![](/screenshots/5b87246a-b46f-43c2-b984-2bc497dc5212.png)
bertyx.com
Open in
urlscan Pro
89.255.249.53
Malicious Activity!
Public Scan
Effective URL: http://bertyx.com/mznia_gt_nbrnd_34/index.html?tk=kRRxp-5a989cdc6b0a49.27415643&kt=crejragg.klm&st=Ja9jR_rbvpi-jqY...
Submission: On March 02 via manual from US
Summary
This is the only time bertyx.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 52.31.32.179 52.31.32.179 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 89.255.249.53 89.255.249.53 | 60626 (LEASEWEBCDN) (LEASEWEBCDN) | |
4 | 89.255.249.55 89.255.249.55 | 60626 (LEASEWEBCDN) (LEASEWEBCDN) | |
16 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-32-179.eu-west-1.compute.amazonaws.com
perwentt.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
bertyx.com
bertyx.com |
97 KB |
1 |
perwentt.xyz
perwentt.xyz |
1 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
15 | bertyx.com |
bertyx.com
|
1 | perwentt.xyz | |
16 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://bertyx.com/mznia_gt_nbrnd_34/index.html?tk=kRRxp-5a989cdc6b0a49.27415643&kt=crejragg.klm&st=Ja9jR_rbvpi-jqYp9wZD-Q&e=1519951248
Frame ID: (338E3F7D9D93323EE9A52748479EC3C7)
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/5b87246a-b46f-43c2-b984-2bc497dc5212.png)
Page URL History Show full URLs
- http://perwentt.xyz/tron/QElhnn-5a989985c41a17.60314858/co/par?s1=134125&session=kUS25G2E02RHM01... Page URL
- http://bertyx.com/mznia_gt_nbrnd_34/index.html?tk=kRRxp-5a989cdc6b0a49.27415643&kt=crejragg.kl... Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Knockout.js.png)
Detected patterns
- env /^ko$/i
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://perwentt.xyz/tron/QElhnn-5a989985c41a17.60314858/co/par?s1=134125&session=kUS25G2E02RHM0100FH90TH0L042VDWF0MIP03R08a2T0848042VD00&trk=SUtCNGtGb0tyU2drbGMxR2VZcXFFZz09 Page URL
- http://bertyx.com/mznia_gt_nbrnd_34/index.html?tk=kRRxp-5a989cdc6b0a49.27415643&kt=crejragg.klm&st=Ja9jR_rbvpi-jqYp9wZD-Q&e=1519951248 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
par
perwentt.xyz/tron/QElhnn-5a989985c41a17.60314858/co/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
bertyx.com/mznia_gt_nbrnd_34/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
bertyx.com/mznia_gt_nbrnd_34/js/ |
85 KB 35 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
git65_poo.js
bertyx.com/mznia_gt_nbrnd_34/ |
680 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
bertyx.com/mznia_gt_nbrnd_34/img/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-check.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
681 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazon-prime.png
bertyx.com/mznia_gt_nbrnd_34/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i7.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kindle-unlimited.png
bertyx.com/mznia_gt_nbrnd_34/img/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.jpg
bertyx.com/mznia_gt_nbrnd_34/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-right.png
bertyx.com/mznia_gt_nbrnd_34/img/ |
473 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| getParams function| puchi function| chu_zri string| ko object| monthNames object| now string| nowStringTommorow object| mydate object| dayarray object| montharray number| day number| month number| year function| startTimer function| drawszlider number| slidewhere number| holvanszlider function| showThree0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bertyx.com
perwentt.xyz
52.31.32.179
89.255.249.53
89.255.249.55
18d0c67bd8af815bb9c2ad48fa167735cf2bf774ea66a0a497b9cb233cbef777
343edae75d4427e8f4ada76563200e8794770afaf8a8e58806a9e35202b707a2
3edf34533263bc5042af8f97f93186e2ff0d1098b343d059515fe8600b1322aa
4af904dd797281fbceda07c96ad01b639d2430ab2fa0b1e13a1d3e44e025fba9
61a5b75bd3a5d8370fd543e656a9223bf98035cb0e9931849b2a78c94b7134db
69ce5f9f583e04f26924bbaa52591db5e13bf88f742a8771cb235cff11930f91
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
871897c656013aa0cca67a55ae7d74d4aaf5b11f0f592ac8d4c78b68df111e38
9da9d1ee6df0aace41ad1aee7f8f1214feab80f35ca09d515ca3bc79314618f5
9f2164a18d5c74abc70ed3c378b313e18e084f7ad4dec671121469a4b6950b12
b40802561ae655d37444c4344b90c8c48e71227d516c2f4f24b8154042ede44a
b84fe73d31a18afa0492c782579e7c95dc1fde602dd611fb92d477ef13b5b390
bc4c71c9c118bb90ee00640f5b793a8dd640abc15ceeae07dab8bc2f8150130b
d34adadf6cdbd2c55ffe40e20968ca9854940948dead61fdb72633a474c5ed46
d3abd4cb1cc4d145c9889e3548822572e1b27a401cd629ad5e7fd8c4ef25357a
d44b5fe2a942827e8f72ed857a5f31da3ae30bc11fa13e60c920058b9b566573