Report - facebook-965.pages.app.br/mn/

Report Overview

Visited public
2023-12-05 14:26:39
Tags
meta facebook phishing social
URL
facebook-965.pages.app.br/mn/
Finishing URL
facebook-965.pages.app.br/mn/
IP / ASN
172.64.144.240
#13335 CLOUDFLARENET
Title
Facebook
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-12-05 08:16:24	528 B	20 kB	104.16.56.101
cdn.greatpages.com.br	unknown	2020-01-22	2020-10-04 12:55:49	2023-12-05 12:26:26	2.0 kB	98 kB	104.17.208.68
facebook-965.pages.app.br	unknown	2021-01-25	2023-11-13 20:22:43	2023-11-22 18:17:29	1.7 kB	40 kB	104.18.43.16
cdn.greatsoftwares.com.br	585945	2020-02-08	2021-05-29 17:49:49	2023-11-30 13:40:20	502 B	2.9 kB	104.18.38.139
r3-pages-views.greatpages.com.br	unknown	2020-01-22	2022-12-22 15:46:40	2023-12-04 18:50:10	2.0 kB	331 B	104.17.209.68
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	2.2 kB	132 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	549 B	22 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	facebook-965.pages.app.br/mn/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	facebook-965.pages.app.br/mn/	ScriptElement	208 B	2024-08-20	2024-08-20
Pretty URL facebook-965.pages.app.br/mn/ IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:41 Last Seen2024-08-20 16:41 Times Seen1 Hash 105d9ad4936f5c69e66a808f1325188c 8182be8be3157a7be9246b713940857d75a80dd2 b018762493dbe6960ff07e26953d947ded7d6d04616c20b97741157332107a9d Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 13:23 Times Seen17152 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/js.js	ScriptElement	129 kB	2023-12-05	2023-12-05
Pretty URL cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/js.js IP 104.17.208.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:26 Last Seen2023-12-05 15:26 Times Seen1 Hash b723d25061e1a1e189e616b811daebfb c2eb50469d7af97258ea80b98ed064d31fc66951 073afdc0350ae387964be3f772fa03ab97c64ee727ef1c8779965b12d3ef3853 Loading...

	facebook-965.pages.app.br/mn/	ScriptElement	228 B	2024-08-20	2024-08-20
Pretty URL facebook-965.pages.app.br/mn/ IP 104.18.43.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:41 Last Seen2024-08-20 16:41 Times Seen1 Hash fe8d3484824500efe4e06c63e027e379 81c8930f6a31f93a6d35aa7cb0c91812911096cc e87ecfc0d6027ab3e24f1c487669ede6ff4185bd1158e8095e12841eef2cd7de Loading...

HTTP Transactions (15)

URL IP Response Size

cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/css.css

104.17.208.68

200 OK

5.5 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/css.css
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23775), with no line terminators
Size
5.5 kB (5458 bytes)
Hash
06f9449818c01039f25e5cd4686d9c8a
a2fd5ef535a23063f5c3c25f98d6787e61da5221
72c418a30aff20bae37c91da77adf77d1c0381d97577f7f4b1a81b99bb19c71d

HTTP Headers

GET /facebook-965.pages.app.br-mn/1699585622/css.css HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 14:26:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"06f9449818c01039f25e5cd4686d9c8a"
Last-Modified: Fri, 10 Nov 2023 03:07:04 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Wed, 04 Dec 2024 14:26:22 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 830cf6b7acf5712e-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/js.js

104.17.208.68

200 OK

28 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/js.js
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15962), with CRLF line terminators
Size
28 kB (28352 bytes)
Hash
b723d25061e1a1e189e616b811daebfb
c2eb50469d7af97258ea80b98ed064d31fc66951
073afdc0350ae387964be3f772fa03ab97c64ee727ef1c8779965b12d3ef3853

HTTP Headers

GET /facebook-965.pages.app.br-mn/1699585622/js.js HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 14:26:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"b723d25061e1a1e189e616b811daebfb"
Last-Modified: Fri, 10 Nov 2023 03:07:04 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Wed, 04 Dec 2024 14:26:22 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 830cf6b7ac8fb511-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

facebook-965.pages.app.br/cdn-cgi/rum?

104.18.43.16

204 No Content

0 B

URL POST HTTP/3
facebook-965.pages.app.br/cdn-cgi/rum?
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerLet's Encrypt
Subjectpages.app.br
FingerprintD2:A2:07:C7:0B:3A:13:5E:DF:70:9D:85:AE:AE:CE:AE:9F:B9:13:3B
ValiditySun, 15 Oct 2023 08:47:42 GMT - Sat, 13 Jan 2024 08:47:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: facebook-965.pages.app.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1752
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/mn/
Cookie: __cf_bm=UN3v5OohACV1_m.ytOe6RLAK4osqF1bKgKABY1zAhu0-1701786381-0-AQV5gPUXdhm2AgUpW9idFaSizAEjny3RtYrdlHrWJ0VF78bNAKcj4f+QAzy8uzo5X7se3JoY5aiDCATiPHVhEEk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 05 Dec 2023 14:26:22 GMT
access-control-allow-origin: https://facebook-965.pages.app.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 830cf6ba9e5156ba-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cdn.greatsoftwares.com.br/arquivos/paginas/77966-46e4bf50dc29cb08b4d5698efc3abc95.jpg

104.18.38.139

200 OK

1.8 kB

URL GET HTTP/2
cdn.greatsoftwares.com.br/arquivos/paginas/77966-46e4bf50dc29cb08b4d5698efc3abc95.jpg
IP
104.18.38.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subjectgreatsoftwares.com.br
Fingerprint67:7E:DB:D2:DC:14:C7:7B:17:48:17:20:56:DB:AB:72:C3:C7:85:09
ValidityFri, 13 Oct 2023 04:27:26 GMT - Thu, 11 Jan 2024 04:27:25 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.8 kB (1784 bytes)
Hash
b9b0f6e8ef9fbf292600227048d17221
eb7ad0a9a2e5f4c7b94e6a3c2d748d836a1ccd99
320ab059572e602645fbe2f3d9e3d14b3002dc1da1d698e76db000b46d2df622

HTTP Headers

GET /arquivos/paginas/77966-46e4bf50dc29cb08b4d5698efc3abc95.jpg HTTP/1.1
Host: cdn.greatsoftwares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:26:22 GMT
content-type: image/webp
content-length: 1784
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6532
content-disposition: inline; filename="77966-46e4bf50dc29cb08b4d5698efc3abc95.webp"
etag: "07ce73358d217d88693883b6e87cfd68"
expires: Wed, 04 Dec 2024 14:26:22 GMT
last-modified: Fri, 10 Nov 2023 03:04:43 GMT
vary: Accept
x-guploader-uploadid: ABPtcPooyHb7HS10eRRRF4RKFhtvMUJqew6aXVNaUUEIzHc3cc_MMowC-XOXjzFwwq7n3LpERc5lo2izRw
x-goog-generation: 1699585483216528
x-goog-hash: crc32c=pEgK0g==, md5=B85zNY0hfYhpOIO26Hz9aA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6532
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830cf6ba680256b7-OSL
X-Firefox-Spdy: h2

r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiNU1EVk9hbFYxWTBkR2JscFlUWFZaV0VKM1RHMUtlVXd5TVhWNlRFUXplbGhTT1FORXM1ZGxCdmJVdzVabU01YzNoaFNGSXdZMGhOTmt4NU9XMVpWMDVzV1cwNWRtRiIsImQiOiIyMDIzLTEyLTA1IDE0OjI2OjI4IiwiZSI6IkdQYWdlcy42MDkyMTcwMTc4NjM4ODM3NiIsImkiOiJjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpHYWxwWVRucGlNVGwzV2xoS2VtSXlOV2hpUjJ3MldWZFNka2xxY0hWa1YzaHpURU5LY0dKdVVteGFNMHBvV1RKR2RsZ3lXbWhaTWxacFlqSTVjbGd6UW5CbFIxWnpXREpXTWxwWE5UQmllVWsyU1d4Q2FGb3lWbGRoVjFZelNXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1XVEk1ZFdSSFZqRmFSemxtWkcxR2MySXpTV2xQYlRVeFlrZDNjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpPZG1KdVVteGtWMUoyV0RJeGRscFhVbWhKYW05cFRVTktPVTltVlhRNVRYTnNWMmR5T1dsSlVETklSM3BJYlcxbGVVcHdXa1k1YmtscWIybE9lbU0xVG1wWmFVeERTbkJhUmpsM1dWZGtjR0p0UldsUGFVbDZUbXBSZVU5VVRXbE1RMHB3V2tZNWEySXlNWEJpYld4MlNXcHZhVTFVU1RST2FtTXhTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1RCaU1uUnNZbWxKTm1KdVZuTmlRM2RwWVZjMU1GcFhaSGxaVjA1b1lqRTViVmxYVG14WmJUbDJZVEU1ZDJGWWFHeGlSamx2V1ZkS2NHSkhiREJaV0VscFQyMDFNV0pIZDNOSmJXeDFaRWRXYm1OdFJtcFpWemxtV20xR2FscFhTblppTW5SbVkwZHNORnBYZUdaYVdGcHNZbTVTZGxnelVteGpNMUpzU1dwd2RXUlhlSE5NUTBwd1ltNVNiRm96U21oWk1rWjJXREphYUZreVZtbGlNamx5V0ROQ2NHVkhWbk5KYW5CMVpGZDRjMHhEU25CaWJsSnNXak5LYUZreVJuWllNbHBvV1RKV2FXSXlPWEpZTTBKd1pVZFdjMWd5VmpKYVZ6VXdZakU1YUZreVZucGpNamhwVDJsS1VWbFhaR3hXYld4c1pIbEoiLCJjIjoiIn0=

104.17.209.68

200 OK

31 B

URL GET HTTP/2
r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiNU1EVk9hbFYxWTBkR2JscFlUWFZaV0VKM1RHMUtlVXd5TVhWNlRFUXplbGhTT1FORXM1ZGxCdmJVdzVabU01YzNoaFNGSXdZMGhOTmt4NU9XMVpWMDVzV1cwNWRtRiIsImQiOiIyMDIzLTEyLTA1IDE0OjI2OjI4IiwiZSI6IkdQYWdlcy42MDkyMTcwMTc4NjM4ODM3NiIsImkiOiJjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpHYWxwWVRucGlNVGwzV2xoS2VtSXlOV2hpUjJ3MldWZFNka2xxY0hWa1YzaHpURU5LY0dKdVVteGFNMHBvV1RKR2RsZ3lXbWhaTWxacFlqSTVjbGd6UW5CbFIxWnpXREpXTWxwWE5UQmllVWsyU1d4Q2FGb3lWbGRoVjFZelNXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1XVEk1ZFdSSFZqRmFSemxtWkcxR2MySXpTV2xQYlRVeFlrZDNjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpPZG1KdVVteGtWMUoyV0RJeGRscFhVbWhKYW05cFRVTktPVTltVlhRNVRYTnNWMmR5T1dsSlVETklSM3BJYlcxbGVVcHdXa1k1YmtscWIybE9lbU0xVG1wWmFVeERTbkJhUmpsM1dWZGtjR0p0UldsUGFVbDZUbXBSZVU5VVRXbE1RMHB3V2tZNWEySXlNWEJpYld4MlNXcHZhVTFVU1RST2FtTXhTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1RCaU1uUnNZbWxKTm1KdVZuTmlRM2RwWVZjMU1GcFhaSGxaVjA1b1lqRTViVmxYVG14WmJUbDJZVEU1ZDJGWWFHeGlSamx2V1ZkS2NHSkhiREJaV0VscFQyMDFNV0pIZDNOSmJXeDFaRWRXYm1OdFJtcFpWemxtV20xR2FscFhTblppTW5SbVkwZHNORnBYZUdaYVdGcHNZbTVTZGxnelVteGpNMUpzU1dwd2RXUlhlSE5NUTBwd1ltNVNiRm96U21oWk1rWjJXREphYUZreVZtbGlNamx5V0ROQ2NHVkhWbk5KYW5CMVpGZDRjMHhEU25CaWJsSnNXak5LYUZreVJuWllNbHBvV1RKV2FXSXlPWEpZTTBKd1pVZFdjMWd5VmpKYVZ6VXdZakU1YUZreVZucGpNamhwVDJsS1VWbFhaR3hXYld4c1pIbEoiLCJjIjoiIn0=
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerLet's Encrypt
Subjectgreatpages.com.br
Fingerprint5E:BF:CF:85:ED:B2:22:B5:D9:29:14:F9:66:0C:25:EE:49:2C:E9:63
ValidityMon, 16 Oct 2023 03:37:40 GMT - Sun, 14 Jan 2024 03:37:39 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
31 B (31 bytes)
Hash
b1a8ecd5c3f464c5ae872401ae1929c1
ec82b7e06d38b93eba0dd68108140711cfa86eb5
49d1cf6777396141389bf9230460e84cc9bf6260594eb25095297d5ab3098b90

HTTP Headers

GET /?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiNU1EVk9hbFYxWTBkR2JscFlUWFZaV0VKM1RHMUtlVXd5TVhWNlRFUXplbGhTT1FORXM1ZGxCdmJVdzVabU01YzNoaFNGSXdZMGhOTmt4NU9XMVpWMDVzV1cwNWRtRiIsImQiOiIyMDIzLTEyLTA1IDE0OjI2OjI4IiwiZSI6IkdQYWdlcy42MDkyMTcwMTc4NjM4ODM3NiIsImkiOiJjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpHYWxwWVRucGlNVGwzV2xoS2VtSXlOV2hpUjJ3MldWZFNka2xxY0hWa1YzaHpURU5LY0dKdVVteGFNMHBvV1RKR2RsZ3lXbWhaTWxacFlqSTVjbGd6UW5CbFIxWnpXREpXTWxwWE5UQmllVWsyU1d4Q2FGb3lWbGRoVjFZelNXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1ZMGRXZVdNeU9YVlpWM2h3WlcxR2EySjVTVFppYmxaellrTjNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPWGRoV0doc1lrWTViR1J0Vm5Wa1J6bG1XVEk1ZFdSSFZqRmFSemxtWkcxR2MySXpTV2xQYlRVeFlrZDNjMGx0YkhWa1IxWnVZMjFHYWxsWE9XWmFiVVpxV2xkS2RtSXlkR1pqUjJ3MFdsZDRabHBZV214aWJsSjJXREpPZG1KdVVteGtWMUoyV0RJeGRscFhVbWhKYW05cFRVTktPVTltVlhRNVRYTnNWMmR5T1dsSlVETklSM3BJYlcxbGVVcHdXa1k1YmtscWIybE9lbU0xVG1wWmFVeERTbkJhUmpsM1dWZGtjR0p0UldsUGFVbDZUbXBSZVU5VVRXbE1RMHB3V2tZNWEySXlNWEJpYld4MlNXcHZhVTFVU1RST2FtTXhTV2wzYVdGWE5UQmFWMlI1V1ZkT2FHSXhPVzFaVjA1c1dXMDVkbUV4T1RCaU1uUnNZbWxKTm1KdVZuTmlRM2RwWVZjMU1GcFhaSGxaVjA1b1lqRTViVmxYVG14WmJUbDJZVEU1ZDJGWWFHeGlSamx2V1ZkS2NHSkhiREJaV0VscFQyMDFNV0pIZDNOSmJXeDFaRWRXYm1OdFJtcFpWemxtV20xR2FscFhTblppTW5SbVkwZHNORnBYZUdaYVdGcHNZbTVTZGxnelVteGpNMUpzU1dwd2RXUlhlSE5NUTBwd1ltNVNiRm96U21oWk1rWjJXREphYUZreVZtbGlNamx5V0ROQ2NHVkhWbk5KYW5CMVpGZDRjMHhEU25CaWJsSnNXak5LYUZreVJuWllNbHBvV1RKV2FXSXlPWEpZTTBKd1pVZFdjMWd5VmpKYVZ6VXdZakU1YUZreVZucGpNamhwVDJsS1VWbFhaR3hXYld4c1pIbEoiLCJjIjoiIn0= HTTP/1.1
Host: r3-pages-views.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:26:22 GMT
content-type: application/json
content-length: 31
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830cf6bb188356c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:53:42 GMT
expires: Tue, 03 Dec 2024 23:53:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 52360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:43:03 GMT
expires: Tue, 03 Dec 2024 23:43:03 GMT
cache-control: public, max-age=31536000
age: 52999
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:52:12 GMT
expires: Thu, 28 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 491650
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:53:42 GMT
expires: Tue, 03 Dec 2024 23:53:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 52360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958504469894362.png

104.17.208.68

200 OK

21 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958504469894362.png
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
PNG image data, 960 x 171, 8-bit colormap, non-interlaced\012- data
Size
21 kB (20749 bytes)
Hash
77bc4175b29889a5934769d011369576
1f2a1e2c5bf73c2cc0c4de66c109ac7da57b5afc
7028ee1ff936ff293095b12d8f2dea9028c40b1042faf18386ffaf9649956c8e

HTTP Headers

GET /facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958504469894362.png HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 14:26:22 GMT
Content-Type: image/png
Content-Length: 20749
Connection: keep-alive
ETag: "77bc4175b29889a5934769d011369576"
Last-Modified: Fri, 10 Nov 2023 03:07:04 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Wed, 04 Dec 2024 14:26:22 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 830cf6bb78cd712e-OSL
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958486983877598.png

104.17.208.68

200 OK

41 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958486983877598.png
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
PNG image data, 960 x 470, 8-bit colormap, non-interlaced\012- data
Size
41 kB (41046 bytes)
Hash
c22422d8469f6a933a62a8d27e3b57f5
1ebb721d715ec8fdc44d0c398bf9363098bd8c38
10ce911beac7fd4c488c33e5ce4fcb7ab474d6b19aace757272bdf093bad5d36

HTTP Headers

GET /facebook-965.pages.app.br-mn/1699585622/imagens/desktop/364293_1_169958486983877598.png HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 14:26:23 GMT
Content-Type: image/png
Content-Length: 41046
Connection: keep-alive
ETag: "c22422d8469f6a933a62a8d27e3b57f5"
Last-Modified: Fri, 10 Nov 2023 03:07:04 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Wed, 04 Dec 2024 14:26:23 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 830cf6bae835b511-OSL
alt-svc: h3=":443"; ma=86400

facebook-965.pages.app.br/cdn-cgi/rum?

104.18.43.16

204 No Content

0 B

URL POST HTTP/3
facebook-965.pages.app.br/cdn-cgi/rum?
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerLet's Encrypt
Subjectpages.app.br
FingerprintD2:A2:07:C7:0B:3A:13:5E:DF:70:9D:85:AE:AE:CE:AE:9F:B9:13:3B
ValiditySun, 15 Oct 2023 08:47:42 GMT - Sat, 13 Jan 2024 08:47:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: facebook-965.pages.app.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 462
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/mn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Tue, 05 Dec 2023 14:26:36 GMT
access-control-allow-origin: https://facebook-965.pages.app.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 830cf714794a56ba-OSL
x-frame-options: DENY
x-content-type-options: nosniff

facebook-965.pages.app.br/mn/

104.18.43.16

200 OK

39 kB

URL User Request GET HTTP/2
facebook-965.pages.app.br/mn/
IP
104.18.43.16:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpages.app.br
FingerprintD2:A2:07:C7:0B:3A:13:5E:DF:70:9D:85:AE:AE:CE:AE:9F:B9:13:3B
ValiditySun, 15 Oct 2023 08:47:42 GMT - Sat, 13 Jan 2024 08:47:41 GMT

File type

Size
39 kB (38843 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /mn/ HTTP/1.1
Host: facebook-965.pages.app.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:26:21 GMT
content-type: text/html
cache-control: max-age=0
great-server: GreatApps
great-service: gpages-r3-pages
set-cookie: __cf_bm=UN3v5OohACV1_m.ytOe6RLAK4osqF1bKgKABY1zAhu0-1701786381-0-AQV5gPUXdhm2AgUpW9idFaSizAEjny3RtYrdlHrWJ0VF78bNAKcj4f+QAzy8uzo5X7se3JoY5aiDCATiPHVhEEk=; path=/; expires=Tue, 05-Dec-23 14:56:21 GMT; domain=.facebook-965.pages.app.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 830cf6b31d0f56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.106

200 OK

21 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
21 kB (20880 bytes)
Hash
cfd2bfa9a48d5801a392162c7f5f6974
3605f19972d3d38d04e065e94e4cce99518dfa25
6f87cc6bf2ce4e626bb979716def2d03c0b868f416400c94c9a3a2cb158f708e

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 14:26:22 GMT
date: Tue, 05 Dec 2023 14:26:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.56.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.56.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook-965.pages.app.br/mn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
20 kB (19986 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://facebook-965.pages.app.br
DNT: 1
Connection: keep-alive
Referer: https://facebook-965.pages.app.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:26:22 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 830cf6b76c27b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2