beruza.xyz Open in urlscan Pro
2606:4700:3035::6815:2e65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beruza.xyz/
Submission: On October 02 via api (October 2nd 2024, 12:16:39 am UTC) from BE — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::6815:2e65, located in United States and belongs to CLOUDFLARENET, US. The main domain is beruza.xyz.
TLS certificate: Issued by WE1 on September 25th 2024. Valid for: 3 months.

This is the only time beruza.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3035::6815:2e65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.95.179.58 52.95.179.58	16509 (AMAZON-02) (AMAZON-02)
2	240e:97c:38:5... 240e:97c:38:500:3::3d8	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
1	2409:8c20:5c6... 2409:8c20:5c64:2000::6	56046 (CMNET-JIA...) (CMNET-JIANGSU-AP China Mobile communications corporation)
17	5

2 2606:4700:3035::6815:2e65 (United States)

ASN13335 (CLOUDFLARENET, US)

beruza.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.179.58 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

appdv76.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:97c:38:500:3::3d8 (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

s4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2409:8c20:5c64:2000::6 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)

z3.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cnzz.com s4.cnzz.com — Cisco Umbrella Rank: 105541 z3.cnzz.com — Cisco Umbrella Rank: 184964 c.cnzz.com — Cisco Umbrella Rank: 59215	12 KB
2	amazonaws.com appdv76.s3.ap-southeast-3.amazonaws.com — Cisco Umbrella Rank: 615257	10 KB
2	beruza.xyz beruza.xyz	4 KB
0	vofzhq.com Failed www.vofzhq.com Failed
17	4

	Domain	Requested by
2	appdv76.s3.ap-southeast-3.amazonaws.com	beruza.xyz
2	beruza.xyz
1	c.cnzz.com	s4.cnzz.com
1	z3.cnzz.com	s4.cnzz.com
1	s4.cnzz.com	beruza.xyz
0	www.vofzhq.com Failed	beruza.xyz
17	6

This site contains links to these domains. Also see Links.

Domain
juhbjt.ocbnyutpfwjs.in

Subject Issuer	Validity	Valid
beruza.xyz WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2024-08-20` - `2025-07-22`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://beruza.xyz/
Frame ID: BEA8E95C27404B2352B9BD06D3A8B3C2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

7276 Slots

Page Statistics

17
Requests

41 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

26 kB
Transfer

27 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://juhbjt.ocbnyutpfwjs.in/index?key=51368bf79888ce797f2c9f95214cafd3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response beruza.xyz/	7 KB 4 KB	581ms 523ms	Document text/html	2606:4700:3035::6815:2e65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beruza.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2e65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9cee2ab7040273dc57cbbe387a5af70cd8455c6dd3e7d6b4637516ee75ab1d66` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8cc08120feab1db0-FRA content-encoding br content-type text/html date Wed, 02 Oct 2024 00:16:33 GMT last-modified Wed, 25 Sep 2024 11:08:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ktv5PqW%2FTzMcbOLF6djGI3Ox0ttW68k%2B7mtY6GdVy4Mw4x7UWjh8j2qgBWcrIhP%2B24a5tCHJQ3mpIoTPh0nBAje6o%2BvwKA9z%2FvmdCuiw1mLTnobeprmpSElZt1sP7WL4dW%2F0OiOk%2Bj0U"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding
GET H3	200	speculation beruza.xyz/cdn-cgi/	128 B 586 B	181ms 181ms	Other application/speculationrules+json	2606:4700:3035::6815:2e65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beruza.xyz/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:2e65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://beruza.xyz Referer https://beruza.xyz/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlYUYx0MSljiZ4ZCMYy0qO1gN3%2Bnbnadc5upOlKB%2FuEmhGvor%2F%2F7rZfHug1bN15Pugc782wgTTRTJgFpod4%2FXP28X%2BFLks%2B5ExPT92%2B7J%2BFoA099NXF09SxncBQ%2FFXLmsgbbrbrBJZzh"}],"group":"cf-nel","max_age":604800} cf-ray 8cc08124be78ce7a-SIN access-control-allow-origin https://beruza.xyz content-length 128 date Wed, 02 Oct 2024 00:16:34 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET		index.css www.vofzhq.com/resource/save3/assets/css/	0 0

GET		clipboard.min.js www.vofzhq.com/resource/save3/assets/js/	0 0

GET		jquery-2.2.4.min.js www.vofzhq.com/resource/save3/assets/js/	0 0

GET		rem.js www.vofzhq.com/resource/save3/assets/js/	0 0

GET		qrcode.min.js www.vofzhq.com/resource/save3/assets/js/	0 0

GET H/1.1	200 OK	import-scripts.js Show response appdv76.s3.ap-southeast-3.amazonaws.com/adjust/	9 KB 9 KB	840ms 285ms	Script application/javascript	52.95.179.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js Requested by Host: beruza.xyz URL: https://beruza.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-southeast-3.amazonaws.com Software AmazonS3 / Resource Hash `4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://beruza.xyz/ Response headers x-amz-id-2 GYlca6e2SvStki4v3Ytk6Pr51efASrwHe4snUXN3LJqLCd8mbDCqD6Uwrv2qZqVxvdVDGfoyZwM= ETag "0a718bb010a4bc901c45eba9dad3b0a2" x-amz-request-id DTR4KBQ5MJZHFQQ9 Accept-Ranges bytes Content-Length 8988 Date Wed, 02 Oct 2024 00:16:35 GMT Last-Modified Sun, 07 Jul 2024 03:32:15 GMT Content-Type application/javascript; charset=utf-8 Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	7276.js Show response appdv76.s3.ap-southeast-3.amazonaws.com/download-app/	175 B 582 B	822ms 284ms	Script application/javascript	52.95.179.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js Requested by Host: beruza.xyz URL: https://beruza.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-southeast-3.amazonaws.com Software AmazonS3 / Resource Hash `ab3b8757ff3607c3857cb8011db28a85f71850cef1a6526b2d469eecc0145a5b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://beruza.xyz/ Response headers x-amz-id-2 dxUIUu1vrhUJiuqyYthowMDje7bxILiJs4/EOjdYIaR9X1+BmYsec6ZG3Eb9ynmMfJub4tOZYIk= ETag "cb8dd5640f77e0ddab7168d4f599fa77" x-amz-request-id DTR44BNZ3S39W3ZQ Accept-Ranges bytes Content-Length 175 Date Wed, 02 Oct 2024 00:16:35 GMT Last-Modified Tue, 01 Oct 2024 10:18:43 GMT Content-Type application/javascript Server AmazonS3 x-amz-server-side-encryption AES256
GET		9906label-adjust-android-ios.js www.vofzhq.com//resource/save9/assets/js/	0 0

GET		body.gif www.vofzhq.com/resource/save3/assets/img/	0 0

GET		footer.gif www.vofzhq.com/resource/save3/assets/img/	0 0

GET		kf.png www.vofzhq.com/resource/save3/assets/img/	0 0

GET H2	200	z.js Show response s4.cnzz.com/	10 KB 10 KB	730ms 242ms	Script application/javascript	240e:97c:38:500:3::3d8 CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL https://s4.cnzz.com/z.js?id=1281337420&async=1 Requested by Host: beruza.xyz URL: https://beruza.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:97c:38:500:3::3d8 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software Tengine / Resource Hash `ddead68641b4994eb750365cd1012393abc56596cc37235063351b78d17e6061` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://beruza.xyz/ Response headers cache-control public, max-age=300 x-swift-cachetime 187 timing-allow-origin * etag W/"15643987139407696374" age 113 via cache43.l2cn1802[0,0,304-0,H], cache26.l2cn1802[1,0], cache22.cn5512[16,16,200-0,H], cache17.cn5512[17,0] ali-swift-global-savetime 1727828082 x-swift-savetime Wed, 02 Oct 2024 00:16:35 GMT x-cache HIT TCP_REFRESH_HIT dirn:9:391493646 content-length 10194 date Wed, 02 Oct 2024 00:14:42 GMT content-type application/javascript eagleid 7d5e32a517278281956391348e server Tengine
POST H2	200	stat.htm z3.cnzz.com/	2 B 123 B	586ms 193ms	Ping text/html	2409:8c20:5c64:2000::6 CMNET-JIANGSU-AP ...
General Check archive.org Show headers Download Go to Full URL https://z3.cnzz.com/stat.htm?id=1281337420&r=&lg=de-de&ntime=none&cnzz_eid=316695339-1727828196-&showp=1600x1200&p=https%3A%2F%2Fberuza.xyz%2F&t=7276%20Slots&umuuid=1924a95f9f0581-003fbedc97cb47-1e462c6f-1d4c00-1924a95f9f1e47&h=1 Requested by Host: s4.cnzz.com URL: https://s4.cnzz.com/z.js?id=1281337420&async=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 2409:8c20:5c64:2000::6 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN), Reverse DNS Software Tengine / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://beruza.xyz/ Response headers content-encoding gzip date Wed, 02 Oct 2024 00:16:36 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server Tengine
GET H2	200	c.js Show response c.cnzz.com/	906 B 1 KB	222ms 222ms	Script application/javascript	240e:97c:38:500:3::3d8 CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/c.js?web_id=1281337420&t=z Requested by Host: s4.cnzz.com URL: https://s4.cnzz.com/z.js?id=1281337420&async=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:97c:38:500:3::3d8 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software Tengine / Resource Hash `4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://beruza.xyz/ Response headers cache-control public, max-age=321 x-swift-cachetime 162 timing-allow-origin * etag W/"17650835605665385536" age 159 via cache10.l2cn1802[0,0,304-0,H], cache50.l2cn1802[0,0], cache3.cn5512[17,17,200-0,H], cache17.cn5512[18,0] ali-swift-global-savetime 1727828036 x-swift-savetime Wed, 02 Oct 2024 00:16:35 GMT x-cache HIT TCP_REFRESH_HIT dirn:11:401801300 content-length 906 date Wed, 02 Oct 2024 00:13:55 GMT content-type application/javascript eagleid 7d5e32a517278281959261797e server Tengine
GET		favicon.ico www.vofzhq.com/resource/save3/assets/img/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/css/index.css

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/js/clipboard.min.js

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/js/jquery-2.2.4.min.js

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/js/rem.js

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/js/qrcode.min.js

Domain: www.vofzhq.com
URL: https://www.vofzhq.com//resource/save9/assets/js/9906label-adjust-android-ios.js

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/img/body.gif

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/img/footer.gif

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/img/kf.png

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save3/assets/img/favicon.ico

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beruza.xyz/	1970-01-21 04:19:12	Name: UM_distinctid Value: 1924a95f9f0581-003fbedc97cb47-1e462c6f-1d4c00-1924a95f9f1e47
			beruza.xyz/	1970-01-21 04:19:12	Name: CNZZDATA1281337420 Value: 316695339-1727828196-%7C1727828196

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appdv76.s3.ap-southeast-3.amazonaws.com
beruza.xyz
c.cnzz.com
s4.cnzz.com
www.vofzhq.com
z3.cnzz.com
www.vofzhq.com
2409:8c20:5c64:2000::6
240e:97c:38:500:3::3d8
2606:4700:3035::6815:2e65
52.95.179.58
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6
4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e
9cee2ab7040273dc57cbbe387a5af70cd8455c6dd3e7d6b4637516ee75ab1d66
ab3b8757ff3607c3857cb8011db28a85f71850cef1a6526b2d469eecc0145a5b
ddead68641b4994eb750365cd1012393abc56596cc37235063351b78d17e6061

beruza.xyz Open in urlscan Pro 2606:4700:3035::6815:2e65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

41 %HTTPS

75 %IPv6

4 Domains

6 Subdomains

5 IPs

3 Countries

26 kBTransfer

27 kBSize

2 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Indicators

beruza.xyz Open in urlscan Pro
2606:4700:3035::6815:2e65 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

41 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

26 kB
Transfer

27 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions