user.xtradde.xyz Open in urlscan Pro
179.43.140.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.xtradde.xyz/
Submission: On May 15 via api (May 15th 2024, 12:12:40 pm UTC) from US — Scanned from CH

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 179.43.140.34, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is user.xtradde.xyz.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time user.xtradde.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	179.43.140.34 179.43.140.34	51852 (PLI-AS) (PLI-AS)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
18	3

15 179.43.140.34 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: mta12.planosespeciais.com

user.xtradde.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xtradde.xyz user.xtradde.xyz	77 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	67 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
18	3

	Domain	Requested by
15	user.xtradde.xyz	user.xtradde.xyz
2	connect.facebook.net	user.xtradde.xyz connect.facebook.net
1	www.facebook.com	user.xtradde.xyz
18	3

This site contains no links.

Subject Issuer	Validity	Valid
user.xtradde.xyz R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-22` - `2024-05-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://user.xtradde.xyz/
Frame ID: B0B51CE4E935065A1E14713CAF734C6E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elon Musk is a scammer!!!

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

145 kB
Transfer

394 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.xtradde.xyz/ 57 KB
11 KB 577ms
193ms Document
text/html 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 179ea4efee2e0f35659a77466e02c79f01cfc87aad0d77b16df42bccdb6cef03

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 12:12:35 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H2 200 style.css
user.xtradde.xyz/prel_grok_L1488S_CAN/css/ 11 KB
3 KB 245ms
244ms Stylesheet
text/css 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/css/style.css
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: fcceb3f6e3b30bbba73309384e10c974c23e16bff023620700455ca6768409de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:35 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 772ms
108ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 May 2024 12:12:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=13, mss=1380, tbw=2790, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 9ut7twKz2J3uSVEla6rIHCKwboMBmYiQJKEEmFwBuMw84cQKXEh5fcnva0OPbu7MWogc6XpvCM5MI+1tYvsu9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 coment-8.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 7 KB
7 KB 143ms
129ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-8.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 5032027f9fa861d9fc9ba654b1d9b592559197299bc6a90ab8a970094334229f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 main-1.webp
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 11 KB
11 KB 252ms
239ms Image
image/webp 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/main-1.webp
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 9b2101330a41528abadb2b4bfa25bc1f65ad9a043398eff19ac75fea5cd9d381

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 main-2.webp
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 6 KB
6 KB 254ms
241ms Image
image/webp 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/main-2.webp
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: dd6dee0035df8517444a8964670d9c4d18fe61ea2889d0dc513d62d118a4093e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 main-3.webp
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 14 KB
14 KB 254ms
242ms Image
image/webp 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/main-3.webp
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: bfe370ec46f24f68371307f3cf8f2825f60e69bae0b15a55e7df61bb6cc25923

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 main-4.webp
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 6 KB
7 KB 258ms
246ms Image
image/webp 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/main-4.webp
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 65a4a51919aec7c3ddb37fae208309c0bebf310f6bab60321ef7ab3c21c77397

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 coment-1.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 2 KB
2 KB 190ms
180ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-1.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: d2692ea27691680c9692507e0a773b33ba491a07b0837b16df2d8a7302c8aee4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-2.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 3 KB
3 KB 184ms
174ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-2.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 393512d31404667d10667c9ecd1a373b192e515befb706087839da732a3c5489

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-3.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 3 KB
3 KB 190ms
181ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-3.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: f5e57cbac09095f9b893638229404dc1f36d475cb84de6f65b1feabda572b6fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-4.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 2 KB
3 KB 189ms
180ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-4.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: c01717e1f81b052894ac297e7911e62550a5bc779ca3a20716786b1dad226554

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-5.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 2 KB
2 KB 181ms
173ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-5.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: f57e841412f066716ea79e8b54d403ba054d5df7b544cd5793db894488582091

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-6.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 2 KB
3 KB 185ms
179ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-6.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 3fe744dd2fc58f48f6ec552ede1e6f31f9cba568d465f01373f8d8a4819b333a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 coment-7.png
user.xtradde.xyz/prel_grok_L1488S_CAN/img/ 2 KB
3 KB 181ms
175ms Image
image/png 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.xtradde.xyz/prel_grok_L1488S_CAN/img/coment-7.png
Requested by: Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: 2fc3938fa94a65033875fee2a54e63f7eaa213bb14669fd7d035dc8d339bf804

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:36 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png

GET
H2 200 2346483688886852 Show response
connect.facebook.net/signals/config/ 39 KB
9 KB 331ms
330ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2346483688886852?v=2.9.156&r=stable&domain=user.xtradde.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

fd99c38b1dad1a785915b775b44f2658e931d66d412ca9eeb4fc7bc45a0d7fcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 May 2024 12:12:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=52, mss=1380, tbw=63309, tp=-1, tpl=-1, uplat=195, ullat=1
pragma: public
x-fb-debug: ubQul8mTshLhPQT4zhjltT8EVM0p5WHaGHF1iYYlfQ/7ycEZF9boZRwn4E89JXwP1XjMoPKUbqrqYSPUdfsb+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 1625ms
106ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2346483688886852&ev=PageView&dl=https%3A%2F%2Fuser.xtradde.xyz%2F&rl=&if=false&ts=1715775157148&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4124&fbp=fb.1.1715775157147.1129162078&ler=empty&cdl=API_unavailable&it=1715775156795&coo=false&rqm=GET

Requested by

Host: user.xtradde.xyz
URL: https://user.xtradde.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1380, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 May 2024 12:12:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 favicon.ico
user.xtradde.xyz/ 8 KB
599 B 271ms
270ms Other
image/x-icon 179.43.140.34
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.xtradde.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.140.34 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: mta12.planosespeciais.com
Software: openresty /
Resource Hash: d547752fe08636340708d0ae1d9d9fa0f9b78de1e66c71f30a1eef5feb44a332

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://user.xtradde.xyz/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:12:38 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xtradde.xyz/	1970-01-20 22:45:51	Name: _fbp Value: fb.1.1715775157147.1129162078

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/2346483688886852?v=2.9.156&r=stable&domain=user.xtradde.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 68) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
user.xtradde.xyz
www.facebook.com
157.240.0.35
157.240.0.6
179.43.140.34
179ea4efee2e0f35659a77466e02c79f01cfc87aad0d77b16df42bccdb6cef03
2fc3938fa94a65033875fee2a54e63f7eaa213bb14669fd7d035dc8d339bf804
393512d31404667d10667c9ecd1a373b192e515befb706087839da732a3c5489
3fe744dd2fc58f48f6ec552ede1e6f31f9cba568d465f01373f8d8a4819b333a
5032027f9fa861d9fc9ba654b1d9b592559197299bc6a90ab8a970094334229f
65a4a51919aec7c3ddb37fae208309c0bebf310f6bab60321ef7ab3c21c77397
9b2101330a41528abadb2b4bfa25bc1f65ad9a043398eff19ac75fea5cd9d381
bfe370ec46f24f68371307f3cf8f2825f60e69bae0b15a55e7df61bb6cc25923
c01717e1f81b052894ac297e7911e62550a5bc779ca3a20716786b1dad226554
d2692ea27691680c9692507e0a773b33ba491a07b0837b16df2d8a7302c8aee4
d547752fe08636340708d0ae1d9d9fa0f9b78de1e66c71f30a1eef5feb44a332
dd6dee0035df8517444a8964670d9c4d18fe61ea2889d0dc513d62d118a4093e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f57e841412f066716ea79e8b54d403ba054d5df7b544cd5793db894488582091
f5e57cbac09095f9b893638229404dc1f36d475cb84de6f65b1feabda572b6fd
fcceb3f6e3b30bbba73309384e10c974c23e16bff023620700455ca6768409de
fd99c38b1dad1a785915b775b44f2658e931d66d412ca9eeb4fc7bc45a0d7fcd

user.xtradde.xyz Open in urlscan Pro 179.43.140.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

145 kBTransfer

394 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

user.xtradde.xyz Open in urlscan Pro
179.43.140.34 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

145 kB
Transfer

394 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions