ai-enzotrading.com Open in urlscan Pro
31.210.172.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ai-enzotrading.com/
Submission: On April 08 via api (April 8th 2024, 2:41:32 am UTC) from BE — Scanned from NL

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 31.210.172.93, located in Meppel, Netherlands and belongs to EUROHOSTER, BG. The main domain is ai-enzotrading.com.
TLS certificate: Issued by R3 on April 5th 2024. Valid for: 3 months.

This is the only time ai-enzotrading.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
9	31.210.172.93 31.210.172.93	207728 (EUROHOSTER) (EUROHOSTER)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	4

9 31.210.172.93 (Meppel, Netherlands)

ASN207728 (EUROHOSTER, BG)
PTR: vps24212.hosted-by-eurohoster.org

ai-enzotrading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ai-enzotrading.com ai-enzotrading.com	330 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	72 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	274 B
12	3

	Domain	Requested by
9	ai-enzotrading.com	ai-enzotrading.com
2	connect.facebook.net	ai-enzotrading.com connect.facebook.net
1	www.facebook.com	ai-enzotrading.com
12	3

This site contains links to these domains. Also see Links.

Domain
telegram.org
t.me

Subject Issuer	Validity	Valid
ai-enzotrading.com R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-16` - `2024-04-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ai-enzotrading.com/
Frame ID: 6C02AC6E17DD959A5566861180D2FE8E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram: Join Group Chat

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

403 kB
Transfer

745 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://telegram.org/dl?tme=1475211191f0790961_1630021151964363523
Title: Download for Mac

Search URL Search Domain Scan URL

URL: https://t.me/enzoreeves
Title: @enzoreeves

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ai-enzotrading.com/ 14 KB
6 KB 73ms
25ms Document
text/html 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 0d6808e56c82dfe7d63e89193563a06c1e8e26d06286dd95b3680e1da5b5b3c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html
date: Mon, 08 Apr 2024 02:41:27 GMT
etag: W/"660ff42c-3768"
last-modified: Fri, 05 Apr 2024 12:53:00 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 font-roboto.css
ai-enzotrading.com/ 6 KB
701 B 49ms
48ms Stylesheet
text/css 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/font-roboto.css
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 27780ccf89e3853f260323c142e835e76d72fb2846169c8425ff39565da7efac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:27 GMT
content-encoding: br
last-modified: Fri, 05 Apr 2024 12:50:26 GMT
server: nginx
etag: W/"660ff392-16c6"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 bootstrap.min.css
ai-enzotrading.com/ 42 KB
7 KB 47ms
47ms Stylesheet
text/css 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/bootstrap.min.css
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:27 GMT
content-encoding: br
last-modified: Fri, 05 Apr 2024 12:50:24 GMT
server: nginx
etag: W/"660ff390-a61b"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 telegram.css
ai-enzotrading.com/ 101 KB
17 KB 49ms
49ms Stylesheet
text/css 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/telegram.css
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 656d4f9b4fadc115bbfb0630811fd38660b7c08d9d26f53e4ff215b7ffac7571

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:27 GMT
content-encoding: br
last-modified: Fri, 05 Apr 2024 12:50:39 GMT
server: nginx
etag: W/"660ff39f-195e0"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 Viq_bmAuukK7VylLN5mjSPt6EaGfsx31hMSwAo0sh3LHBPT8JbHmQjee0QPPYv78M2cqtS42reboO4SbIUHQ4n0KGC2nGhjLYEnTvu9P2ehV-Iy_Z7HAgnNG.jpg
ai-enzotrading.com/ 35 KB
35 KB 30ms
29ms Image
image/jpeg 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai-enzotrading.com/Viq_bmAuukK7VylLN5mjSPt6EaGfsx31hMSwAo0sh3LHBPT8JbHmQjee0QPPYv78M2cqtS42reboO4SbIUHQ4n0KGC2nGhjLYEnTvu9P2ehV-Iy_Z7HAgnNG.jpg
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: e8eb6f64440a4ea55b81236d72d3c40416141c1738b7f22bc4613a8953cc27ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:27 GMT
last-modified: Fri, 05 Apr 2024 12:50:39 GMT
server: nginx
etag: "660ff39f-8c41"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 35905

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 71ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Apr 2024 02:41:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57928
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: MDr6Gh7NRQoFCxEFEdD10SKzetbKszykhbuPRpjcYg0CFTmX3f/E3A32HwrM876JmZw3QuQVagqx0lKSM4NSsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d9c7ee5f7495e81ecc324c31b4395b910af19f16b6bb862e28e5f229f49277e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pattern.svg
ai-enzotrading.com/ 226 KB
227 KB 29ms
28ms Image
image/svg+xml 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ai-enzotrading.com/pattern.svg
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/telegram.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/telegram.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:28 GMT
last-modified: Fri, 05 Apr 2024 12:50:38 GMT
server: nginx
etag: "660ff39e-3891a"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 231706

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
ai-enzotrading.com/ 11 KB
11 KB 27ms
27ms Font
font/woff2 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/font-roboto.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/font-roboto.css
Origin: https://ai-enzotrading.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:28 GMT
last-modified: Fri, 05 Apr 2024 12:50:31 GMT
server: nginx
etag: "660ff397-2b20"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 11040

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
ai-enzotrading.com/ 11 KB
11 KB 25ms
25ms Font
font/woff2 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/font-roboto.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/font-roboto.css
Origin: https://ai-enzotrading.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:28 GMT
last-modified: Fri, 05 Apr 2024 12:50:34 GMT
server: nginx
etag: "660ff39a-2b14"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 11028

GET
H2 200 1505253703667816 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 78ms
78ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1505253703667816?v=2.9.152&r=stable&domain=ai-enzotrading.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b3a44e9315ef57895735cb59fe2d184244af488d64c3cd5e4a0cff67eb80020

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Apr 2024 02:41:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1294, tbw=63235, tp=-1, tpl=-1, uplat=55, ullat=0
pragma: public
x-fb-debug: UgaRBdCmzh12qNbwX6Qka4qU4Woq/URnG2KIgV2lj2BMyCeH4tBkmXwdQuJdMp0M+1Mn0C4d/VVCU5fgGV1xaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 70ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1505253703667816&ev=PageView&dl=https%3A%2F%2Fai-enzotrading.com%2F&rl=&if=false&ts=1712544088289&sw=800&sh=600&v=2.9.152&r=stable&ec=0&o=4126&fbp=fb.1.1712544088288.845571193&cs_est=true&ler=empty&cdl=API_unavailable&it=1712544088199&coo=false&rqm=GET

Requested by

Host: ai-enzotrading.com
URL: https://ai-enzotrading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Apr 2024 02:41:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 favicon.ico
ai-enzotrading.com/ 15 KB
15 KB 24ms
24ms Other
image/vnd.microsoft.icon 31.210.172.93
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://ai-enzotrading.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.172.93 Meppel, Netherlands, ASN207728 (EUROHOSTER, BG),
Reverse DNS: vps24212.hosted-by-eurohoster.org
Software: nginx / PleskLin
Resource Hash: 4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ai-enzotrading.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 02:41:28 GMT
last-modified: Fri, 05 Apr 2024 12:50:25 GMT
server: nginx
etag: "660ff391-3aee"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 15086

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ai-enzotrading.com/	1970-01-20 21:52:00	Name: _fbp Value: fb.1.1712544088288.845571193

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1505253703667816?v=2.9.152&r=stable&domain=ai-enzotrading.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai-enzotrading.com
connect.facebook.net
www.facebook.com
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
31.210.172.93
0d6808e56c82dfe7d63e89193563a06c1e8e26d06286dd95b3680e1da5b5b3c6
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
1d9c7ee5f7495e81ecc324c31b4395b910af19f16b6bb862e28e5f229f49277e
27780ccf89e3853f260323c142e835e76d72fb2846169c8425ff39565da7efac
3b3a44e9315ef57895735cb59fe2d184244af488d64c3cd5e4a0cff67eb80020
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
656d4f9b4fadc115bbfb0630811fd38660b7c08d9d26f53e4ff215b7ffac7571
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eb6f64440a4ea55b81236d72d3c40416141c1738b7f22bc4613a8953cc27ba
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

ai-enzotrading.com Open in urlscan Pro 31.210.172.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

403 kBTransfer

745 kBSize

1 Cookies

3 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ai-enzotrading.com Open in urlscan Pro
31.210.172.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

403 kB
Transfer

745 kB
Size

1
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!