Report - page-meta-support-id85475783.pages.net.br/1

Report Overview

Visited public
2023-11-30 12:39:46
Tags
meta facebook phishing social
URL
page-meta-support-id85475783.pages.net.br/1
Finishing URL
page-meta-support-id85475783.pages.net.br/1
IP / ASN
172.64.144.240
#13335 CLOUDFLARENET
Title
Facebook
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.greatpages.com.br	unknown	2020-01-22	2020-10-04 12:55:49	2023-11-29 02:28:20	2.1 kB	1.1 MB	104.17.209.68
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-30 06:35:27	2.3 kB	132 kB	216.58.207.227
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-11-30 09:15:30	560 B	20 kB	104.16.57.101
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-30 06:03:12	565 B	22 kB	142.250.74.106
r3-pages-views.greatpages.com.br	unknown	2020-01-22	2022-12-22 15:46:40	2023-11-28 06:28:32	2.1 kB	331 B	104.17.208.68
page-meta-support-id85475783.pages.net.br	unknown	unknown	No data	No data	1.8 kB	16 kB	172.64.144.240
cdn.greatsoftwares.com.br	585945	2020-02-08	2021-05-29 17:49:49	2023-11-29 07:39:12	518 B	3.7 kB	104.18.38.139

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	pages.net.br	Sinkholed
2023-11-30	medium	pages.net.br	Sinkholed
2023-11-30	medium	pages.net.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	page-meta-support-id85475783.pages.net.br/1	ScriptElement	540 B	2023-11-20	2024-11-27
Pretty URL page-meta-support-id85475783.pages.net.br/1 IP 172.64.144.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 23:56 Last Seen2024-11-27 12:01 Times Seen417 Hash 68001fcbccf4c89d9e378936cc9c59c8 10fde516faa0c9b775369282169b5f224c578683 4209d6e28acb2f88c72b86af4bc55057b3bd7c2f1de61cd2f91263d1ddf081ab Loading...

	page-meta-support-id85475783.pages.net.br/1	ScriptElement	223 B	2024-08-20	2024-08-20
Pretty URL page-meta-support-id85475783.pages.net.br/1 IP 172.64.144.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:21 Last Seen2024-08-20 17:21 Times Seen2 Hash 0361cc16c9386a399b43fb194db20995 141a850b837f31f5e6ba4d29908640db049e72cd 014e7709bfb1b1ad64706c2a1d1493f0aa7387c91317c2a3d3b5e292ba7a1316 Loading...

	page-meta-support-id85475783.pages.net.br/1	ScriptElement	243 B	2024-08-20	2024-08-20
Pretty URL page-meta-support-id85475783.pages.net.br/1 IP 172.64.144.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:21 Last Seen2024-08-20 17:21 Times Seen2 Hash a2faa05292fd5cbeadff0b990de927da ab72081d80106297236ed5bebcf515de6dfc98fc 3ea00327629a6a0870a6b0d6ce56936af6bb868f953ac8f26db75eb6f457e84d Loading...

	page-meta-support-id85475783.pages.net.br/1	ScriptElement	2.3 kB	2024-08-20	2024-08-20
Pretty URL page-meta-support-id85475783.pages.net.br/1 IP 172.64.144.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:21 Last Seen2024-08-20 17:21 Times Seen2 Hash 4787288f279565d874e4a2797fd6fddf 024db64651737f86b3946b6da8c35d5ab9305ec6 f9cbee72e97781c80777c9e9c7ed3676acee85361a6abc6ae69c4ea163abc8da Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 13:23 Times Seen17152 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/js.js	ScriptElement	126 kB	2023-11-30	2023-11-30
Pretty URL cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/js.js IP 104.17.209.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 13:39 Last Seen2023-11-30 13:39 Times Seen1 Hash 8a27b1e2ba66ae165e948184d999b5d3 c550eea9bf04ab22541331dfaa1c6e753bd2fd46 9e4ec92c211a228887fb6d5330a1ec69f62b78e308ede9021c9eb6c13073737e Loading...

HTTP Transactions (15)

URL IP Response Size

r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiZVdSRE1YQmFSR2N4VGtSak1VNTZaM3BNYmtKb1dqSldla3h0Tld4a1F6VnBZMms0ZUdsb1NrUmtXWFZOUTNNNVMxVlBlbTVsVlcxMVExWmhTRkl3WTBoTk5reDVPWGRaVjJSc1RGY3hiR1JIUlhSak0xWjNZMGM1IiwiZCI6IjIwMjMtMTEtMzAgMTI6Mzk6MzMiLCJlIjoiR1BhZ2VzLjc1MDYxNzAxMzQ3OTczNzkyIiwiaSI6ImMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESkdhbHBZVG5waU1UbDNXbGhLZW1JeU5XaGlSMncyV1ZkU2RrbHFjSFZrVjNoelRFTktjR0p1VW14YU0wcG9XVEpHZGxneVdtaFpNbFpwWWpJNWNsZ3pRbkJsUjFaeldESldNbHBYTlRCaWVVazJTV3hDYUZveVZsZGhWMVl6U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVkwZFdlV015T1hWWlYzaHdaVzFHYTJKNVNUWmlibFp6WWtOM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVdUSTVkV1JIVmpGYVJ6bG1aRzFHYzJJelNXbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXREl4ZGxwWFVtaEphbTlwVFVOS09YY3lSekpoVjFaV1lXNTRNVTFsYURObFpYWmhiVWhsZVVwd1drWTVia2xxYjJsUFJFazFUbnBuYVV4RFNuQmFSamwzV1Zka2NHSnRSV2xQYVVsNlQwUk5NMDFxVFdsTVEwcHdXa1k1YTJJeU1YQmliV3gyU1dwdmFVMVVUVEZOUkdzd1NXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPVEJpTW5Sc1ltbEpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVJqbHZXVmRLY0dKSGJEQlpXRWxwVDIwMU1XSkhkM05KYld4MVpFZFdibU50Um1wWlZ6bG1XbTFHYWxwWFNuWmlNblJtWTBkc05GcFhlR1phV0Zwc1ltNVNkbGd6VW14ak0xSnNTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTkphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qaHBUMmxLVVZsWFpHeFdiV3hzWkhsSiIsImMiOiIifQ==

104.17.208.68

200 OK

31 B

URL GET HTTP/2
r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiZVdSRE1YQmFSR2N4VGtSak1VNTZaM3BNYmtKb1dqSldla3h0Tld4a1F6VnBZMms0ZUdsb1NrUmtXWFZOUTNNNVMxVlBlbTVsVlcxMVExWmhTRkl3WTBoTk5reDVPWGRaVjJSc1RGY3hiR1JIUlhSak0xWjNZMGM1IiwiZCI6IjIwMjMtMTEtMzAgMTI6Mzk6MzMiLCJlIjoiR1BhZ2VzLjc1MDYxNzAxMzQ3OTczNzkyIiwiaSI6ImMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESkdhbHBZVG5waU1UbDNXbGhLZW1JeU5XaGlSMncyV1ZkU2RrbHFjSFZrVjNoelRFTktjR0p1VW14YU0wcG9XVEpHZGxneVdtaFpNbFpwWWpJNWNsZ3pRbkJsUjFaeldESldNbHBYTlRCaWVVazJTV3hDYUZveVZsZGhWMVl6U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVkwZFdlV015T1hWWlYzaHdaVzFHYTJKNVNUWmlibFp6WWtOM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVdUSTVkV1JIVmpGYVJ6bG1aRzFHYzJJelNXbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXREl4ZGxwWFVtaEphbTlwVFVOS09YY3lSekpoVjFaV1lXNTRNVTFsYURObFpYWmhiVWhsZVVwd1drWTVia2xxYjJsUFJFazFUbnBuYVV4RFNuQmFSamwzV1Zka2NHSnRSV2xQYVVsNlQwUk5NMDFxVFdsTVEwcHdXa1k1YTJJeU1YQmliV3gyU1dwdmFVMVVUVEZOUkdzd1NXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPVEJpTW5Sc1ltbEpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVJqbHZXVmRLY0dKSGJEQlpXRWxwVDIwMU1XSkhkM05KYld4MVpFZFdibU50Um1wWlZ6bG1XbTFHYWxwWFNuWmlNblJtWTBkc05GcFhlR1phV0Zwc1ltNVNkbGd6VW14ak0xSnNTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTkphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qaHBUMmxLVVZsWFpHeFdiV3hzWkhsSiIsImMiOiIifQ==
IP
104.17.208.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerLet's Encrypt
Subjectgreatpages.com.br
Fingerprint5E:BF:CF:85:ED:B2:22:B5:D9:29:14:F9:66:0C:25:EE:49:2C:E9:63
ValidityMon, 16 Oct 2023 03:37:40 GMT - Sun, 14 Jan 2024 03:37:39 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
31 B (31 bytes)
Hash
b1a8ecd5c3f464c5ae872401ae1929c1
ec82b7e06d38b93eba0dd68108140711cfa86eb5
49d1cf6777396141389bf9230460e84cc9bf6260594eb25095297d5ab3098b90

HTTP Headers

GET /?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiZVdSRE1YQmFSR2N4VGtSak1VNTZaM3BNYmtKb1dqSldla3h0Tld4a1F6VnBZMms0ZUdsb1NrUmtXWFZOUTNNNVMxVlBlbTVsVlcxMVExWmhTRkl3WTBoTk5reDVPWGRaVjJSc1RGY3hiR1JIUlhSak0xWjNZMGM1IiwiZCI6IjIwMjMtMTEtMzAgMTI6Mzk6MzMiLCJlIjoiR1BhZ2VzLjc1MDYxNzAxMzQ3OTczNzkyIiwiaSI6ImMwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESkdhbHBZVG5waU1UbDNXbGhLZW1JeU5XaGlSMncyV1ZkU2RrbHFjSFZrVjNoelRFTktjR0p1VW14YU0wcG9XVEpHZGxneVdtaFpNbFpwWWpJNWNsZ3pRbkJsUjFaeldESldNbHBYTlRCaWVVazJTV3hDYUZveVZsZGhWMVl6U1dsM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVkwZFdlV015T1hWWlYzaHdaVzFHYTJKNVNUWmlibFp6WWtOM2FXRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVdUSTVkV1JIVmpGYVJ6bG1aRzFHYzJJelNXbFBiVFV4WWtkM2MwbHRiSFZrUjFadVkyMUdhbGxYT1daYWJVWnFXbGRLZG1JeWRHWmpSMncwV2xkNFpscFlXbXhpYmxKMldESk9kbUp1VW14a1YxSjJXREl4ZGxwWFVtaEphbTlwVFVOS09YY3lSekpoVjFaV1lXNTRNVTFsYURObFpYWmhiVWhsZVVwd1drWTVia2xxYjJsUFJFazFUbnBuYVV4RFNuQmFSamwzV1Zka2NHSnRSV2xQYVVsNlQwUk5NMDFxVFdsTVEwcHdXa1k1YTJJeU1YQmliV3gyU1dwdmFVMVVUVEZOUkdzd1NXbDNhV0ZYTlRCYVYyUjVXVmRPYUdJeE9XMVpWMDVzV1cwNWRtRXhPVEJpTW5Sc1ltbEpObUp1Vm5OaVEzZHBZVmMxTUZwWFpIbFpWMDVvWWpFNWJWbFhUbXhaYlRsMllURTVkMkZZYUd4aVJqbHZXVmRLY0dKSGJEQlpXRWxwVDIwMU1XSkhkM05KYld4MVpFZFdibU50Um1wWlZ6bG1XbTFHYWxwWFNuWmlNblJtWTBkc05GcFhlR1phV0Zwc1ltNVNkbGd6VW14ak0xSnNTV3B3ZFdSWGVITk1RMHB3WW01U2JGb3pTbWhaTWtaMldESmFhRmt5Vm1saU1qbHlXRE5DY0dWSFZuTkphbkIxWkZkNGMweERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhRmt5Vm5wak1qaHBUMmxLVVZsWFpHeFdiV3hzWkhsSiIsImMiOiIifQ== HTTP/1.1
Host: r3-pages-views.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:39:29 GMT
content-type: application/json
content-length: 31
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82e32748f8500afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

page-meta-support-id85475783.pages.net.br/1

172.64.144.240

200 OK

15 kB

URL User Request GET HTTP/2
page-meta-support-id85475783.pages.net.br/1
IP
172.64.144.240:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpages.net.br
Fingerprint2A:B8:BD:0E:47:67:1C:F8:0C:AF:EC:13:67:64:73:7E:1D:6D:A3:07
ValiditySat, 14 Oct 2023 21:43:21 GMT - Fri, 12 Jan 2024 21:43:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42612)
Size
15 kB (15131 bytes)
Hash
aeccf31a8b53fd13709757197adcb297
184c9d42d6b4ad28a926e95aca3a1f49fa80e367
ebfadd49646278e998e6e9c087a0bb5468b7d2a6cc5fd9e1c955d2c714b4ac8f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1 HTTP/1.1
Host: page-meta-support-id85475783.pages.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:39:29 GMT
content-type: text/html
cache-control: max-age=0
great-server: GreatApps
great-service: gpages-r3-pages
set-cookie: __cf_bm=hyzfl9tLZHCmdNornUZdixvx9F4qbzcvp0A.FGq19cU-1701347969-0-AdJHB/ZAy+8iFXAsrZOn3X7wz5uzQTqjDfyuf1jwryNsJPf183d6ZLujXMpPn3K2Fm/Lj19gAuT6RZeD5iJSJrY=; path=/; expires=Thu, 30-Nov-23 13:09:29 GMT; domain=.page-meta-support-id85475783.pages.net.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e327441f37b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.greatsoftwares.com.br/arquivos/paginas/82978-ce8b440cdb1bcaa9a141219d24df8bc7.png

104.18.38.139

200 OK

2.6 kB

URL GET HTTP/2
cdn.greatsoftwares.com.br/arquivos/paginas/82978-ce8b440cdb1bcaa9a141219d24df8bc7.png
IP
104.18.38.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subjectgreatsoftwares.com.br
Fingerprint67:7E:DB:D2:DC:14:C7:7B:17:48:17:20:56:DB:AB:72:C3:C7:85:09
ValidityFri, 13 Oct 2023 04:27:26 GMT - Thu, 11 Jan 2024 04:27:25 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.6 kB (2636 bytes)
Hash
f69dc58741d09324a5e3e7fe3ffdf8ea
af03d6613bd1704809d346079b412f4145cae826
1ffc0e9f90ab9b61e79447fb17552cd542aa452da3e3950e07843df5599c6d1d

HTTP Headers

GET /arquivos/paginas/82978-ce8b440cdb1bcaa9a141219d24df8bc7.png HTTP/1.1
Host: cdn.greatsoftwares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:39:29 GMT
content-type: image/webp
content-length: 2636
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6636
content-disposition: inline; filename="82978-ce8b440cdb1bcaa9a141219d24df8bc7.webp"
etag: "22746a00bd1421be001d8404d48ecbc9"
expires: Fri, 29 Nov 2024 12:39:29 GMT
last-modified: Wed, 29 Nov 2023 09:58:58 GMT
vary: Accept
x-guploader-uploadid: ABPtcPoNLc_uowe9gYGj8DPbt6hGVoOiAUmBSI2de_VLYpzDwQHlxA_O6nLp_5pxL030OzTjgkpzqBsPlw
x-goog-generation: 1701251938457990
x-goog-hash: crc32c=LwDfqg==, md5=InRqAL0UIb4AHYQE1I7LyQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6636
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82e3274bba0c0afe-OSL
X-Firefox-Spdy: h2

cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/js.js

104.17.209.68

200 OK

27 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/js.js
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15962), with CRLF line terminators
Size
27 kB (26948 bytes)
Hash
8a27b1e2ba66ae165e948184d999b5d3
c550eea9bf04ab22541331dfaa1c6e753bd2fd46
9e4ec92c211a228887fb6d5330a1ec69f62b78e308ede9021c9eb6c13073737e

HTTP Headers

GET /page-meta-support-id85475783.pages.net.br-1/1701252138/js.js HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 12:39:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8a27b1e2ba66ae165e948184d999b5d3"
Last-Modified: Wed, 29 Nov 2023 10:02:20 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Fri, 29 Nov 2024 12:39:30 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 82e32748ec4556c7-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

page-meta-support-id85475783.pages.net.br/cdn-cgi/rum?

172.64.144.240

204 No Content

0 B

URL POST HTTP/3
page-meta-support-id85475783.pages.net.br/cdn-cgi/rum?
IP
172.64.144.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerLet's Encrypt
Subjectpages.net.br
Fingerprint2A:B8:BD:0E:47:67:1C:F8:0C:AF:EC:13:67:64:73:7E:1D:6D:A3:07
ValiditySat, 14 Oct 2023 21:43:21 GMT - Fri, 12 Jan 2024 21:43:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: page-meta-support-id85475783.pages.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 3865
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/1
Cookie: __cf_bm=hyzfl9tLZHCmdNornUZdixvx9F4qbzcvp0A.FGq19cU-1701347969-0-AdJHB/ZAy+8iFXAsrZOn3X7wz5uzQTqjDfyuf1jwryNsJPf183d6ZLujXMpPn3K2Fm/Lj19gAuT6RZeD5iJSJrY=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 30 Nov 2023 12:39:30 GMT
access-control-allow-origin: https://page-meta-support-id85475783.pages.net.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82e3274e5d9fb4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 27716
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 55534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 27512
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 27512
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125086256028658.jpg

