d934b53f3e

HTTP Headers

GET /_greatpages/default.ico HTTP/1.1
Host: cdn.greatapps.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 30 Sep 2023 11:59:01 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"0b9e3a6603b2f6b07aae446a03dd19ee"
Last-Modified: Tue, 29 Aug 2023 17:30:27 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1320736
Expires: Sun, 29 Sep 2024 11:59:01 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 80ec4c23da0cb527-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

oiu8iretz.pages.dev.br/cdn-cgi/rum?

104.18.43.16

204 No Content

0 B

URL POST HTTP/3
oiu8iretz.pages.dev.br/cdn-cgi/rum?
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerLet's Encrypt
Subjectpages.dev.br
FingerprintD6:BD:79:7A:E2:53:2D:CE:C1:EC:3F:96:70:C7:B4:97:15:DE:99:1B
ValidityThu, 17 Aug 2023 08:00:19 GMT - Wed, 15 Nov 2023 08:00:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: oiu8iretz.pages.dev.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1762
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Cookie: __cf_bm=PxKtuK0eIwO9_s__K6n4EOlX1J8MWRG9oUX2wYyvNWc-1696075141-0-AaJ/JcPFC1KtsMtGNfslfqTZ0uC1Owr+WiRtNAk7SuWzgO09wfV94XDgXnbwP3Cq7zf5jtzQ7POOk6XAJum4eZo=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 30 Sep 2023 11:59:01 GMT
access-control-allow-origin: https://oiu8iretz.pages.dev.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 80ec4c245e4d5697-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599712274242424.png

104.17.209.68

200 OK

3.3 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599712274242424.png
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.3 kB (3258 bytes)
Hash
edccf5f6e1af4c8836d45ee763e53261
4f1267aee14ce82a3825e062995bccfbb6553d4f
038b6948790ad9955cc40cf7b142a87a755bcddfa77891a40319bc7ba83d8456

HTTP Headers

GET /oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599712274242424.png HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 30 Sep 2023 11:59:01 GMT
Content-Type: image/webp
Content-Length: 3258
Connection: keep-alive
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origFmt=png, origSize=4179
Content-Disposition: inline; filename="324123_1_169599712274242424.webp"
ETag: "0823e735899d99548fbe42f67da0907d"
Last-Modified: Fri, 29 Sep 2023 14:42:53 GMT
Vary: Accept
CF-Cache-Status: HIT
Age: 21
Expires: Sun, 29 Sep 2024 11:59:01 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 80ec4c24eb7a5691-OSL
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599762542099183.webp

104.17.209.68

200 OK

1.7 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599762542099183.webp
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1686 bytes)
Hash
4546d17b93b0b6d05d8726e6f04cab3b
75c7e8fdbf3a01ea114e786196db71279b5d845b
ed35bce95a956e9ce3259552a9b73a95d704bf0cf3f1152eca19f50a2f6be76b

