Report - facebook.lojaseofertas.com/

Report Overview

Submitted URL
facebook.lojaseofertas.com/
IP
172.67.192.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 18:10:43
Access
public
Website Title
Facebook
Final URL
facebook.lojaseofertas.com/
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
7
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.9 kB	124 kB	142.250.74.164
clients1.google.com	415	1997-09-15	2013-02-01	2024-04-24	438 B	200 B	142.250.74.110
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	458 B	4.6 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	433 B	89 kB	142.250.74.40
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	1.3 kB	53 kB	151.101.1.229
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	1.6 kB	58 kB	216.58.207.227
facebook.lojaseofertas.com	unknown	2006-02-27	2024-01-20	2024-02-14	2.8 kB	791 kB	172.67.192.233
cse.google.com	2642	1997-09-15	2015-03-18	2024-04-25	878 B	191 kB	142.250.74.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.
2024-04-25	medium	facebook.lojaseofertas.com/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js	43 kB	2023-03-07	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-05-05 08:19:25 Times Seen34790 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js	23 kB	2024-01-20	2024-04-25
Pretty URL cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen6 Hash 7dd32951d1660446c9886d83918e6cd2 0994ab03599ef03be1168d75a962f4ec9b5cb4d3 82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb Loading...

	facebook.lojaseofertas.com/sandbox%20eval%20code	128 B	2023-05-06	2024-05-05
Pretty URL facebook.lojaseofertas.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-05 10:39:02 Times Seen21373 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	facebook.lojaseofertas.com/	156 B	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/ IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash da50b1c772a2c8659ce20deeb555f07e 7d0f198ec3995729016d22099163f738edcb47c0 a4fef8bb99b1d5982fb38dfac68eb27d9bb60061920fb2b4b4edab5937b747ef Loading...

	www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD	250 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:10:44 Last Seen2024-04-25 20:10:44 Times Seen2 Hash 67e61d180f1ad3b50d2fd13798a205e0 e2eabfdd6a4cd4a0f01e7ee5f888afe15debe28f 96f9b5b8a6e315592428710fac75a2b249b844fc964aa0137e0fb53a2ebca8ee Loading...

	cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244	5.9 kB	2024-04-25	2024-04-25
Pretty URL cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244 IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:10:44 Last Seen2024-04-25 20:10:44 Times Seen2 Hash a8a6e306f56126e93b076bdbcac9defa fa21c765c016d0720298f0ddd49ecf87c7e3dd25 75c1a93adc722d02bf0f34ee3c73b95256ed9c1920797a8999e9eba7d0992079 Loading...

	www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D	326 kB	2024-01-20	2024-04-25
Pretty URL www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen14 Hash c39ba69a1a8973ce857216a27ded5b9d 4c067c1b284606f654a9a4f9fddc426aa717907e 1067af948a37ab1a2518f29dcc20b3abb85d8079a601c10636a4be67955bad6a Loading...

	facebook.lojaseofertas.com/	454 B	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/ IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash 2f15a4c36553f502bebe1ac3e3069609 38eeb92a2d2b452a40d0a596a8df71e0c431971c 37151f25fe55127c98ee0ad3aaab2795bb38b318c7308a1cd9cd6b8dc7702179 Loading...

	facebook.lojaseofertas.com/js/scripts.min.js	2.3 kB	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/js/scripts.min.js IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash aad5bfeb3b703fc7700a2697608534f7 48c30b4c66df9ec1d2398887a8907d4469b4d6a2 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9 Loading...

	facebook.lojaseofertas.com/js/ads.js	10 kB	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/js/ads.js IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash da6f88677dbbaa8f55bece19352e1b9d 347ffcfedab8b8d4f2ebc3a39d12e3a0435bd427 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03 Loading...

	facebook.lojaseofertas.com/	150 B	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/ IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash 0a4c145d5e7a9d7f6e06557a654dc0f1 21d27042d60807b2f0f470d74ee0b5d4cbf3c7ba fa7fb4bbcb9d1a62f26a47f978edc44904c7b868abf4ceb06429b79683c365bb Loading...

	facebook.lojaseofertas.com/	598 B	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/ IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash 57bb371424bf005567a0bd2b9b565211 7f2c0b0c44ab4c0f2c56df6c04c38c37816bafe5 ceb112f2daa0adc33fda9d9423e1336e5303a4026d61591d0016ee6c3dd0b8ad Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	1.6 kB	2023-05-06	2024-05-05
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-05 10:39:02 Times Seen21236 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	cse.google.com/adsense/search/async-ads.js	187 kB	2024-04-19	2024-04-25
Pretty URL cse.google.com/adsense/search/async-ads.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 09:38:58 Last Seen2024-04-25 20:10:44 Times Seen6 Hash d08ab029b675980ba98ff05a2c1181ff 22e59c825debede6d18db2ecdf361f9ffc438eeb 829dd937b06e88c18cb9ee5093527f309566edea9dd10fc47eac0b9d65592a67 Loading...

	cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js	87 kB	2023-03-07	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-05 11:50:54 Times Seen108721 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	facebook.lojaseofertas.com/	153 B	2024-01-20	2024-04-25
Pretty URL facebook.lojaseofertas.com/ IP 172.67.192.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 15:54:37 Last Seen2024-04-25 20:10:44 Times Seen3 Hash 048ea91d6cc534406dc1b6e29f5dbb01 471a9a3132c13817889243303f1f685bfca5b877 42600e8bac107ba9c857803a437bdc059c13bd82861be9146a4eb0996fa62628 Loading...

HTTP Transactions (21)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD

142.250.74.40

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
89 kB (88688 bytes)
Hash
67e61d180f1ad3b50d2fd13798a205e0
e2eabfdd6a4cd4a0f01e7ee5f888afe15debe28f
96f9b5b8a6e315592428710fac75a2b249b844fc964aa0137e0fb53a2ebca8ee

HTTP Headers

GET /gtag/js?id=G-NVYCR0PXBD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 18:10:16 GMT
expires: Thu, 25 Apr 2024 18:10:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

151.101.1.229

200 OK

32 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
32 kB (32029 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /npm/jquery@3.3.1/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.3.1
x-jsd-version-type: version
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:10:16 GMT
age: 8682510
x-served-by: cache-fra-eddf8230090-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32029
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

151.101.1.229

200 OK

7.2 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (22853)
Size
7.2 kB (7202 bytes)
Hash
7dd32951d1660446c9886d83918e6cd2
0994ab03599ef03be1168d75a962f4ec9b5cb4d3
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

HTTP Headers

GET /npm/flexslider@2.7.1/jquery.flexslider.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.7.1
x-jsd-version-type: version
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
content-encoding: br
accept-ranges: bytes
age: 1613780
date: Thu, 25 Apr 2024 18:10:16 GMT
x-served-by: cache-fra-etou8220085-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7202
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

151.101.1.229

200 OK

11 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (42862)
Size
11 kB (11325 bytes)
Hash
d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:10:16 GMT
age: 7184114
x-served-by: cache-fra-eddf8230096-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11325
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21144, version 1.0
Size
21 kB (21144 bytes)
Hash
2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

HTTP Headers

GET /s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.lojaseofertas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 06:44:17 GMT
expires: Sun, 20 Apr 2025 06:44:17 GMT
cache-control: public, max-age=31536000
age: 473160
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21724, version 1.0
Size
22 kB (21724 bytes)
Hash
c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

HTTP Headers

GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.lojaseofertas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:30:45 GMT
expires: Fri, 25 Apr 2025 02:30:45 GMT
cache-control: public, max-age=31536000
age: 56372
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12648, version 1.0
Size
13 kB (12648 bytes)
Hash
5e79fc3b5fbdec47c02942523ae2bdbd
fdb96db25dc07b7c0573bf5a66966d12dfbb41bd
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f

HTTP Headers

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://facebook.lojaseofertas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 06:01:45 GMT
expires: Wed, 23 Apr 2025 06:01:45 GMT
cache-control: public, max-age=31536000
age: 216512
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

facebook.lojaseofertas.com/images/topo.png

172.67.192.233

200 OK

356 kB

URL GET HTTP/3
facebook.lojaseofertas.com/images/topo.png
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type
PNG image data, 979 x 250, 8-bit/color RGB, non-interlaced
Size
356 kB (356396 bytes)
Hash
e1b40a9da541d0d035d10529550d174a
e8f9302ce43b52deec61bc5edafd5dedf40a1a52
1e9885e861cf51a45c9fd90bfe03ba077a9e9c7c400b8a7ec14de046f35a296d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /images/topo.png HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:10:17 GMT
content-type: image/png
content-length: 356396
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
etag: "659cbde9-5702c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NElLp9OwZciuwVglZph%2BqYg6wpepEcUSYpcuAmAImprCvJfU4etfp3vpDGL3l%2FqEWoFdOEAtTEKf87Lzr6NoR6VfBQQglWJE%2BFGp9KMQuQPD32fTLqE5aKRXIfPlgmeZmWfvjirpGygIri2IWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a049f788345699-OSL
alt-svc: h3=":443"; ma=86400

cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

142.250.74.78

200 OK

2.4 kB

URL GET HTTP/2
cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (613)
Size
2.4 kB (2435 bytes)
Hash
a8a6e306f56126e93b076bdbcac9defa
fa21c765c016d0720298f0ddd49ecf87c7e3dd25
75c1a93adc722d02bf0f34ee3c73b95256ed9c1920797a8999e9eba7d0992079

HTTP Headers

GET /cse.js?cx=partner-pub-8847092362748368:3178482244 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-m6cmD01pTFdvVDuahu1Ftw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 25 Apr 2024 18:10:17 GMT
server: gws
content-length: 2435
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/cse/static/style/look/v4/default.css

142.250.74.164

200 OK

1.3 kB

URL GET HTTP/2
www.google.com/cse/static/style/look/v4/default.css
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
ASCII text
Size
1.3 kB (1345 bytes)
Hash
c14e45e189f801818b14f1315605a632
dd7e7fb9d156b343beef0155b41da1c847d69e41
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

HTTP Headers

GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:37:10 GMT
expires: Thu, 25 Apr 2024 18:27:10 GMT
cache-control: public, max-age=3000
age: 1987
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/cse/static/element/8435450f13508ca1/default+pt_PT.css

142.250.74.164

200 OK

9.1 kB

URL GET HTTP/2
www.google.com/cse/static/element/8435450f13508ca1/default+pt_PT.css
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
ASCII text
Size
9.1 kB (9068 bytes)
Hash
baccb7180fe061b63ed061ec10c3b0c8
bfb31590ba6e758eb8f25735b564d7e4a0919025
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

HTTP Headers

GET /cse/static/element/8435450f13508ca1/default+pt_PT.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9068
date: Thu, 25 Apr 2024 18:10:17 GMT
expires: Thu, 25 Apr 2024 18:10:17 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D

142.250.74.164

200 OK

108 kB

URL GET HTTP/3
www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (1648)
Size
108 kB (108352 bytes)
Hash
c39ba69a1a8973ce857216a27ded5b9d
4c067c1b284606f654a9a4f9fddc426aa717907e
1067af948a37ab1a2518f29dcc20b3abb85d8079a601c10636a4be67955bad6a

HTTP Headers

GET /cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 108352
date: Thu, 25 Apr 2024 18:10:17 GMT
expires: Thu, 25 Apr 2024 18:10:17 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/cse/static/images/1x/pt_PT/branding.png

142.250.74.164

200 OK

1.8 kB

URL GET HTTP/3
www.google.com/cse/static/images/1x/pt_PT/branding.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
PNG image data, 143 x 15, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1762 bytes)
Hash
82a12910730154aef5716b6354db1d45
3a07d1e38d5c14e0b35f71001a14212597c78eea
6dc4ea2cba6b644d985fc8fd84682f65bad3df0768d17566907f0b7775b0ac08

HTTP Headers

GET /cse/static/images/1x/pt_PT/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1762
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:35:33 GMT
expires: Fri, 25 Apr 2025 17:35:33 GMT
cache-control: public, max-age=31536000
age: 2084
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

clients1.google.com/generate_204

142.250.74.110

204 No Content

0 B

URL GET HTTP/2
clients1.google.com/generate_204
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 18:10:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

facebook.lojaseofertas.com/

172.67.192.233

200 OK

22 kB

URL User Request GET HTTP/2
facebook.lojaseofertas.com/
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type

Size
22 kB (21822 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:10:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UFVK7Hxk3TBLonJc%2BOopPsem5hZo1HGz5YyM%2B5qyOup8omnfsx85z5uPogjBDpMebHUO0qRFZ00%2Bk0Oq2jv%2BF8eXx%2FNzSqN%2B6BE1FONqooxu2k8T9V%2FfpByvv29odPIUfockF%2B%2BCrizcP3PWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a049f4fddf56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

facebook.lojaseofertas.com/js/scripts.min.js

172.67.192.233

200 OK

2.3 kB

URL GET HTTP/3
facebook.lojaseofertas.com/js/scripts.min.js
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2454), with no line terminators
Size
2.3 kB (2329 bytes)
Hash
270f987fcfb788d23a745e71d400e64f
4977ea5bdc035b16609b2a08c527e5d74d7cd8a1
b4a9350dc334333183a867cf8d043b0220a660fb34db51a96530845320678e48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /js/scripts.min.js HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:10:17 GMT
content-type: application/javascript
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
vary: Accept-Encoding
etag: W/"659cbde9-919"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf%2Fn6XMv1ycL0ZlA9Z25IUh1k8OUBhJ2bskUy1ttQppzvVD3aqqWcQDkDL6Aiu6I7EMANkWc7pnFj1iKKCKHjbeXDYKjBDaSQgRbjZY8dOZEiNaUL0g%2FV7pjpuTIZTjfa5Vye79YOc2h1Ydvog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a049f788405699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

facebook.lojaseofertas.com/images/favicon.ico

172.67.192.233

200 OK

189 kB

URL GET HTTP/3
facebook.lojaseofertas.com/images/favicon.ico
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
189 kB (188765 bytes)
Hash
312398fa2639db04eac37f45da4898c5
860a3704e74ceefd6a4d0d773307b4f5736e8546
5baca4215e0f28d52877414748bc3f4dcda992cd8addcef85d110d0f67bc310e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Cookie: _ga_NVYCR0PXBD=GS1.1.1714068617.1.0.1714068617.0.0.0; _ga=GA1.1.1497225764.1714068617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:10:17 GMT
content-type: image/x-icon
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
vary: Accept-Encoding
etag: W/"659cbde9-2e15d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJAj1HMGwB8U1%2Br2Nt6B4pQL%2B3Ic0dxQn0R2%2Ft%2Bk2FCdhArGPF9j%2BKN%2Fb1%2F7H22O40hUZU1JR5dmnZPZGCCn5zs40iFilOC0%2Fbbv762TMjYUY18vPTNbmQoNWuxgJnZSQGKXgHjxIC%2FkDhd51A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a049fb7e6f5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

facebook.lojaseofertas.com/css/estilo-azul.css

172.67.192.233

200 OK

207 kB

URL GET HTTP/3
facebook.lojaseofertas.com/css/estilo-azul.css
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type
ASCII text, with very long lines (59960)
Size
207 kB (206803 bytes)
Hash
c61130ad2e463d2187d5b18251d67dab
6e7a083f83d41b94a7a9b57104dde0e1494f25ab
4c4f62b8b68eb642cfd17c23cca8f64c72c3a22e21f670a8e31a3ea474f59b95

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /css/estilo-azul.css HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:10:17 GMT
content-type: text/css
last-modified: Tue, 09 Jan 2024 03:30:48 GMT
vary: Accept-Encoding
etag: W/"659cbde8-327d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuTuxr%2BQhJyzIIOAIKax8UXxOMxSFHdbhwvgNdsTPMLjMLhcjjp%2Blc2Jarmpnezy4wouZfTU8e%2B8wtveQsKzCSZJEQ320w3eS6xOnEoG9lmtlKdttyEzgyc0cNjVJXKkSI6lXo7T8y%2BIGV7CZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a049f7882e5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cse.google.com/adsense/search/async-ads.js

142.250.74.78

200 OK

187 kB

URL GET HTTP/3
cse.google.com/adsense/search/async-ads.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (2247)
Size
187 kB (187225 bytes)
Hash
d08ab029b675980ba98ff05a2c1181ff
22e59c825debede6d18db2ecdf361f9ffc438eeb
829dd937b06e88c18cb9ee5093527f309566edea9dd10fc47eac0b9d65592a67

HTTP Headers

GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 25 Apr 2024 18:10:17 GMT
expires: Thu, 25 Apr 2024 18:10:17 GMT
cache-control: private, max-age=3600
etag: "8710102545208601555"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

142.250.74.106

200 OK

3.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (4036), with no line terminators
Size
3.9 kB (3948 bytes)
Hash
fd01488fa625ef2ea771de80730c1b22
4bddcc336b4638fc922b912630d9eb3ba230583e
8244e65b08a7f24f3b254f150e38c3d0027d4265135ba4f9466bfb5a5f618684

HTTP Headers

GET /css?family=Barlow:400,700|Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 18:10:16 GMT
date: Thu, 25 Apr 2024 18:10:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

facebook.lojaseofertas.com/js/ads.js

172.67.192.233

200 OK

10 kB

URL GET HTTP/3
facebook.lojaseofertas.com/js/ads.js
IP
172.67.192.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://facebook.lojaseofertas.com/
Certificate
IssuerLet's Encrypt
Subjectlojaseofertas.com
FingerprintC3:34:AA:AC:CE:F0:DF:DB:54:61:7C:1B:1D:4F:36:60:A4:63:A0:D9
ValidityThu, 25 Apr 2024 00:09:43 GMT - Wed, 24 Jul 2024 00:09:42 GMT

File type

Size
10 kB (10149 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: facebook.lojaseofertas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facebook.lojaseofertas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:10:17 GMT
content-type: application/javascript
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
vary: Accept-Encoding
etag: W/"659cbde9-27a5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vc21ZrHJ7jhqpgScgKIBLHfVhVa22sj4B2RixtjFU1h7vOcBtRnK8KioFCXMkgleEprDGDakEf4U3k72YZL2rSqgKe43Ir16tPOO11zJSokohkQWl0bAZmpkxF%2FFMRno10iY3l4zBcndutiBeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a049f788445699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML