ads-facebook.ga Open in urlscan Pro
2606:4700:3033::6812:226f  Malicious Activity! Public Scan

URL: https://ads-facebook.ga/
Submission: On May 12 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::6812:226f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ads-facebook.ga.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 12th 2020. Valid for: 5 months.
This is the only time ads-facebook.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
14 3
Apex Domain
Subdomains
Transfer
12 fbcdn.net
static.xx.fbcdn.net
255 KB
1 facebook.com
facebook.com
948 B
1 ads-facebook.ga
ads-facebook.ga
4 KB
14 3
Domain Requested by
12 static.xx.fbcdn.net ads-facebook.ga
1 facebook.com ads-facebook.ga
1 ads-facebook.ga
14 3

This site contains links to these domains. Also see Links.

Domain
m.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-05-12 -
2020-10-09
5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-04-15 -
2020-07-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ads-facebook.ga/
Frame ID: 81C7B12443A62640F371FEDDC0875BF7
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

260 kB
Transfer

757 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ads-facebook.ga/
12 KB
4 KB
Document
General
Full URL
https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:226f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabef569717537681f4400d00ae2c129a852e2b6ee1c47fa4367f6fdf77f8440

Request headers

:method
GET
:authority
ads-facebook.ga
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 12 May 2020 01:51:12 GMT
content-type
text/html
set-cookie
__cfduid=d1a3b7428fefbd0aaac07ef2aec374dd11589248272; expires=Thu, 11-Jun-20 01:51:12 GMT; path=/; domain=.ads-facebook.ga; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
last-modified
Tue, 12 May 2020 01:38:01 GMT
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires
Thu, 11 Jun 2020 01:50:44 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59207e481d8a97f6-FRA
content-encoding
br
cf-request-id
02a82d410d000097f6e4064200000001
FU7Hdz185W2.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/
97 KB
25 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/FU7Hdz185W2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e494cb43139528858aa7d4256fb1befb6b0b1cdb4b20234ae1793872d93ff503
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
XsH3xoMsSuKr6CCWs+L4gngXtO85Hcu0qWmx3OEuyhmQKyHJWo4ME+TArxBf4rAqIbWAzKesAl7nMdwMQpLq1w==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
qu0zXKx0M4c0Cx11xTlhDA==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
25763
expires
Mon, 10 May 2021 00:28:11 GMT
swkN4gXeiCH.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/
18 KB
6 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/swkN4gXeiCH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aec832850250e5c3e2e9d18372b24a73aa0f73d2240c6dee606ce3cc43fb40c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
NHAWQcQlA8GPOeyORfkvrBXSkYpEiEP3O/i9FQlQJlHxmWHFnCMF8Q66p8Q6C1GsjMM3/MxqFbVa5lHOxQOVqQ==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
xPxYnOQ/G8ORBjmSNibN3Q==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
5975
expires
Mon, 10 May 2021 02:45:22 GMT
GXSvxG8riDx.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/
49 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/GXSvxG8riDx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
366c78f147150f663298e8ba6d05e7c2df02a5689106a5f14341e902a7c8747b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
pVSTaYtqLz0QT6eSpJk99V4xL2nXIiKVs93wDT5sqYIWANNexO4H18o3DE538WpVAGtmHO8IZ+UUQbN31g9K4w==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
oEDHah3KTzsxUHuLfygTJg==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
14947
expires
Wed, 12 May 2021 01:51:12 GMT
Gulh_VkEaQw.js
static.xx.fbcdn.net/rsrc.php/v3is4v4/yD/l/pt_BR/
45 KB
11 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3is4v4/yD/l/pt_BR/Gulh_VkEaQw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
595eb0cecf61baafbf2c264f2e7b009b4aa987914b041873146a39cd6e82fb2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
vTlU2qr2zdsV1eElgDvKV47iXD2WEbVdQdwQcAUj1qFxhOvt3tUyr+BD9cfro1IyWNw37Lu5p6hsY6inIsEblw==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
wILh6VctS7RyC9Ckyruxsw==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
10773
expires
Mon, 10 May 2021 04:48:08 GMT
EH5ka8spIkZ.js
static.xx.fbcdn.net/rsrc.php/v3icm24/y3/l/pt_BR/
38 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3icm24/y3/l/pt_BR/EH5ka8spIkZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5d23fc3213c2deeb619f16d6e9df49a8082200b0cc94a2e3dbc2925ac9eb2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
sz7y0Kf6WXLdQCoWi9tpXYsz3ioTHxAn/ATy9LGytRrwBe9NNjg3X7yBS1WNeayny7tvg5x1hhSyoPUTq2G/Og==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
BEX08q50DdHfCCN0KUiMgQ==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
10257
expires
Sun, 02 May 2021 18:03:18 GMT
ZsqLc6-5FQP.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/
8 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/ZsqLc6-5FQP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4b627d014cf23c0e75fa59a5aa83747b5c139fc9084870967b5c7029790e2ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
rSsYNxtPeXLV3Lb1FbpxI+20h47JBJ/axnSxHJQTAFKQCMfqfK8WeTCV2Mh0DClFJlmiQmKh7XA4QyMfts687Q==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Yj0fAckmFZgzPgGBiwXudQ==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
2392
expires
Sun, 09 May 2021 21:56:00 GMT
226JQE_aiL9.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/
99 KB
22 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/226JQE_aiL9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5519a57fd9a71f25735c7ae709a0365f4be5478635e44bdafdebd97100ae3668
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
qGonGOHW7DsjnYA6orXC/fz7FHh6UAocEBW8fBjDMRdSj/UAnFLEO+SRB6/mEpVzhpitx8j8R8rVivKZ20Fz6A==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
ohgmdCVQ7U49lW/SRnHD0Q==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
22364
expires
Mon, 10 May 2021 01:53:56 GMT
l7dk_vrKtOR.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/
111 KB
32 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/l7dk_vrKtOR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdb53a60ab2b6816aa47ffe39a6b7bda7104d7c88f65da85f129086e76af6675
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
0L41SWZX1qJ6DZytQBmwtTSWC4aNatWiZ4d56vL11XYWrfqaqCdB9NBXAzIFFLs53ZuYWAykERpHCiJt4x8qTw==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
ewM9w8bRnJhCVTB98i8ISg==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
33060
expires
Sun, 09 May 2021 16:05:43 GMT
9DGqyzQsrfu.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/
56 KB
17 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/9DGqyzQsrfu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a710784577f41e7baa7d8a7fcd6fbe43290890f8004e8af7ca51da23088b1f54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
D3pq8yISLE0fQ9VhuaT5AjVEm7AyYWeMBASOKiScJu9ocdMyFccuI4Xh5Tm+wxT1VHE9BUfsehtHM/yIrzFPJQ==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
002/UlpWzxceMEnxa5viaA==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
17013
expires
Mon, 10 May 2021 00:18:10 GMT
fLx5L6V570h.js
static.xx.fbcdn.net/rsrc.php/v3i4B74/y9/l/pt_BR/
137 KB
38 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4B74/y9/l/pt_BR/fLx5L6V570h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af505c66cb04e754c413bc9ece01930a6ba0941f26f03b173b3978420b50c417
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
AjnLHN8+TT23ojuzvSeOQ6oj819d8uwgX4+kckllZv0ZnxiQjx/I7hc+8yYZlnMBcStHgxYLz/8EAfZobCMq5Q==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
0eGDa7OkBoU+TgpB9ZJ4CA==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
38400
expires
Sun, 09 May 2021 18:02:46 GMT
0b5T-7QaF1I.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/
14 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/0b5T-7QaF1I.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
028954d5ac469ff3b836c237f38c38dced30f7d9d7d25be4c2603369cf07c550
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads-facebook.ga/
Origin
https://ads-facebook.ga

