Report - fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php

Report Overview

Submitted URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
IP
103.233.2.64
ASN
#46015 Exa Bytes Network Sdn.Bhd.
Submitted
2024-04-20 16:20:50
Access
public
Website Title
Facebook
Final URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
7
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17	2024-04-19	492 B	28 kB	104.21.26.223
fb-ads-manager.prohub.my	unknown	unknown	2024-01-30	2024-03-12	3.1 kB	285 kB	103.233.2.64
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-20	439 B	31 kB	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-20	medium	fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	kit.fontawesome.com/59b5f65c62.js	12 kB	2023-12-12	2024-04-30
Pretty URL kit.fontawesome.com/59b5f65c62.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-12 14:41:39 Last Seen2024-04-30 01:18:33 Times Seen65 Hash 52102616628ed088dcade4c75f593f6a d345bdba5c761498b5fba9659d5648458d6ad915 9070f8e1eecbeafb7deea4114fc6e623ea988b5bb26273ad695bc5b77984fb1f Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-05-03
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-03 19:22:46 Times Seen64248 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php	0 B	2023-03-07	2024-05-03
Pretty URL fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php IP 103.233.2.64 ASN #46015 Exa Bytes Network Sdn.Bhd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-03 19:31:15 Times Seen37312319 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (8)

URL IP Response Size

fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php

103.233.2.64

5.2 kB

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
HTML document, Unicode text, UTF-8 text
Size
5.2 kB (5230 bytes)
Hash
c2ae6d111c8b8aed3f8cfc11e996b0c2
b6965940986bd8ea941eab7c70ea659184841e07
e0801dc78ef8e20274d16e7be35d69c75ce352d7e76ac56cd077154d22bcb292

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /de/ads/campaign/69001290/webhook.php HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 20 Apr 2024 16:20:25 GMT
server: Apache
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

216.58.207.234

30 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 09:52:46 GMT
expires: Fri, 18 Apr 2025 09:52:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 196060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/bootstrap.min.css

103.233.2.64

121 kB

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/bootstrap.min.css
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /de/ads/campaign/69001290/css/bootstrap.min.css HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Jul 2020 23:34:16 GMT
accept-ranges: bytes
content-length: 121200
content-type: text/css
date: Sat, 20 Apr 2024 16:20:25 GMT
server: Apache
X-Firefox-Spdy: h2

fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/style.css

103.233.2.64

34 B

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/style.css
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
ASCII text, with CRLF line terminators
Size
34 B (34 bytes)
Hash
cd02160b77b4a8eb6ab39e20e48fa477
953e3cc0e9e20ff7a7b414e21640ec3f631b5ea8
13809ee04d4534bfbf187dfcf172b3fb2004daa65a12373dea801509f6c7e30b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /de/ads/campaign/69001290/css/style.css HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Jul 2020 23:34:16 GMT
accept-ranges: bytes
content-length: 34
content-type: text/css
date: Sat, 20 Apr 2024 16:20:25 GMT
server: Apache
X-Firefox-Spdy: h2

fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/bootstrap.css

103.233.2.64

146 kB

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/css/bootstrap.css
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
ASCII text, with very long lines (540)
Size
146 kB (146010 bytes)
Hash
2a31dca112f26923b51676cb764c58d5
f597f59f955cda06e5d7a79342d9e0c22b5ec6d2
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /de/ads/campaign/69001290/css/bootstrap.css HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Jul 2020 23:34:16 GMT
accept-ranges: bytes
content-length: 146010
content-type: text/css
date: Sat, 20 Apr 2024 16:20:25 GMT
server: Apache
X-Firefox-Spdy: h2

fb-ads-manager.prohub.my/de/ads/campaign/69001290/images/ok.png

103.233.2.64

10 kB

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/images/ok.png
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
PNG image data, 246 x 86, 8-bit/color RGBA, non-interlaced
Size
10 kB (10252 bytes)
Hash
819ee7ba1db4a33fbef198329131d51e
668ef53ef5929c9f321b531a43db4f9d3fdb7d69
f4d14ab6043a1a8887a4bda460067fedaee174e6db0c9f601a2efe824f4c7b87

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /de/ads/campaign/69001290/images/ok.png HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 07 Nov 2020 20:08:06 GMT
accept-ranges: bytes
content-length: 10252
content-type: image/png
date: Sat, 20 Apr 2024 16:20:26 GMT
server: Apache
X-Firefox-Spdy: h2

fb-ads-manager.prohub.my/de/ads/campaign/69001290/images/box.PNG

103.233.2.64

1.6 kB

URL
fb-ads-manager.prohub.my/de/ads/campaign/69001290/images/box.PNG
IP
103.233.2.64:0
ASN
#46015 Exa Bytes Network Sdn.Bhd.

File type
PNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1562 bytes)
Hash
950838516040553bb1acd56514dbe92a
00fee33b60720c7b26e81e57d85da137570dddd7
0434838bf045a13e55d6a5baca2f79b62361656d84eea81fdc710bce854383cb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /de/ads/campaign/69001290/images/box.PNG HTTP/1.1
Host: fb-ads-manager.prohub.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fb-ads-manager.prohub.my/de/ads/campaign/69001290/webhook.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Jul 2020 23:34:16 GMT
accept-ranges: bytes
content-length: 1562
content-type: image/png
date: Sat, 20 Apr 2024 16:20:26 GMT
server: Apache
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=59b5f65c62

104.21.26.223

27 kB

URL
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=59b5f65c62
IP
104.21.26.223:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (60130)
Size
27 kB (27248 bytes)
Hash
a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=59b5f65c62 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fb-ads-manager.prohub.my/
Origin: https://fb-ads-manager.prohub.my
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 16:20:27 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8I_mh2syp-rPVf2QR1eQS_g7gKsXnwdo1YRKMoCJEfI1CJ_eUTrFZQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fgbs88RXMV6P0nb5Js57KJ6m4OVWt8RQw6jO9np0Grwd6FI6A%2FYfQA%2F2YeswHEaQ9LhnSoCT%2Fr%2FRbuoL5e3OT%2FGicLPRAX0YfaCLO6pE02Fdk1cYhDvEMLLErvo3%2FAqmM1XB5YOEUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877676379b425688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL