urlscan.io logo urlscan.io
SecurityTrails logo

secure.brform.com Open in urlscan Pro
136.0.8.251  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.brform.com/?zFS=MeU
Effective URL: https://secure.brform.com/?zFS=MeU
Submission: On March 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 136.0.8.251, located in New York, United States and belongs to EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY. The main domain is secure.brform.com.
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.
This is the only time secure.brform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 136.0.8.251 149440 (EVOXTENTE...)
4 2
Apex Domain
Subdomains		 Transfer
5 brform.com
secure.brform.com
c2a30b5b-48f50be5.brform.com
218 KB
4 1
Domain Requested by
4 secure.brform.com 2 redirects c2a30b5b-48f50be5.brform.com
1 c2a30b5b-48f50be5.brform.com secure.brform.com
4 2

This site contains no links.

Subject Issuer Validity Valid
brform.com
R3		 2024-03-04 -
2024-06-02		 3 months crt.sh

This page contains 1 frames:

Frame: https://secure.brform.com/?zFS=MeU&sso_reload=true
Frame ID: AAB6AE2384E650F0F8619D92081AC239
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://secure.brform.com/?zFS=MeU HTTP 307
    https://secure.brform.com/?zFS=MeU Page URL
  2. https://secure.brform.com/?zFS=MeU HTTP 302
    https://secure.brform.com/?zFS=MeU Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

218 kB
Transfer

652 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.brform.com/?zFS=MeU HTTP 307
    https://secure.brform.com/?zFS=MeU Page URL
  2. https://secure.brform.com/?zFS=MeU HTTP 302
    https://secure.brform.com/?zFS=MeU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secure.brform.com/?zFS=MeU HTTP 307
  • https://secure.brform.com/?zFS=MeU

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure.brform.com/
Redirect Chain
  • http://secure.brform.com/?zFS=MeU
  • https://secure.brform.com/?zFS=MeU
279 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.brform.com/?zFS=MeU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.8.251 New York, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx /
Resource Hash
1afd4d5c32817304c028ef891cfc638b2845473b4dccd06b5fb1ac3b10f761ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Mar 2024 12:49:58 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Mon, 04 Mar 2024 12:49:56 GMT
Location
https://secure.brform.com/?zFS=MeU
Server
nginx
Primary Request /
secure.brform.com/
Redirect Chain
  • https://secure.brform.com/?zFS=MeU
  • https://secure.brform.com/?zFS=MeU
235 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.brform.com/?zFS=MeU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.8.251 New York, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx /
Resource Hash
45075403add27e5ad9b915d5283e2d5b0cec1aee66645b27c554bbb1a94316a7

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.brform.com
Referer
https://secure.brform.com/?zFS=MeU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-length
78481
content-type
text/html; charset=utf-8
date
Mon, 04 Mar 2024 12:50:01 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://adec0b4d-48f50be5.brform.com/api/report?catId=GW+estsfd+dub2"}]}
server
nginx
vary
Accept-Encoding
x-ms-ests-server
2.1.17445.4 - SEC ProdSlices
x-ms-request-id
596fa115-bc87-4205-ad80-dc29d3f37300

Redirect headers

content-type
text/html; charset=utf-8
date
Mon, 04 Mar 2024 12:49:59 GMT
location
https://secure.brform.com/?zFS=MeU
server
nginx
BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
c2a30b5b-48f50be5.brform.com/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2a30b5b-48f50be5.brform.com/shared/1.0/content/js/BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
Requested by
Host: secure.brform.com
URL: https://secure.brform.com/?zFS=MeU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.8.251 New York, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx /
Resource Hash
c149d54ec96c6e94b4a132c39c9a9ede19e2ea232f764af80a24d8532f5a8b9f

Request headers

Referer
https://secure.brform.com/
Origin
https://secure.brform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 12:50:03 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
49556
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 18:12:56 GMT
server
nginx
etag
0x8DC299ABDD3C103
x-azure-ref
20240304T125003Z-42tq26gz117wf7paecr659grd0000000024000000000afxn
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0a461b4d-601e-0018-33ef-6c0dad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
secure.brform.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.brform.com
URL
https://secure.brform.com/?zFS=MeU&sso_reload=true

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

1 Cookies

Domain/Path Name / Value
.brform.com/ Name: Kehtbx
Value: "NDhmNTBiZTUtN2Q1YS00Y2E5LWFiZjAtMzcyMjUwNjhhMTQ0OjM0ZTMxMmUyLWJmMGItNDlmOC1iNWVlLTQ3YjBiZGUyNzNkZA=="

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c2a30b5b-48f50be5.brform.com
secure.brform.com
secure.brform.com
136.0.8.251
1afd4d5c32817304c028ef891cfc638b2845473b4dccd06b5fb1ac3b10f761ae
45075403add27e5ad9b915d5283e2d5b0cec1aee66645b27c554bbb1a94316a7
c149d54ec96c6e94b4a132c39c9a9ede19e2ea232f764af80a24d8532f5a8b9f