Response headers

timing-allow-origin
*
x-fb-debug
DtiHUXc6Yg+wUkrrTt0icYI6OHqQ9PLmEBOm0QEhYqrzOwQZagEXcvSgHDd1qvWmPS9SxaX2IIIKj+FAl+GAgw==
x-fb-trip-id
2042748335
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
/+orOpiN9ppCnwH3G5abxg==
status
200
date
Tue, 12 May 2020 01:51:12 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
3092
expires
Tue, 11 May 2021 17:26:23 GMT
hsts-pixel.gif
facebook.com/security/
43 B
948 B
Image
General
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ads-facebook.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
no-cache
x-fb-debug
5AFexFzxMgl4KNCjz3c5viKcjy70e7ZoHPGMvnXP4aRurlMBfsVohv0cOhg+O0QTVTRXDp4Yhb/GZpHjoNoc2w==
x-frame-options
DENY
date
Tue, 12 May 2020 01:51:12 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires
Sat, 01 Jan 2000 00:00:00 GMT
edlsFKKb9S2.png
static.xx.fbcdn.net/rsrc.php/v3/yl/r/
73 KB
73 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/edlsFKKb9S2.png
Requested by
Host: ads-facebook.ga
URL: https://ads-facebook.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33a634e1bd262aa6f77cfef0b8bd26f743d3d9db6017d8bff0a648a41e892e90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/226JQE_aiL9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
UNuoDtfgY98B2a1VurPN7yaxySkK0lUuxMHqDCVzEbenc4bJrvoeCjnHUhec04FaOEiT8S3O+POUCEoea1AAlQ==
x-fb-trip-id
664085054
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
CrOOuxlJ2jyFKZDPgy4xmQ==
date
Tue, 12 May 2020 01:51:12 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
content-length
74673
expires
Sat, 08 May 2021 22:06:56 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
.ads-facebook.ga/ Name: __cfduid
Value: d1a3b7428fefbd0aaac07ef2aec374dd11589248272