ad-account-disabled-9cae3.web.app/
199.36.158.100200 OK 648 B URL User Request GET HTTP/2 ad-account-disabled-9cae3.web.app/
IP 199.36.158.100:443
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 162707320dd1518ecca05e89fe97fc24
ca9f4ba8ff3848f53df94d857810e9abcaa97d3c
e851ecd3c0e23b13fa14bef0a85a7e9ee3e602c248d187b492b6563ff3f8791c
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET / HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "56338e1681ae95d51d7669b9ed64f68ddfbadc167ec81b9f11a6d1096932de50-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:45 GMT
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007185.381526,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 648
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
IP 142.250.74.131:0
Hash 89450551b8a5d60bb38fc1fa19a46f4b
b146c696ea3a152475469f4b0ee49c9698d0a685
068c6d6c245bf0438476c5208158d772d1eae8376b0f748928a0a68a49f5a6bc
POST /s/gts1d4int/wrllXI_-LL8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:19:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad-account-disabled-9cae3.web.app/flutter.js
199.36.158.100200 OK 3.5 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/flutter.js
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with CRLF line terminators
Hash 6b515e434cea20006b3ef1726d2c8894
65e782370bc35a4f5e37922f12debfae61eff946
ebef4683c7634467e3e792e993cd8e28d44940d4299dd8f3f8ce8ea3c1f20b67
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /flutter.js HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 3507
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "4a09e876d1dfb542450566a1d74330325dce39ff9a803f15a226debdc5e1f333-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:45 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.671189,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/icons/Icon-192.png
199.36.158.100200 OK 5.2 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/icons/Icon-192.png
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash ac9a721a12bbc803b44f645561ecb1e1
293b2825c89d2abd4b17e2f5ac30c30f5ba3724f
3dce99077602f70421c1c6b2a240bc9b83d64d86681d45f2154143310c980be3
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /icons/Icon-192.png HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 5172
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "eaf2464bfb1d192fdd192a616f7b858dee456d573c6ec619648a1dcf2bdddfa6-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:45 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.694925,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/favicon.png
199.36.158.100200 OK 14 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/favicon.png
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a2dbfdec08b3a38d668b605d78df964
87dba0baa4bffbb072a921c7c6a5199c26f83aba
c770ce547af85df31198c63f7eba9cba64ff3a48f8eb127d4ea12181453036c8
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /favicon.png HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 13908
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "38f8cfe11288e15850f38a0cf14b45059f10318fc9f1f9d539949a23252f2f1f"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:45 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.694894,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/main.dart.js
199.36.158.100200 OK 566 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/main.dart.js
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (727)
Size 566 kB (565663 bytes)
Hash c691ea3c0c0413e1cd9dd299ad46b400
2c20e840bb109e6efd77a3c3ac1c3fab867f69a4
823f80e10dbf8f7559c210cdb8108ab2563b7943635504fe96fd192193bbb658
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /main.dart.js HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 565663
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "51218175ba22a2dbdfbd0d78519cf1fb9d9c530b867dbbe11a245840c92e9ced-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:45 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.714171,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/FontManifest.json
199.36.158.100200 OK 190 B URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/FontManifest.json
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JSON data\012- , ASCII text, with very long lines (670), with no line terminators
Hash 5a32d4310a6f5d9a6b651e75ba0d7372
1eea93fdd82fad31ce32e9b9428e415dfc737da3
2cd9411b540e5c6e15ac65523a3601bee668aeca9104e1de136fc34b3a912771
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/FontManifest.json HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 190
cache-control: max-age=3600
content-encoding: br
content-type: application/json
etag: "513648b64710d048971e49c5969e91a20ae1a4636f93ba888a67fe9a15cd61bf-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.441704,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/fonts/MaterialIcons-Regular.otf
199.36.158.100200 OK 3.8 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/fonts/MaterialIcons-Regular.otf
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type OpenType font data\012- data
Hash 6675917cf8e2f400b7564a36c4467112
6188f2a5165979e552c46bcc728a088ab479483a
ec76032826539d45a8176dda37ccad1c9abab6e0efcbf6bd0acb4e3da58936dc
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/fonts/MaterialIcons-Regular.otf HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 3755
cache-control: max-age=3600
content-encoding: br
content-type: font/otf
etag: "02e3ab99cc941b708bee3b0af3a5b524b545ad3cba4f00a9806d759914eb4253-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.460785,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
199.36.158.100200 OK 803 B URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type TrueType Font data, 12 tables, 1st "OS/2", 7 names, Microsoft, language 0x409\012- data
Hash 57d849d738900cfd590e9adc7e208250
41985b8972e5289666d6054b2242f562f1d6e11a
7faebfc34fcf9aeed5ed14c8d859995da91d26ee4d515a5d5a632a14cc6b3d98
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/packages/cupertino_icons/assets/CupertinoIcons.ttf HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 803
cache-control: max-age=3600
content-encoding: br
content-type: font/ttf
etag: "97c82eadce39f86adc287dd73599b4a781bbc1e6fda0540ce0a9cd6a0131e417-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.465427,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
199.36.158.100200 OK 94 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409\012- data
Hash 0db203e8632f03baae0184700f3bda48
e8e0177e1093342b1870d39c595d341bc973f774
b5651d068535591db719ac9b0b659a2e3792a8e0d5fda6a2bd6e7626614a8477
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 93967
cache-control: max-age=3600
content-encoding: br
content-type: font/ttf
etag: "35928918f379c1d5b98ebad2ce302c89c550c245f3bd796ff867cac581bf2a1c-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.467137,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
199.36.158.100200 OK 18 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409\012- data
Hash 01bb14ae3f14c73ee03eed84f480ded9
2dd0818e0120bc90ab5f0f42e3dfc43d72b984af
1a060d03894cb2af57c3e819e5d37352f5d925727ff8d403c805f970ecb6bbcb
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 17722
cache-control: max-age=3600
content-encoding: br
content-type: font/ttf
etag: "8d8e034630412c632f72750c78bfa816d3aaa77281656bf76b9c5bc4d441a5bc-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.469822,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
199.36.158.100200 OK 127 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409\012- data
Size 127 kB (126752 bytes)
Hash efc6c90b58d765987f922c95c2031dd2
d8ed698a99599d1c45bb426741e854fe261d8517
2ce18aa19b12c842559a5c32ee85f09aa8e642d86aec3e0d80bbe597f959a2ff
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 126752
cache-control: max-age=3600
content-encoding: br
content-type: font/ttf
etag: "6dd1706c2869f074a9a29a02946f8538188682655724f7830463d0f7fef1ff09-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:46 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007186.469905,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 82d60e5c89d861bf88494c1b30123a7d
696454de610c86434fca82187d45b770aa712b74
1c270911b4dc1e66edab7b962f92245d40a0725385601f27a4532f216161aa6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
216.58.207.227200 OK 91 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
IP 216.58.207.227:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Hash 11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
GET /s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 91230
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:20:03 GMT
expires: Thu, 30 May 2024 00:20:03 GMT
cache-control: public, max-age=31536000
age: 514784
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.js
142.250.74.35200 OK 26 kB URL GET HTTP/2 www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (545)
Hash 76f7d822f42397160c5dfc69cbc9b2de
a7739ae575812316ab0924225becfa3941f5b3da
86c5d12e43e93359933fbe2f8575d2bfd1ee595aa581b6111943de2d77975e31
GET /flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 26292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 23:09:05 GMT
expires: Wed, 29 May 2024 23:09:05 GMT
cache-control: public, max-age=31536000
age: 519042
last-modified: Tue, 16 May 2023 18:10:45 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 82d60e5c89d861bf88494c1b30123a7d
696454de610c86434fca82187d45b770aa712b74
