supportads.d3opy90om4perg.amplifyapp.com/favicon.png
200 OK 14 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/favicon.png
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced
Hash 7a2dbfdec08b3a38d668b605d78df964
87dba0baa4bffbb072a921c7c6a5199c26f83aba
c770ce547af85df31198c63f7eba9cba64ff3a48f8eb127d4ea12181453036c8
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /favicon.png HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
content-length: 14026
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:07 GMT
server: AmazonS3
accept-ranges: bytes
etag: "7a2dbfdec08b3a38d668b605d78df964"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P7xvVBtxblfOU13O1gtrIeiH59y23IFEeypMDe1SKVg7LUF6hZZUEA==
supportads.d3opy90om4perg.amplifyapp.com/icons/Icon-192.png
200 OK 5.3 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/icons/Icon-192.png
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced
Hash ac9a721a12bbc803b44f645561ecb1e1
293b2825c89d2abd4b17e2f5ac30c30f5ba3724f
3dce99077602f70421c1c6b2a240bc9b83d64d86681d45f2154143310c980be3
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /icons/Icon-192.png HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
content-length: 5292
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:07 GMT
server: AmazonS3
accept-ranges: bytes
etag: "ac9a721a12bbc803b44f645561ecb1e1"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xgx1iCgsFP-jcWgkWe33p0-d1oLn7eRkONjdn9hk5RVPm031vffEFg==
www.gstatic.com/flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.js
200 OK 26 kB URL GET HTTP/2 www.gstatic.com/flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.js
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (545)
Hash 76f7d822f42397160c5dfc69cbc9b2de
a7739ae575812316ab0924225becfa3941f5b3da
86c5d12e43e93359933fbe2f8575d2bfd1ee595aa581b6111943de2d77975e31
GET /flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 26292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:30:29 GMT
expires: Sat, 03 May 2025 03:30:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Jun 2023 20:54:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 576699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/assets/FontManifest.json
200 OK 670 B URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/FontManifest.json
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
Hash 5a32d4310a6f5d9a6b651e75ba0d7372
1eea93fdd82fad31ce32e9b9428e415dfc737da3
2cd9411b540e5c6e15ac65523a3601bee668aeca9104e1de136fc34b3a912771
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/FontManifest.json HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json
content-length: 670
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:08 GMT
server: AmazonS3
accept-ranges: bytes
etag: "5a32d4310a6f5d9a6b651e75ba0d7372"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RYCFVXSyXR_tlIyAgew2w98tjg4AVneUtR4v_Sd_798PbpTNq3MklA==
www.gstatic.com/flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.wasm
200 OK 2.1 MB URL GET HTTP/3 www.gstatic.com/flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.wasm
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type WebAssembly (wasm) binary module version 0x1 (MVP)
Size 2.1 MB (2142317 bytes)
Hash f48eaf57cada79163ec6dec7929486ea
9c2e3dfd5ea427fc42c8358fcec9be13b47534d0
65d6b549c3d21e2d9dc4f0504fc9462936a1e511fd538a8ce4a5d45a8e0c95cf
GET /flutter-canvaskit/45f6e009110df4f34ec2cf99f63cf73b71b7a420/canvaskit.wasm HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: br
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 2142317
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:50:33 GMT
expires: Fri, 09 May 2025 02:50:33 GMT
cache-control: public, max-age=31536000
age: 60695
last-modified: Tue, 13 Jun 2023 20:54:55 GMT
content-type: application/wasm
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
supportads.d3opy90om4perg.amplifyapp.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
200 OK 92 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type TrueType Font data, 12 tables, 1st "OS/2", 7 names, Microsoft, language 0x409
Hash bb72e8176c74e93ba6b210789dc3f21b
26cb9fcc9fb3820ce0ae66d30c15147e2b8f4078
350429f079b1700cdb67f1d0a17eab675a258479265521a6514e9dbbc5414baa
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/packages/cupertino_icons/assets/CupertinoIcons.ttf HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: font/ttf
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:09 GMT
server: AmazonS3
