ai-enzotrading.com
Open in
urlscan Pro
31.210.172.93
Malicious Activity!
Public Scan
Submission: On April 08 via api from BE — Scanned from NL
Summary
TLS certificate: Issued by R3 on April 5th 2024. Valid for: 3 months.
This is the only time ai-enzotrading.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 31.210.172.93 31.210.172.93 | 207728 (EUROHOSTER) (EUROHOSTER) | |
2 | 2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
12 | 4 |
ASN207728 (EUROHOSTER, BG)
PTR: vps24212.hosted-by-eurohoster.org
ai-enzotrading.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
ai-enzotrading.com
ai-enzotrading.com |
330 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176 |
72 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 99 |
274 B |
12 | 3 |
Domain | Requested by | |
---|---|---|
9 | ai-enzotrading.com |
ai-enzotrading.com
|
2 | connect.facebook.net |
ai-enzotrading.com
connect.facebook.net |
1 | www.facebook.com |
ai-enzotrading.com
|
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
telegram.org |
t.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ai-enzotrading.com R3 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ai-enzotrading.com/
Frame ID: 6C02AC6E17DD959A5566861180D2FE8E
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Telegram: Join Group ChatDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Download for Mac
Search URL Search Domain Scan URL
Title: @enzoreeves
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ai-enzotrading.com/ |
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-roboto.css
ai-enzotrading.com/ |
6 KB 701 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
ai-enzotrading.com/ |
42 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.css
ai-enzotrading.com/ |
101 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Viq_bmAuukK7VylLN5mjSPt6EaGfsx31hMSwAo0sh3LHBPT8JbHmQjee0QPPYv78M2cqtS42reboO4SbIUHQ4n0KGC2nGhjLYEnTvu9P2ehV-Iy_Z7HAgnNG.jpg
ai-enzotrading.com/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pattern.svg
ai-enzotrading.com/ |
226 KB 227 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
ai-enzotrading.com/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
ai-enzotrading.com/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1505253703667816
connect.facebook.net/signals/config/ |
64 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ai-enzotrading.com/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| fbq function| _fbq1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ai-enzotrading.com/ | Name: _fbp Value: fb.1.1712544088288.845571193 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ai-enzotrading.com
connect.facebook.net
www.facebook.com
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
31.210.172.93
0d6808e56c82dfe7d63e89193563a06c1e8e26d06286dd95b3680e1da5b5b3c6
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
1d9c7ee5f7495e81ecc324c31b4395b910af19f16b6bb862e28e5f229f49277e
27780ccf89e3853f260323c142e835e76d72fb2846169c8425ff39565da7efac
3b3a44e9315ef57895735cb59fe2d184244af488d64c3cd5e4a0cff67eb80020
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
656d4f9b4fadc115bbfb0630811fd38660b7c08d9d26f53e4ff215b7ffac7571
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eb6f64440a4ea55b81236d72d3c40416141c1738b7f22bc4613a8953cc27ba
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3