1c270911b4dc1e66edab7b962f92245d40a0725385601f27a4532f216161aa6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.wasm
142.250.74.35200 OK 2.1 MB URL GET HTTP/2 www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.wasm
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type WebAssembly (wasm) binary module version 0x1 (MVP)\012- data
Size 2.1 MB (2142317 bytes)
Hash f48eaf57cada79163ec6dec7929486ea
9c2e3dfd5ea427fc42c8358fcec9be13b47534d0
65d6b549c3d21e2d9dc4f0504fc9462936a1e511fd538a8ce4a5d45a8e0c95cf
GET /flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/canvaskit.wasm HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 2142317
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 06:55:25 GMT
expires: Wed, 29 May 2024 06:55:25 GMT
cache-control: public, max-age=31536000
age: 577462
last-modified: Tue, 16 May 2023 18:11:08 GMT
content-type: application/wasm
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-app-check.js
142.250.74.35200 OK 7.2 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-app-check.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (21409)
Hash afe4f056288496dfa6fdf4ec7c1cef1b
b60c2be9be32db1fadfacfe9b219d6a6e8709287
7395e877ff72322acc86fbe9114609637d449dc107db83768c4ef5cc8cdfa371
GET /firebasejs/9.18.0/firebase-app-check.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 7193
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 07:54:45 GMT
expires: Sat, 01 Jun 2024 07:54:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Mar 2023 21:56:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 314703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-storage.js
142.250.74.35200 OK 13 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-storage.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (40237)
Hash e7ba6fc72735d016377c30f505edf092
45ddd9ac41745c8082e3b0858bf3af56ad134b58
f8b2dfbb2cccf3dcfd28f25342083997f7a175101eef07e482fe9537f5ac9d90
GET /firebasejs/9.18.0/firebase-storage.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 12990
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 06:47:45 GMT
expires: Sun, 02 Jun 2024 06:47:45 GMT
cache-control: public, max-age=31536000
age: 232323
last-modified: Thu, 16 Mar 2023 21:57:13 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-app.js
142.250.74.35200 OK 21 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-app.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF, LF line terminators
Hash 22d7f77f1b0597d6de834c38460527e2
baa384c7ded3e25b6aa3e4e5e2774450a0dce6be
d7cc15aee6a27dbf64ccc8dcb248cec69ca1132360d0eb495659c63d4dbf5260
GET /firebasejs/9.18.0/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 20695
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:40:55 GMT
expires: Wed, 29 May 2024 21:40:55 GMT
cache-control: public, max-age=31536000
age: 524333
last-modified: Thu, 16 Mar 2023 21:56:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-remote-config.js
142.250.74.35200 OK 8.5 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-remote-config.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (26234)
Hash 42e0e3ea069126e906b52bd25fce6fec
60c6e43eed341cde43bae6b979eac5a6363fca16
ff8732af026a7acdb1c56c0d78660caa59f8acd3e50f3fdff9f47a90f2627486
GET /firebasejs/9.18.0/firebase-remote-config.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8450
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 01:10:22 GMT
expires: Fri, 31 May 2024 01:10:22 GMT
cache-control: public, max-age=31536000
age: 425366
last-modified: Thu, 16 Mar 2023 21:56:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-auth.js
142.250.74.35200 OK 34 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-auth.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 858214be9d19e77d60fc352ee278df34
e5a858a402f0baabbbae3f5e668ee4436b05086f
320ce021881ec592f45a18be844f7d7e311eb1f09cd47da597b2293bc2764c8d
GET /firebasejs/9.18.0/firebase-auth.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 33731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:54:14 GMT
expires: Thu, 30 May 2024 00:54:14 GMT
cache-control: public, max-age=31536000
age: 512734
last-modified: Thu, 16 Mar 2023 21:56:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/9.18.0/firebase-firestore.js
142.250.74.35200 OK 95 kB URL GET HTTP/2 www.gstatic.com/firebasejs/9.18.0/firebase-firestore.js
IP 142.250.74.35:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 913993223afa6e31f1ec5cad20aa3bfe
163e330b1eddcd6dce4d410d212721a6d6c6a4d9
0faedadda4a5ae3cf994e9cee51738655b592050f9c5a04fe20d516d7df63f88
GET /firebasejs/9.18.0/firebase-firestore.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 95116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 17:52:08 GMT