etag: W/"57d849d738900cfd590e9adc7e208250"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: qutCPYELWdoeJ0DthfuvQjV8oRrTXKHTUsgfdiQVQYc1Uu2FoRfCrQ==
supportads.d3opy90om4perg.amplifyapp.com/assets/AssetManifest.bin
200 OK 1.3 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/AssetManifest.bin
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
Hash 8b1cf21a141e282cc9fcc19ad6b2028b
c7efbc9d05f7e18d34d946a736e5487e1e1c550e
65597af2671c420356b08d5cdbbefb567b1bda6b6613b32908c970b9342631fb
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/AssetManifest.bin HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/octet-stream
content-length: 1287
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:11 GMT
server: AmazonS3
accept-ranges: bytes
etag: "8b1cf21a141e282cc9fcc19ad6b2028b"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -1BBvtuLTYpOqoIjrUD6yKUnBgk99JD2r-3Vy6Tyc_0qHmEmieq9Kw==
fonts.gstatic.com/s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf
200 OK 69 kB URL GET HTTP/2 fonts.gstatic.com/s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409
Hash 8360fdd61fd8609ef10e61c40c0eca11
c80e173f72d4f31827d75c4ec934ede660d35b16
a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71
GET /s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69233
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:19:52 GMT
expires: Sat, 03 May 2025 02:19:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:12:33 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 580939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/main.dart.js
200 OK 712 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/main.dart.js
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 712 kB (711968 bytes)
Hash 849079983263988b5a035acc8767867c
936bf23abf18f76c21988812d1529eb0734ef61d
1aa59f1ef9a7c7cfa407984f5bb54a29a822e34a8cb529fc06568e851355e4ee
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /main.dart.js HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:07 GMT
server: AmazonS3
etag: W/"c172314993ba4b35b9ccc8a10926082d"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: VPN-45LHmqEaK99eqLt9pzGjPGrXInC3FF4Z3lKWzSS9yhBYxkVhSg==
fonts.gstatic.com/s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf
200 OK 69 kB URL GET HTTP/2 fonts.gstatic.com/s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409
Hash c67db2ad4a5ca29b517da8eabafd2459
c54a0034e60d6445caee8533684b3cea13420c81
9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c
GET /s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68574
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:12:31 GMT
expires: Fri, 02 May 2025 22:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:10:30 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 595780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf
200 OK 70 kB URL GET HTTP/2 fonts.gstatic.com/s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409
Hash 9ba5c294b162c2688a1541ea64f36fb3
257c4afc8725d026f06e0208e2ae7bfe079f1452
705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a
GET /s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:08:42 GMT
expires: Fri, 09 May 2025 02:08:42 GMT
cache-control: public, max-age=31536000
age: 63209
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/meta.png
200 OK 651 B URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/meta.png
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type PNG image data, 54 x 12, 8-bit gray+alpha, non-interlaced
Hash 82f724aa56db0da424f206b9991fd62e
c0334262e1a6720efb47fa3334e8dd6437377836
d96115050f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/assets/images/meta.png HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
content-length: 651
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:12 GMT
server: AmazonS3
accept-ranges: bytes
etag: "82f724aa56db0da424f206b9991fd62e"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Lo2fGrVRY_kocvO645wQQq_zmQXJAjAYohLtEZbdiLKf8JoBmZgzsw==
supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/fbv2.jpg
200 OK 3.1 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/fbv2.jpg
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 236x236, segment length 16, progressive, precision 8, 236x236, components 3
Hash e165af495d51ef5b46cad3d602a2a5f8
e3d73bf45f360750678f666b4fa51553aad7090d
171f1b3ac7b11ef605b96f91537ed2cc32ab21d7233733114a923d21d552b021
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/assets/images/fbv2.jpg HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
content-length: 3053
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:12 GMT
server: AmazonS3
accept-ranges: bytes
etag: "e165af495d51ef5b46cad3d602a2a5f8"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rXySpYWyEIlEnAJDviKcYsJSxH7694SnbfkYzATy0A0wPvu6YMnQQQ==
supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/avatar.png
200 OK 58 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/avatar.png
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type PNG image data, 662 x 664, 8-bit/color RGBA, non-interlaced
Hash 02fb04256d936e0d83a6340a1d1f3af4
b8bfe3b59f0dc0d7841d17f4352ac2ce0feb2238
0734468737b7eaf71a997b518a6b70a4ec17d136f41bf3bb562429bbea1de8cb
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/assets/images/avatar.png HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
content-length: 58407
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:12 GMT
server: AmazonS3
accept-ranges: bytes
etag: "02fb04256d936e0d83a6340a1d1f3af4"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GAF24vTlPFgvcBlXBmswSGZo2eq3klEuJ2vnPAJrxKPHTpzvAvumFg==
supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/bg.jpg
200 OK 81 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/bg.jpg
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1920x175, components 3
Hash 49a366b72644f04ea8efccf9550fb0a5
54492aa337fc8ee34297a04fd789d202fba78d58
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/assets/images/bg.jpg HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
content-length: 80630
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:12 GMT
server: AmazonS3
accept-ranges: bytes
etag: "49a366b72644f04ea8efccf9550fb0a5"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C2FFGjZBtg6zDPq2G87tJ-sg5CoOi3ydyaXmQHVBiDfz18v1ja0tpA==
supportads.d3opy90om4perg.amplifyapp.com/assets/fonts/MaterialIcons-Regular.otf
200 OK 11 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/fonts/MaterialIcons-Regular.otf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 944031a15ac70b57c1269c3cb6fd0fba
57bb968ff9a58d80ef7e80d530e44eab8ff15b86
40b1757d25552a759331fd656ddaf2565a638fcdd63d418795f82a22e8249f2a
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/fonts/MaterialIcons-Regular.otf HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: font/otf
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:09 GMT
server: AmazonS3
etag: W/"0f341cb48f96334dfc114136d18a1db6"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: fIo_f7QgmKxXGfomgSs58HHJg6Y0EIk0mUknN2dki6keCVDCVwPCAw==
ipapi.co/json
200 OK 7.7 kB IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerLet's Encrypt
Subjectipapi.co
Fingerprint00:84:39:1A:E6:F9:D4:22:11:8B:2A:D1:2F:B1:91:03:18:BB:9E:3D
ValidityTue, 07 May 2024 17:57:49 GMT - Mon, 05 Aug 2024 17:57:48 GMT
Hash 3ea894357e15788b101c2525a13d7ced
e75b69db5ebe486b46035f39fc9c8c4374aec970
1f97c1464ed28eaafaf0cdfe7bff7aa3ede2a10054dbd8c2d3c98fcd3281c035
GET /json HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:42:11 GMT
content-type: application/json
allow: OPTIONS, HEAD, POST, GET, OPTIONS
x-frame-options: DENY
vary: Host, origin
access-control-allow-origin: https://supportads.d3opy90om4perg.amplifyapp.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EE5GwZ4Uh6kUQD1rVt9oOShZbq5aHA2WF2cdE24EZhy%2FHPLRVGjYw7Y3rzOQ562uoStUcBNz4sT3iRJNsxzmhE3DirHP5dHnpDNczGLeow4R5cDunAqcyZHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142bdb7a9a56ba-OSL
content-encoding: br
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
200 OK 169 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409
Size 169 kB (169196 bytes)
Hash d7791ef376c159f302b8ad90a748d2ab
8484ebfc7efecdb9abe12f03f94014a32b6781cc
e68cb27bed42fe434be64d0d6296d8dc5b81686a725fe31d4293509f8598636e
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: font/ttf
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:09 GMT
server: AmazonS3
etag: W/"d7791ef376c159f302b8ad90a748d2ab"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: xjCS_j4CkwLph274vkT8Y2PcOZX-X7Yccx5Nl26xzRnOo2gDgYIugQ==
supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
200 OK 357 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409
Size 357 kB (357256 bytes)
Hash 658b490c9da97710b01bd0f8825fce94
0c454d0b88ea5736402cdd5a19ae767765dcba6d
2395721ec2a7ba59d9ea05e0567339ca73d280e8768fb3f7eceb6fd2c1824913
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: font/ttf
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:09 GMT
server: AmazonS3
etag: W/"658b490c9da97710b01bd0f8825fce94"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: MWI7jbwmpL8z8kD6aRNFqRza1YcUXDI8JltwceqkKi2rqu2178fktA==
