urlscan.io logo urlscan.io
SecurityTrails logo

bro4.biz Open in urlscan Pro
104.248.199.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Effective URL: https://bro4.biz/go/mzstkzlbgu5dgmbygq?sub1=split2606
Submission: On June 28 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 104.248.199.158, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is bro4.biz.
TLS certificate: Issued by R3 on June 27th 2021. Valid for: 3 months.
This is the only time bro4.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.248.199.158 14061 (DIGITALOC...)
11 4
Apex Domain
Subdomains		 Transfer
5 bjuveve.pw
off.bjuveve.pw
bjuveve.pw
28 KB
1 bro4.biz
bro4.biz
53 KB
11 2
Domain Requested by
4 bjuveve.pw off.bjuveve.pw
1 bro4.biz off.bjuveve.pw
1 off.bjuveve.pw off.bjuveve.pw
11 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-01 -
2021-09-01		 a year crt.sh
bro4.biz
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bro4.biz/go/mzstkzlbgu5dgmbygq?sub1=split2606
Frame ID: B4E66045E5F4CF822FBE5A34CEAC692C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://off.bjuveve.pw/qradar-aql-query-examples.html Page URL
  2. https://bro4.biz/go/mzstkzlbgu5dgmbygq?sub1=split2606 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

11
Requests

55 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

81 kB
Transfer

186 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://off.bjuveve.pw/qradar-aql-query-examples.html Page URL
  2. https://bro4.biz/go/mzstkzlbgu5dgmbygq?sub1=split2606 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
qradar-aql-query-examples.html
off.bjuveve.pw/ 		29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
e7b1412f32c5b708f905f6e2449a21fc2d0b2552fc74622c96c429651f4ed42a

Request headers

:method
GET
:authority
off.bjuveve.pw
:scheme
https
:path
/qradar-aql-query-examples.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 05:21:45 GMT
content-type
text/html
x-powered-by
PHP/5.4.16
set-cookie
qwerty=0; expires=Mon, 28-Jun-2021 06:21:45 GMT; path=/
cf-cache-status
DYNAMIC
cf-request-id
0af2aa14c800004e7993827000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qpq3JiPQ%2B9OMBTDRcgaVfA0zycqnbbpqMooBzMoyxZWUbaDWv3GToH3jmF59MUEJWokgoiL%2BB5L902yB6AR0vgqSI78%2FiL9BHOnp3je9iS5d0%2FUP7EVKE81rx28yiX9OVl0wu995CoA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
666479347ba04e79-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.css
bjuveve.pw/wp-content/themes/twentyeleven/ 		55 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bjuveve.pw/wp-content/themes/twentyeleven/style.css
Requested by
Host: off.bjuveve.pw
URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f002f47a3b68e68b91181aa1ad7b1b1c58efb967ef7912fdc8443c1a9bcbd59f

Request headers

Referer
https://off.bjuveve.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 05:21:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5608677
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2aa155100004e79cc1f2000000001
last-modified
Wed, 02 Sep 2020 00:00:18 GMT
server
cloudflare
etag
W/"5f4ee092-dd04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ECCduBYzPbiffBKnxrOqFMZzf84mDNZX3hyPwc849waRdni9JOJRE5dGK1fzmRdSxm5fVv6eChPFuMUeb537ONy3MnfsGv4TquHF2bbZpDU0VQ8dcRm76%2BXrho2ZfIUccD8Wwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
666479354d7c4e79-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
bjuveve.pw/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bjuveve.pw/wp-includes/css/dist/block-library/style.min.css?ver=5.3
Requested by
Host: off.bjuveve.pw
URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://off.bjuveve.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 05:21:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5608676
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2aa155100004e795b89a000000001
last-modified
Wed, 02 Sep 2020 00:00:20 GMT
server
cloudflare
etag
W/"5f4ee094-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KE5hi4D3EftXVKgcMyCG5G79%2FLpg7P%2FEvU4qD9GXASH80bSgCMh8sJQE5hjyZH1TlPcsTcIHYdy8Iz%2BQT9j7x20OmA0uQP0OptW0SKMJPVLZeUUtE4NoRuc0BPnCsqCXyTW4ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
666479354d7a4e79-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lanterns.jpg
bjuveve.pw/wp-content/themes/twentyeleven/images/headers/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjuveve.pw/wp-content/themes/twentyeleven/images/headers/lanterns.jpg
Requested by
Host: off.bjuveve.pw
URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://off.bjuveve.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d900c1b5580b650af5aa6f60fce2d4f0.png
off.bjuveve.pw/img/ 		0
0
865128.jpg
off.bjuveve.pw/img/ 		0
0
dcfd69ac78265f74fd989437b9f40fd5.jpg
off.bjuveve.pw/img/ 		0
0
116885.png
off.bjuveve.pw/img/ 		0
0
wp-embed.min.js
bjuveve.pw/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjuveve.pw/wp-includes/js/wp-embed.min.js?ver=5.3
Requested by
Host: off.bjuveve.pw
URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://off.bjuveve.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 05:21:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Sep 2020 00:00:20 GMT
server
cloudflare
etag
W/"5f4ee094-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V%2FJOy0RrP1X04%2FCtQWK9CyVHxCiiwtm%2FTqZ%2FTjUzrqgBspXWjaHHZsp7o5b17ev3YBmtayFtTxRbnjve8%2FEys9U0tEHc1vAgsLnc5rqOYkw20pKYOiC2f4y2zkvnPPQKFoQVfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
666479357f4e2b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2aa156e00002b71f81cd000000001
wp-emoji-release.min.js
bjuveve.pw/wp-includes/js/ 		0
0
Primary Request mzstkzlbgu5dgmbygq
bro4.biz/go/ 		52 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bro4.biz/go/mzstkzlbgu5dgmbygq?sub1=split2606
Requested by
Host: off.bjuveve.pw
URL: https://off.bjuveve.pw/qradar-aql-query-examples.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.199.158 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bf6d65c44ef78fd51d07b0eb630abcb3c06dd17349dbc8cefdc48a53c9ccdd3d
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
bro4.biz
:scheme
https
:path
/go/mzstkzlbgu5dgmbygq?sub1=split2606
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://off.bjuveve.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://off.bjuveve.pw/

Response headers

server
nginx
date
Mon, 28 Jun 2021 05:21:45 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=2f9a6b9c-8d74-4cb5-8992-dde53bc132db; expires=Wed, 28-Jul-2021 05:21:45 GMT; Max-Age=2592000; path=/; domain=bro4.biz
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
off.bjuveve.pw
URL
https://off.bjuveve.pw/img/d900c1b5580b650af5aa6f60fce2d4f0.png
Domain
off.bjuveve.pw
URL
https://off.bjuveve.pw/img/865128.jpg
Domain
off.bjuveve.pw
URL
https://off.bjuveve.pw/img/dcfd69ac78265f74fd989437b9f40fd5.jpg
Domain
off.bjuveve.pw
URL
https://off.bjuveve.pw/img/116885.png
Domain
bjuveve.pw
URL
http://bjuveve.pw/wp-includes/js/wp-emoji-release.min.js?ver=5.3

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| languages function| text string| relevanteLang string| lang boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block

1 Cookies

Domain/Path Name / Value
.bro4.biz/ Name: uuid
Value: 2f9a6b9c-8d74-4cb5-8992-dde53bc132db