expires: Sun, 02 Jun 2024 17:52:08 GMT
cache-control: public, max-age=31536000
age: 192460
last-modified: Thu, 16 Mar 2023 21:56:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-account-disabled-9cae3.web.app/assets/AssetManifest.json
199.36.158.100200 OK 275 B URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/AssetManifest.json
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JSON data\012- , ASCII text, with very long lines (1339), with no line terminators
Hash 1918c6e198c23083253510577a31c13a
2c8cb486a90ac70617733bdd6c0af3126a1a3f96
387493174bee7e9a02f384be17567a749895e0dfa7971fb7901b5e0609880fa8
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/AssetManifest.json HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 275
cache-control: max-age=3600
content-encoding: br
content-type: application/json
etag: "4b87578f3c4297829fb2462ed8d2e603c01a1165a7c0d12dbe0d5e53846a8aaf-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:48 GMT
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686007189.544975,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/AssetManifest.smcbin
199.36.158.100200 OK 219 B URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/AssetManifest.smcbin
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
Hash a0aeef5ec88426ccfb49c307fa34c970
745aea04728c03be30e255063f5cea9100ac275f
942305670eb6f8e29d1940d7dc06f803eb0e4274cfb23e5ab8045d568438a015
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/AssetManifest.smcbin HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 219
cache-control: max-age=3600
content-encoding: br
etag: "350e597b1da48d6e80f7c97dfa5e2d0f7659709957b631f1f9f44334c2be0bd9-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: text/html; charset=UTF-8
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:48 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.578284,VS0,VE51
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/assets/images/metav2.svg
199.36.158.100200 OK 1.5 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/assets/images/metav2.svg
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1065)
Hash 59dbe6b338ea85c1702f53c2817e1c18
bde9f8645a0bf981c1dff316f5c22ad0916d889c
0c038058600a811b8a96de485a224bcc30eb673972fe39954075bcf70ce74e04
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/assets/images/metav2.svg HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1512
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "792f7ab54daf1c77561a59cad05ee7f39d6a80280d30c04fc1ad420893c56ef5-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:48 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.762415,VS0,VE46
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.gstatic.com/s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf
216.58.207.227200 OK 69 kB URL GET HTTP/2 fonts.gstatic.com/s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf
IP 216.58.207.227:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash c67db2ad4a5ca29b517da8eabafd2459
c54a0034e60d6445caee8533684b3cea13420c81
9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c
GET /s/a/9ecfd020e9cc0b676025df8390c0dc8cc2062523540887dd04bec0ef4d5a449c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68574
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 05:48:26 GMT
expires: Thu, 30 May 2024 05:48:26 GMT
cache-control: public, max-age=31536000
age: 495083
last-modified: Wed, 27 Apr 2022 16:10:30 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf
216.58.207.227200 OK 69 kB URL GET HTTP/2 fonts.gstatic.com/s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf
IP 216.58.207.227:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash 8360fdd61fd8609ef10e61c40c0eca11
c80e173f72d4f31827d75c4ec934ede660d35b16
a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71
GET /s/a/a24a61e9a408f85504dcdcd11edc4995adceb4ab585c0011f39cfbe193248b71.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69233
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 19:19:33 GMT
expires: Wed, 29 May 2024 19:19:33 GMT
cache-control: public, max-age=31536000
age: 532816
last-modified: Wed, 27 Apr 2022 16:12:33 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-account-disabled-9cae3.web.app/assets/assets/images/meta.png
199.36.158.100200 OK 651 B URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/assets/images/meta.png
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 54 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash 82f724aa56db0da424f206b9991fd62e
c0334262e1a6720efb47fa3334e8dd6437377836
d96115050f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/assets/images/meta.png HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 651
cache-control: max-age=3600
content-type: image/png
etag: "bbfac192d44f6c44c9e54f8057faed916b7d39d14619e41c71234215f317a6f7"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:49 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.171922,VS0,VE43
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/assets/images/fbv2.jpg
199.36.158.100200 OK 2.6 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/assets/images/fbv2.jpg
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 236x236, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Hash e165af495d51ef5b46cad3d602a2a5f8
e3d73bf45f360750678f666b4fa51553aad7090d
171f1b3ac7b11ef605b96f91537ed2cc32ab21d7233733114a923d21d552b021
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/assets/images/fbv2.jpg HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2598
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "67d395abf7e22d73484f5ce7e074dbcffe57cb4e0106c282080f3869571c7489-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:49 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.172693,VS0,VE44
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ad-account-disabled-9cae3.web.app/assets/assets/images/avatar.png
199.36.158.100200 OK 57 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/assets/images/avatar.png
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 662 x 664, 8-bit/color RGBA, non-interlaced\012- data
Hash 02fb04256d936e0d83a6340a1d1f3af4
b8bfe3b59f0dc0d7841d17f4352ac2ce0feb2238
0734468737b7eaf71a997b518a6b70a4ec17d136f41bf3bb562429bbea1de8cb
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/assets/images/avatar.png HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 57170
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "0abff7c492d5592d85ce2d6bafe5a86ffcbd23e430576049555a99773d24d4c0"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:49 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.174730,VS0,VE90
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.gstatic.com/s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf
216.58.207.227200 OK 70 kB URL GET HTTP/2 fonts.gstatic.com/s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf
IP 216.58.207.227:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash 9ba5c294b162c2688a1541ea64f36fb3
257c4afc8725d026f06e0208e2ae7bfe079f1452
705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a
GET /s/a/705290b12f58c6d70aafcaaf461dbc3d2f7f19d0f4362af1843b107d95d4960a.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 06:48:43 GMT
expires: Thu, 30 May 2024 06:48:43 GMT
cache-control: public, max-age=31536000
age: 491466
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-account-disabled-9cae3.web.app/assets/assets/images/bg.jpg
199.36.158.100200 OK 76 kB URL GET HTTP/3 ad-account-disabled-9cae3.web.app/assets/assets/images/bg.jpg
IP 199.36.158.100:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, baseline, precision 8, 1920x175, components 3\012- data
Hash 49a366b72644f04ea8efccf9550fb0a5
54492aa337fc8ee34297a04fd789d202fba78d58
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34
Analyzer Verdict Alert openphish Facebook, Inc.
phishtank Facebook
quad9 Sinkholed
GET /assets/assets/images/bg.jpg HTTP/1.1
Host: ad-account-disabled-9cae3.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad-account-disabled-9cae3.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 76203
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "7f1f63f4fcd132f1b4eaa76b9572f90894bb86906ab87a9b26ab162eed168b15-br"
last-modified: Sun, 04 Jun 2023 04:47:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 05 Jun 2023 23:19:49 GMT
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686007189.182114,VS0,VE109
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 421f44403c3130ab03cc599c07ec256a
fcc4a4354d1f567cd0e151734db32d97bdbe2628
738e5454adbe0dea90252941434b5c7f51b05b6e6de8803e8791e385916f84e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:19:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 00:01:06 GMT
Expires: Sun, 11 Jun 2023 00:01:05 GMT
Etag: "fcc4a4354d1f567cd0e151734db32d97bdbe2628"
Cache-Control: max-age=434815,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d2c24875d490b65-OSL
api.ipify.org/?format=
173.231.16.76200 OK 12 B IP 173.231.16.76:443
Requested by https://ad-account-disabled-9cae3.web.app/
Certificate IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /?format= HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ad-account-disabled-9cae3.web.app
DNT: 1
Connection: keep-alive
Referer: https://ad-account-disabled-9cae3.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://ad-account-disabled-9cae3.web.app
content-type: text/plain
date: Mon, 05 Jun 2023 23:19:50 GMT
vary: Origin
content-length: 12
X-Firefox-Spdy: h2