supportads.d3opy90om4perg.amplifyapp.com/flutter.js
200 OK 15 kB URL GET HTTP/2 supportads.d3opy90om4perg.amplifyapp.com/flutter.js
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 6b515e434cea20006b3ef1726d2c8894
65e782370bc35a4f5e37922f12debfae61eff946
ebef4683c7634467e3e792e993cd8e28d44940d4299dd8f3f8ce8ea3c1f20b67
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /flutter.js HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 09 May 2024 19:42:06 GMT
server: AmazonS3
etag: W/"6b515e434cea20006b3ef1726d2c8894"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PBt3mnc8GmcKaiCyUCgP3_Y_e00CZisY13dgFJ2Y1QxHfN0C9cwgog==
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/
200 OK 1.9 kB URL User Request GET HTTP/2 supportads.d3opy90om4perg.amplifyapp.com/
IP
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (2045), with no line terminators
Hash 4811e277f2f6ecced03ffcfe84fa3ec1
719ad9a955e6d9ddaf596f539c0950e03025329a
368dd13626846230eea38dc5f2b1936082df614197d131bec5a5eae901d2053f
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET / HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
date: Thu, 09 May 2024 19:42:05 GMT
server: AmazonS3
etag: W/"9105159675b17008fb69291e2b40d322"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 147VyGDjAZesKWtDD-2sFX6UhqwC8tT8KPc3B0rAnfRT82uAY3jX0g==
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
200 OK 49 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409
Hash 5070443340d1d8cceb516d02c3d6dee7
2edcbf8f12c01ef48617b87fd497c07fbe85087c
6b04ad8cd0e6be09eb285526cc0e4f66f84ae231d7eeffa4569f65b9fc3d511d
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: font/ttf
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:09 GMT
server: AmazonS3
etag: W/"5070443340d1d8cceb516d02c3d6dee7"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: HS8PdxyXkkhwCZPk1qFCLwkWEl-78e4uSCDvg0IH1KNHPFIG4v1EZw==
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
200 OK 171 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Size 171 kB (171272 bytes)
Hash 11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
GET /s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
Origin: https://supportads.d3opy90om4perg.amplifyapp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 91230
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 21:56:39 GMT
expires: Fri, 02 May 2025 21:56:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 596730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
supportads.d3opy90om4perg.amplifyapp.com/assets/AssetManifest.json
200 OK 1.2 kB URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/AssetManifest.json
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1235), with no line terminators
Hash 0a2516d2ead7350939600c65cd9b6f04
ab2715847814fbf494aea3e3b32b1705628b57b3
6121bf070bf6818b81d81bf457c688ca53e21ae083fca3a927ec3422d7ba678e
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/AssetManifest.json HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
date: Thu, 09 May 2024 19:42:11 GMT
server: AmazonS3
etag: W/"ffcce918f60617fed6fdd5c787356cc5"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-id: 7W4OWucfo-zxITVsgPyx9EdW1col0EPVuL1ccKWzHAXMMrPPkdrhYw==
supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/metav2.png
200 OK 651 B URL GET HTTP/3 supportads.d3opy90om4perg.amplifyapp.com/assets/assets/images/metav2.png
IP
Requested by https://supportads.d3opy90om4perg.amplifyapp.com/
Certificate IssuerAmazon
Subject*.d3opy90om4perg.amplifyapp.com
FingerprintDD:61:8F:3D:BA:39:2F:64:D6:3A:CC:BA:73:6E:4A:09:27:95:52:96
ValidityThu, 09 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type PNG image data, 54 x 12, 8-bit gray+alpha, non-interlaced
Hash 82f724aa56db0da424f206b9991fd62e
c0334262e1a6720efb47fa3334e8dd6437377836
d96115050f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /assets/assets/images/metav2.png HTTP/1.1
Host: supportads.d3opy90om4perg.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supportads.d3opy90om4perg.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/png
content-length: 651
alt-svc: h3=":443"; ma=86400
date: Thu, 09 May 2024 19:42:11 GMT
server: AmazonS3
accept-ranges: bytes
etag: "82f724aa56db0da424f206b9991fd62e"
last-modified: Thu, 09 May 2024 18:11:54 GMT
cache-control: public, max-age=0, s-maxage=2
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8-ktCS9cxdSMx5FwuPDBgnGqyT-lvN0k2pkFbzzsMveMTrVYOumQuA==
143.204.55.38
104.26.8.44