HTTP Headers

GET /oiu8iretz.pages.dev.br/1695998572/imagens/desktop/324123_1_169599762542099183.webp HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 30 Sep 2023 11:59:01 GMT
Content-Type: image/webp
Content-Length: 1686
Connection: keep-alive
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origFmt=png, origSize=2443
Content-Disposition: inline; filename="324123_1_169599762542099183.webp"
ETag: "a68e891b1d7890de48c3c7534820c7f7"
Last-Modified: Fri, 29 Sep 2023 14:42:53 GMT
Vary: Accept
CF-Cache-Status: HIT
Age: 21
Expires: Sun, 29 Sep 2024 11:59:01 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 80ec4c2558b55693-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 09:00:39 GMT
expires: Wed, 25 Sep 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 356302
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Sep 2023 04:50:55 GMT
expires: Fri, 27 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 198486
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 03:57:34 GMT
expires: Wed, 25 Sep 2024 03:57:34 GMT
cache-control: public, max-age=31536000
age: 374487
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 10:05:24 GMT
expires: Sat, 28 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 93217
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiS2JHUkliM1ZqUjBadVdsaE5kVnBIVmpKTWJVcDVUSGR3VDJwdGIwd3haQVJVUkZaVzQwUWxZMFJFdEpkemxoU0ZJd1kwaE5Oa3g1T1haaFdGVTBZVmgiLCJkIjoiMjAyMy0wOS0zMCAxMTo1OTowMiIsImUiOiJHUGFnZXMuOTQ2NzE2OTYwNzUxNDIxODAiLCJpIjoiYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKR2FscFlUbnBpTVRsM1dsaEtlbUl5TldoaVIydzJXVmRTZGtscWNIVmtWM2h6VEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelFuQmxSMVp6V0RKV01scFhOVEJpZVVrMlNXeENhRm95VmxkaFYxWXpTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtWTBkV2VXTXlPWFZaVjNod1pXMUdhMko1U1RaaWJsWnpZa04zYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtV1RJNWRXUkhWakZhUnpsbVpHMUdjMkl6U1dsUGJUVXhZa2QzYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKT2RtSnVVbXhrVjFKMldESXhkbHBYVW1oSmFtOXBUVU5LT1V4ak1rVkVaV1p2TVVRMVMzVnNPV2xvWmxWMlZVZGxlVXB3V2tZNWJrbHFiMmxPYW1NelRWUkJhVXhEU25CYVJqbDNXVmRrY0dKdFJXbFBhVWw2VFdwUmVFMXFUV2xNUTBwd1drWTVhMkl5TVhCaWJXeDJTV3B2YVUxVVJUQlBWRWt5U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9UQmlNblJzWW1sSk5tSnVWbk5pUTNkcFlWYzFNRnBYWkhsWlYwNW9ZakU1YlZsWFRteFpiVGwyWVRFNWQyRllhR3hpUmpsdldWZEtjR0pIYkRCWldFbHBUMjAxTVdKSGQzTkpiV3gxWkVkV2JtTnRSbXBaVnpsbVdtMUdhbHBYU25aaU1uUm1ZMGRzTkZwWGVHWmFXRnBzWW01U2RsZ3pVbXhqTTFKc1NXcHdkV1JYZUhOTVEwcHdZbTVTYkZvelNtaFpNa1oyV0RKYWFGa3lWbWxpTWpseVdETkNjR1ZIVm5OSmFuQjFaRmQ0YzB4RFNuQmlibEpzV2pOS2FGa3lSblpZTWxwb1dUSldhV0l5T1hKWU0wSndaVWRXYzFneVZqSmFWelV3WWpFNWFGa3lWbnBqTWpocFQybEtVVmxYWkd4V2JXeHNaSGxKIiwiYyI6IiJ9

104.17.209.68

200 OK

31 B

URL GET HTTP/2
r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiS2JHUkliM1ZqUjBadVdsaE5kVnBIVmpKTWJVcDVUSGR3VDJwdGIwd3haQVJVUkZaVzQwUWxZMFJFdEpkemxoU0ZJd1kwaE5Oa3g1T1haaFdGVTBZVmgiLCJkIjoiMjAyMy0wOS0zMCAxMTo1OTowMiIsImUiOiJHUGFnZXMuOTQ2NzE2OTYwNzUxNDIxODAiLCJpIjoiYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKR2FscFlUbnBpTVRsM1dsaEtlbUl5TldoaVIydzJXVmRTZGtscWNIVmtWM2h6VEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelFuQmxSMVp6V0RKV01scFhOVEJpZVVrMlNXeENhRm95VmxkaFYxWXpTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtWTBkV2VXTXlPWFZaVjNod1pXMUdhMko1U1RaaWJsWnpZa04zYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtV1RJNWRXUkhWakZhUnpsbVpHMUdjMkl6U1dsUGJUVXhZa2QzYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKT2RtSnVVbXhrVjFKMldESXhkbHBYVW1oSmFtOXBUVU5LT1V4ak1rVkVaV1p2TVVRMVMzVnNPV2xvWmxWMlZVZGxlVXB3V2tZNWJrbHFiMmxPYW1NelRWUkJhVXhEU25CYVJqbDNXVmRrY0dKdFJXbFBhVWw2VFdwUmVFMXFUV2xNUTBwd1drWTVhMkl5TVhCaWJXeDJTV3B2YVUxVVJUQlBWRWt5U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9UQmlNblJzWW1sSk5tSnVWbk5pUTNkcFlWYzFNRnBYWkhsWlYwNW9ZakU1YlZsWFRteFpiVGwyWVRFNWQyRllhR3hpUmpsdldWZEtjR0pIYkRCWldFbHBUMjAxTVdKSGQzTkpiV3gxWkVkV2JtTnRSbXBaVnpsbVdtMUdhbHBYU25aaU1uUm1ZMGRzTkZwWGVHWmFXRnBzWW01U2RsZ3pVbXhqTTFKc1NXcHdkV1JYZUhOTVEwcHdZbTVTYkZvelNtaFpNa1oyV0RKYWFGa3lWbWxpTWpseVdETkNjR1ZIVm5OSmFuQjFaRmQ0YzB4RFNuQmlibEpzV2pOS2FGa3lSblpZTWxwb1dUSldhV0l5T1hKWU0wSndaVWRXYzFneVZqSmFWelV3WWpFNWFGa3lWbnBqTWpocFQybEtVVmxYWkd4V2JXeHNaSGxKIiwiYyI6IiJ9
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerLet's Encrypt
Subjectgreatpages.com.br
FingerprintC1:E1:66:0C:C6:F5:55:7E:8A:64:57:41:DE:90:DE:AB:35:99:C3:E4
ValidityFri, 18 Aug 2023 03:25:28 GMT - Thu, 16 Nov 2023 03:25:27 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
31 B (31 bytes)
Hash
b1a8ecd5c3f464c5ae872401ae1929c1
ec82b7e06d38b93eba0dd68108140711cfa86eb5
49d1cf6777396141389bf9230460e84cc9bf6260594eb25095297d5ab3098b90

HTTP Headers

GET /?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiS2JHUkliM1ZqUjBadVdsaE5kVnBIVmpKTWJVcDVUSGR3VDJwdGIwd3haQVJVUkZaVzQwUWxZMFJFdEpkemxoU0ZJd1kwaE5Oa3g1T1haaFdGVTBZVmgiLCJkIjoiMjAyMy0wOS0zMCAxMTo1OTowMiIsImUiOiJHUGFnZXMuOTQ2NzE2OTYwNzUxNDIxODAiLCJpIjoiYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKR2FscFlUbnBpTVRsM1dsaEtlbUl5TldoaVIydzJXVmRTZGtscWNIVmtWM2h6VEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelFuQmxSMVp6V0RKV01scFhOVEJpZVVrMlNXeENhRm95VmxkaFYxWXpTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtWTBkV2VXTXlPWFZaVjNod1pXMUdhMko1U1RaaWJsWnpZa04zYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1hkaFdHaHNZa1k1YkdSdFZuVmtSemxtV1RJNWRXUkhWakZhUnpsbVpHMUdjMkl6U1dsUGJUVXhZa2QzYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKT2RtSnVVbXhrVjFKMldESXhkbHBYVW1oSmFtOXBUVU5LT1V4ak1rVkVaV1p2TVVRMVMzVnNPV2xvWmxWMlZVZGxlVXB3V2tZNWJrbHFiMmxPYW1NelRWUkJhVXhEU25CYVJqbDNXVmRrY0dKdFJXbFBhVWw2VFdwUmVFMXFUV2xNUTBwd1drWTVhMkl5TVhCaWJXeDJTV3B2YVUxVVJUQlBWRWt5U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9UQmlNblJzWW1sSk5tSnVWbk5pUTNkcFlWYzFNRnBYWkhsWlYwNW9ZakU1YlZsWFRteFpiVGwyWVRFNWQyRllhR3hpUmpsdldWZEtjR0pIYkRCWldFbHBUMjAxTVdKSGQzTkpiV3gxWkVkV2JtTnRSbXBaVnpsbVdtMUdhbHBYU25aaU1uUm1ZMGRzTkZwWGVHWmFXRnBzWW01U2RsZ3pVbXhqTTFKc1NXcHdkV1JYZUhOTVEwcHdZbTVTYkZvelNtaFpNa1oyV0RKYWFGa3lWbWxpTWpseVdETkNjR1ZIVm5OSmFuQjFaRmQ0YzB4RFNuQmlibEpzV2pOS2FGa3lSblpZTWxwb1dUSldhV0l5T1hKWU0wSndaVWRXYzFneVZqSmFWelV3WWpFNWFGa3lWbnBqTWpocFQybEtVVmxYWkd4V2JXeHNaSGxKIiwiYyI6IiJ9 HTTP/1.1
Host: r3-pages-views.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 30 Sep 2023 11:59:02 GMT
content-type: application/json
content-length: 31
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80ec4c274cb156c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

oiu8iretz.pages.dev.br/cdn-cgi/rum?

104.18.43.16

204 No Content

0 B

URL POST HTTP/3
oiu8iretz.pages.dev.br/cdn-cgi/rum?
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerLet's Encrypt
Subjectpages.dev.br
FingerprintD6:BD:79:7A:E2:53:2D:CE:C1:EC:3F:96:70:C7:B4:97:15:DE:99:1B
ValidityThu, 17 Aug 2023 08:00:19 GMT - Wed, 15 Nov 2023 08:00:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: oiu8iretz.pages.dev.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 458
Origin: https://oiu8iretz.pages.dev.br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Sat, 30 Sep 2023 11:59:14 GMT
access-control-allow-origin: https://oiu8iretz.pages.dev.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 80ec4c73ac395697-OSL
x-frame-options: DENY
x-content-type-options: nosniff

oiu8iretz.pages.dev.br/

104.18.43.16

200 OK

38 kB

URL User Request GET HTTP/2
oiu8iretz.pages.dev.br/
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpages.dev.br
FingerprintD6:BD:79:7A:E2:53:2D:CE:C1:EC:3F:96:70:C7:B4:97:15:DE:99:1B
ValidityThu, 17 Aug 2023 08:00:19 GMT - Wed, 15 Nov 2023 08:00:18 GMT

File type

Size
38 kB (37784 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: oiu8iretz.pages.dev.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 30 Sep 2023 11:59:01 GMT
content-type: text/html
cache-control: max-age=0
g-pages: v0.00.48
set-cookie: __cf_bm=PxKtuK0eIwO9_s__K6n4EOlX1J8MWRG9oUX2wYyvNWc-1696075141-0-AaJ/JcPFC1KtsMtGNfslfqTZ0uC1Owr+WiRtNAk7SuWzgO09wfV94XDgXnbwP3Cq7zf5jtzQ7POOk6XAJum4eZo=; path=/; expires=Sat, 30-Sep-23 12:29:01 GMT; domain=.oiu8iretz.pages.dev.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 80ec4c1e681db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

uclck.ru/YNxpE

188.114.97.1

301 Moved Permanently

38 kB

URL User Request GET HTTP/2
uclck.ru/YNxpE
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectuclck.ru
Fingerprint67:57:35:A2:8E:21:91:E1:99:3A:1F:F9:E5:18:C3:D8:08:1D:C2:52
ValidityFri, 11 Aug 2023 07:39:17 GMT - Thu, 09 Nov 2023 07:39:16 GMT

File type

Size
38 kB (37784 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YNxpE HTTP/1.1
Host: uclck.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 30 Sep 2023 11:59:00 GMT
content-type: text/html; charset=UTF-8
location: https://oiu8iretz.pages.dev.br/
x-powered-by: PHP/8.0.28
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=jkntqsuoql39ufesiislnofnrh; path=/
short_28735=1; expires=Sat, 30-Sep-2023 12:14:00 GMT; Max-Age=900; path=/; HttpOnly
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxHi2HIuxU7nqWumT84zUhihViQo9AyXjh7QfDG0dRztVlZVFf89p%2FuhNg2ClkWMmUHC3EnY9p7sD%2FSAQ22jUl4tV7K0LVLYaF%2FGXboq0YJpMys5Q1QjDRaNrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ec4c176ccb0b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/js.js

104.17.209.68

200 OK

118 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/oiu8iretz.pages.dev.br/1695998572/js.js
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type

Size
118 kB (117869 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /oiu8iretz.pages.dev.br/1695998572/js.js HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 30 Sep 2023 11:59:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=129743
ETag: W/"e56f78e687b12d7aaa9cad0e407c3599"
Last-Modified: Fri, 29 Sep 2023 14:42:54 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 21
Expires: Sun, 29 Sep 2024 11:59:01 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 80ec4c22e99c5691-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.138

200 OK

21 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://oiu8iretz.pages.dev.br/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text
Size
21 kB (20880 bytes)
Hash
cfd2bfa9a48d5801a392162c7f5f6974
3605f19972d3d38d04e065e94e4cce99518dfa25
6f87cc6bf2ce4e626bb979716def2d03c0b868f416400c94c9a3a2cb158f708e

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oiu8iretz.pages.dev.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 30 Sep 2023 11:59:01 GMT
date: Sat, 30 Sep 2023 11:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1