cfhjgbghf.brokerdefense.net
Open in
urlscan Pro
2a00:b6e0:1:200:198::1
Public Scan
URL:
https://cfhjgbghf.brokerdefense.net/tnrf/crm-login.php
Submission: On December 26 via api from US — Scanned from FR
Submission: On December 26 via api from US — Scanned from FR
Summary
This website contacted 3 IPs
in 3 countries
across 3 domains to perform 12 HTTP transactions.
The main IP is 2a00:b6e0:1:200:198::1, located in
France and
belongs to ALWAYSDATA, FR.
The main domain is cfhjgbghf.brokerdefense.net.
TLS certificate: Issued by R3 on October 21st 2023. Valid for: 3 months.
This is the only time cfhjgbghf.brokerdefense.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on October 21st 2023. Valid for: 3 months.
This is the only time cfhjgbghf.brokerdefense.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 8 | 2a00:b6e0:1:2... 2a00:b6e0:1:200:198::1 | 60362 (ALWAYSDATA) (ALWAYSDATA) | |
| 2 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 12 | 3 |
2
2a00:1450:4001:830::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| ssl.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
brokerdefense.net
cfhjgbghf.brokerdefense.net |
7 KB |
| 2 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 587 |
17 KB |
| 2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 735 |
137 KB |
| 12 | 3 |
| Domain | Requested by | |
|---|---|---|
| 8 | cfhjgbghf.brokerdefense.net |
cfhjgbghf.brokerdefense.net
|
| 2 | ssl.google-analytics.com |
cfhjgbghf.brokerdefense.net
|
| 2 | code.jquery.com |
cfhjgbghf.brokerdefense.net
|
| 12 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cfhjgbghf.brokerdefense.net R3 |
2023-10-21 - 2024-01-19 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cfhjgbghf.brokerdefense.net/tnrf/crm-login.php
Frame ID: 76785466F93C89C3A3FF78340D2F4A72
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
crm-login.php
cfhjgbghf.brokerdefense.net/tnrf/ |
3 KB 979 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_reset.css
cfhjgbghf.brokerdefense.net/styles/ |
1 KB 668 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-generator.php
cfhjgbghf.brokerdefense.net/services/ |
3 KB 786 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-generator.php
cfhjgbghf.brokerdefense.net/services/ |
3 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-generator.php
cfhjgbghf.brokerdefense.net/services/ |
476 B 260 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-generator.php
cfhjgbghf.brokerdefense.net/services/ |
1 KB 418 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.10.3/ |
426 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-all-form.js
cfhjgbghf.brokerdefense.net/scripts/js/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-front-calls.js
cfhjgbghf.brokerdefense.net/scripts/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1664352451&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~){kind=link}
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1664352451&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~){kind=link}
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery string| closeLink string| missingFields string| incorrectFormat string| mailFormatError string| intFormatError string| numFormatError string| floatFormatError string| dateFormatError object| _gaq object| _gat object| gaGlobal6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| cfhjgbghf.brokerdefense.net/ | Name: PHPSESSID Value: e1243bb03abe2bb7f24d9bdfd5ac42de |
|
| .cfhjgbghf.brokerdefense.net/ | Name: __utma Value: 69522754.1697273185.1703602541.1703602541.1703602541.1 |
|
| .cfhjgbghf.brokerdefense.net/ | Name: __utmc Value: 69522754 |
|
| .cfhjgbghf.brokerdefense.net/ | Name: __utmz Value: 69522754.1703602541.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .cfhjgbghf.brokerdefense.net/ | Name: __utmt Value: 1 |
|
| .cfhjgbghf.brokerdefense.net/ | Name: __utmb Value: 69522754.1.10.1703602541 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cfhjgbghf.brokerdefense.net
code.jquery.com
ssl.google-analytics.com
2a00:1450:4001:830::2008
2a00:b6e0:1:200:198::1
2a04:4e42:200::649
062b7403d09b1df6649918c4c0cdc8d5830bd2454ef42e014edbb2f952f7aae6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b566c96c68cf4dcb0f105ff9db5352419946c325073120214f9c17cd0b6b6ea
1f4e8f37cb9f1e9c28d1354f0c7ae48bbb615077ec9bba836cc8ef08ef8df609
33ce5c0490e5c7d1d19c23a5760d5ea3274e1fc34dfb1e5a8ad90dd85bb42bb1
424b1984ba60d3787acc3a536b1a4bb54eed8ec60a474d02a9f1387ced2c3d24
449fc0a2005a5a739ec6b66ddb459c73df04f201b9388abb34d3c4cbae5773f9
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fcef481246cb94ab39254396c4852c0c8ddda296808ad2078db104ace35c597
aacf2508f200f74425f3377e13314f3f20e87fd54fd2aa009597a6eb90241c95
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c