104.17.209.68

200 OK

10 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125086256028658.jpg
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 436x253, components 3\012- data
Size
10 kB (10000 bytes)
Hash
9769b79b12a774b104ddcc86e897ae7f
50d4124e343c18365136efa4c17cca040c2de2d2
5f065e24fec270865b58b7d5b302acb91bc0dc5b5f266f2d1a5f668c260f5cbd

HTTP Headers

GET /page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125086256028658.jpg HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 12:39:30 GMT
Content-Type: image/jpeg
Content-Length: 10000
Connection: keep-alive
ETag: "9769b79b12a774b104ddcc86e897ae7f"
Last-Modified: Wed, 29 Nov 2023 10:02:19 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Fri, 29 Nov 2024 12:39:30 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 82e3274eaa8156c7-OSL
alt-svc: h3=":443"; ma=86400

cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125116268583421.gif

104.17.209.68

200 OK

1.0 MB

URL GET HTTP/1.1
cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125116268583421.gif
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1920 x 1080\012- data
Size
1.0 MB (1043703 bytes)
Hash
02ff08d6cc278a935bbd4721bef35f0b
23a2ffc2bbcd4ddebc6f92340ab6bd14fcc8297d
674fc7efd1b68ed594d04be2fdf655c8b74e1ae9b026d4f132e1ae037f3935ff

HTTP Headers

GET /page-meta-support-id85475783.pages.net.br-1/1701252138/imagens/desktop/383723_1_170125116268583421.gif HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 12:39:31 GMT
Content-Type: image/gif
Content-Length: 1043703
Connection: keep-alive
ETag: "02ff08d6cc278a935bbd4721bef35f0b"
Last-Modified: Wed, 29 Nov 2023 10:02:20 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Fri, 29 Nov 2024 12:39:31 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 82e3274eaadc712b-OSL
alt-svc: h3=":443"; ma=86400

page-meta-support-id85475783.pages.net.br/cdn-cgi/rum?

172.64.144.240

204 No Content

0 B

URL POST HTTP/3
page-meta-support-id85475783.pages.net.br/cdn-cgi/rum?
IP
172.64.144.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerLet's Encrypt
Subjectpages.net.br
Fingerprint2A:B8:BD:0E:47:67:1C:F8:0C:AF:EC:13:67:64:73:7E:1D:6D:A3:07
ValiditySat, 14 Oct 2023 21:43:21 GMT - Fri, 12 Jan 2024 21:43:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: page-meta-support-id85475783.pages.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 470
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Thu, 30 Nov 2023 12:39:44 GMT
access-control-allow-origin: https://page-meta-support-id85475783.pages.net.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82e327a5ae75b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/css.css

104.17.209.68

200 OK

24 kB

URL GET HTTP/1.1
cdn.greatpages.com.br/page-meta-support-id85475783.pages.net.br-1/1701252138/css.css
IP
104.17.209.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerCloudflare, Inc.
Subjectcdn.greatpages.com.br
Fingerprint9B:D2:8E:A4:5F:CB:B0:36:7A:59:81:61:C2:F1:2D:E7:A1:5F:DB:B6
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23775), with no line terminators
Size
24 kB (23775 bytes)
Hash
06f9449818c01039f25e5cd4686d9c8a
a2fd5ef535a23063f5c3c25f98d6787e61da5221
72c418a30aff20bae37c91da77adf77d1c0381d97577f7f4b1a81b99bb19c71d

HTTP Headers

GET /page-meta-support-id85475783.pages.net.br-1/1701252138/css.css HTTP/1.1
Host: cdn.greatpages.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 12:39:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"06f9449818c01039f25e5cd4686d9c8a"
Last-Modified: Wed, 29 Nov 2023 10:02:20 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Fri, 29 Nov 2024 12:39:29 GMT
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 82e32748ed73712b-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.57.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
20 kB (19986 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page-meta-support-id85475783.pages.net.br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:39:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e327489b335694-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.106

200 OK

21 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://page-meta-support-id85475783.pages.net.br/1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
21 kB (20880 bytes)
Hash
cfd2bfa9a48d5801a392162c7f5f6974
3605f19972d3d38d04e065e94e4cce99518dfa25
6f87cc6bf2ce4e626bb979716def2d03c0b868f416400c94c9a3a2cb158f708e

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-meta-support-id85475783.pages.net.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 12:39:30 GMT
date: Thu, 30 Nov 2023 12:39:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type