chat-whatsapp-com.bergacra.top
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On April 03 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on March 31st 2023. Valid for: 3 months.
This is the only time chat-whatsapp-com.bergacra.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:10:... 2606:4700:10::ac43:324 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 124.155.223.238 124.155.223.238 | 4657 (STARHUB-I...) (STARHUB-INTERNET StarHub Ltd) | |
1 2 | 2606:4700:7::... 2606:4700:7::a29f:9804 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3038::6815:eafe | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.99.127 13.32.99.127 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 162.19.58.158 162.19.58.158 | 16276 (OVH) (OVH) | |
21 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-127.fra60.r.cloudfront.net
api.pubgameshowtime.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
bergacra.top
chat-whatsapp-com.bergacra.top |
167 KB |
6 |
jalantikus.com
assets.jalantikus.com — Cisco Umbrella Rank: 196113 |
121 KB |
2 |
medium.com
1 redirects
miro.medium.com — Cisco Umbrella Rank: 17155 |
90 KB |
1 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 12576 |
46 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
427 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
844 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374 |
41 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 756 |
30 KB |
1 |
stickpng.com
assets.stickpng.com — Cisco Umbrella Rank: 141978 |
|
1 |
alphacoders.com
images5.alphacoders.com — Cisco Umbrella Rank: 214748 |
79 KB |
21 | 10 |
Domain | Requested by | |
---|---|---|
7 | chat-whatsapp-com.bergacra.top |
chat-whatsapp-com.bergacra.top
|
6 | assets.jalantikus.com |
chat-whatsapp-com.bergacra.top
|
2 | miro.medium.com |
1 redirects
chat-whatsapp-com.bergacra.top
|
1 | i.ibb.co |
chat-whatsapp-com.bergacra.top
|
1 | api.pubgameshowtime.com |
cdn.jsdelivr.net
|
1 | fonts.googleapis.com |
chat-whatsapp-com.bergacra.top
|
1 | cdn.jsdelivr.net |
chat-whatsapp-com.bergacra.top
|
1 | code.jquery.com |
chat-whatsapp-com.bergacra.top
|
1 | assets.stickpng.com |
chat-whatsapp-com.bergacra.top
|
1 | images5.alphacoders.com |
chat-whatsapp-com.bergacra.top
|
21 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bergacra.top GTS CA 1P5 |
2023-03-31 - 2023-06-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-14 - 2023-06-14 |
a year | crt.sh |
jalantikus.com Go Daddy Secure Certificate Authority - G2 |
2023-01-26 - 2024-02-27 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
ibb.co R3 |
2023-02-06 - 2023-05-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://chat-whatsapp-com.bergacra.top/
Frame ID: 10F54D0723F6E8FF89FDA68FDC0BA3E3
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Whatsapp Group LinkDetected technologies
Medium (Blogs) ExpandDetected patterns
- medium\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://miro.medium.com/max/1600/0*ptDX0HfJCYpo9Pcs.gif HTTP 301
- https://miro.medium.com/v2/resize:fit:1600/0*ptDX0HfJCYpo9Pcs.gif
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
chat-whatsapp-com.bergacra.top/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
chat-whatsapp-com.bergacra.top/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.css
chat-whatsapp-com.bergacra.top/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumb-350-821024.png
images5.alphacoders.com/821/ |
78 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-2-0e6af.jpg.webp
assets.jalantikus.com/assets/cache/560/315/userfiles/2019/03/06/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-5-b1053.jpg.webp
assets.jalantikus.com/assets/cache/560/302/userfiles/2019/03/06/ |
20 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-6-9df5b.jpg.webp
assets.jalantikus.com/assets/cache/560/350/userfiles/2019/03/06/ |
24 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-8-62975.jpg.webp
assets.jalantikus.com/assets/cache/560/300/userfiles/2019/03/06/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-9-5d82f.jpg.webp
assets.jalantikus.com/assets/cache/560/373/userfiles/2019/03/06/ |
33 KB 34 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karakter-anime-cantik-13-a715e.jpg.webp
assets.jalantikus.com/assets/cache/560/315/userfiles/2019/03/06/ |
17 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*ptDX0HfJCYpo9Pcs.gif
miro.medium.com/v2/resize:fit:1600/ Redirect Chain
|
89 KB 90 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook_text.png
chat-whatsapp-com.bergacra.top/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
580b57fcd9996e24bc43c543.png
assets.stickpng.com/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slim.js
cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/ |
178 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 844 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bege.jpeg
chat-whatsapp-com.bergacra.top/css/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
thin.ttf
chat-whatsapp-com.bergacra.top/css/ |
39 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
60 B 427 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pict-wa.jpg
i.ibb.co/RhRXjcX/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font.ttf
chat-whatsapp-com.bergacra.top/css/ |
39 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| shortcut function| $ function| jQuery object| desc object| more function| checkip2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.medium.com/ | Name: __cfruid Value: 1b99d7ec9697986a18eaba99408bbced8663c609-1680538705 |
|
.alphacoders.com/ | Name: __cf_bm Value: 88ICuiLQT_KSS.S_j0SXvFxQlaRPRQvL0m.Jy3AjvLY-1680538705-0-AV2HEaZ1ASiSO0d4CZ7lU6308zqMZ4kiK5IDp/uTuCMfRhbWY1CFf+KJR2sy8TECRu75FzCXCi+maTYCIBKUWaI= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
assets.jalantikus.com
assets.stickpng.com
cdn.jsdelivr.net
chat-whatsapp-com.bergacra.top
code.jquery.com
fonts.googleapis.com
i.ibb.co
images5.alphacoders.com
miro.medium.com
124.155.223.238
13.32.99.127
162.19.58.158
2001:4de0:ac18::1:a:3a
2606:4700:10::ac43:324
2606:4700:3038::6815:eafe
2606:4700:7::a29f:9804
2606:4700::6810:5714
2a00:1450:4001:812::200a
2a06:98c1:3120::3
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
139d8b536e1f8b185d0b2605deecf8f6eea996ac073d89c80f24b75c50c604ec
139fc22ed87280a2011dfa727ece25c6af12cd433576980a0a6c29e9bc1e5faf
16a4e80a42006599c53b3451bc31ca6eccfe87dceb5453e4a1458b48b095569f
2cfa5b4347827e53c5ca6a3b5e21a23ce2f009c8a04d6add980ff580d6da0021
30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409
3153a06ba18e39e65902144be0e71ca8c0f14ac948a719c6aa8642414c1db3f3
3871112ce71b3031327f987590677f4c967daf702a131662f138f36b00e98069
3ef50ce5ebf525053581d80d9be4f43b0162fa2d5fe8a967bf8faecd96ab0318
61852ca7f641ed14b004242974c8648e8e598c901cda0052e0580625c33e992f
71333fe63e9b887525f1e95eb217e0933543315e84ead6dcad0e0d77df74e0a0
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
a518b174c9a9edc80baafa08907f534a9205376414c17a0f7ac7a6de9a9bbe22
aab5311b159bddb3c9fa2ccc73063ed1f3eeba9d84806ee61403cd7b4b67aebf
b8161d87f27830eb39deb9e632fe7cb2d954991107da659662ee2b3a71964ef4
c0c3dafdb631b6055cb1e9cf25a807c3663a42c258d5ebeb1f8f38cc767a397a
d2dc4ac20e31d96a5a8ffe7eee874e184afa59a5e24a568bf26bacd8f8b8357d
e247d55141ed6ce14d123a92477bbcfce996f67e7dec9b57d3a607cb28b4cdbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc38486ae929ac77f93331fa8afcdb1c6c7b7af2b03da4ceaf4b7f9ab5f35eee