crm.vexusgroup.net Open in urlscan Pro
172.67.129.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://crm.vexusgroup.net/
Effective URL:
https://crm.vexusgroup.net/en/country-block
Submission: On April 03 via api (April 3rd 2024, 10:54:44 am UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 172.67.129.244, located in United States and belongs to CLOUDFLARENET, US. The main domain is crm.vexusgroup.net.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.

This is the only time crm.vexusgroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	172.67.129.244 172.67.129.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:35a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	5.61.61.16 5.61.61.16	9009 (M247) (M247)
17	6

11 172.67.129.244 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crm.vexusgroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trade.vexusgroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:35a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn57.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.61.61.16 (Manchester, United Kingdom)

ASN9009 (M247, RO)
PTR: anodes-fresh.powcall.com

api.alfatrading.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	vexusgroup.net 1 redirects crm.vexusgroup.net trade.vexusgroup.net	888 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	4 KB
1	alfatrading.io api.alfatrading.io	138 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	cdn57.com cdn57.com Failed	1 MB
17	5

	Domain	Requested by
9	crm.vexusgroup.net	1 redirects crm.vexusgroup.net
3	fonts.googleapis.com	client
2	trade.vexusgroup.net	cdn57.com
1	api.alfatrading.io
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn57.com	crm.vexusgroup.net
17	6

This site contains no links.

Subject Issuer	Validity	Valid
vexusgroup.net GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
cdn57.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
api.alfatrading.io R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crm.vexusgroup.net/en/country-block
Frame ID: 43EB07A4BB535871FFC935F1D3ECDC0A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

trade.vexusgroup.net

Page URL History Show full URLs

https://crm.vexusgroup.net/ HTTP 302
https://crm.vexusgroup.net/en/country-block Page URL

Page Statistics

17
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2282 kB
Transfer

7183 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://crm.vexusgroup.net/ HTTP 302
https://crm.vexusgroup.net/en/country-block Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request country-block Show response
crm.vexusgroup.net/en/
Redirect Chain

https://crm.vexusgroup.net/
https://crm.vexusgroup.net/en/country-block

8 KB
3 KB

157ms
156ms

Document
text/html

172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 13fb6f5ccec8908e35e08eaea42aab927a91328cbc015a35a1f4649341f589db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-max-age: 3600000
access-controll-allow-origin: * *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e885826d5536b2-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 03 Apr 2024 10:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIKDk2VyGtF3a0mz9bAnXdWPR6wTa%2F3eWJQDcLSApudHfo2PcLkc%2BSiwOtIHXL%2BzfOWk95XDjRFYHcSEF9cP8DPYk%2Be429B2CHEiFEooHD1GOXlEI9jK3NxZZpoFyxsiFlF8P1c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-max-age: 3600000
access-controll-allow-origin: * *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e88580dc5936b2-YYZ
content-type: text/html; charset=utf-8
date: Wed, 03 Apr 2024 10:54:35 GMT
location: /en/country-block
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMTE2meI%2F4MZzpwTlmGJRO2%2BPXscgceXnuiQryMroyFPSoN9wjWjueIo%2BNm%2FD2S740k2NC4AxWoBkaodcdJ3qvH%2F19%2BP9MjBw3Fiurt%2B7a3F2B3ncg2iJnVE6PM5dsi0FZNRmko%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept, Accept-Encoding
x-powered-by: Express

GET bundle.css
cdn57.com/crm-assets/ 0
0

GET
H2 200 bundle.js Show response
cdn57.com/crm-assets/ 6 MB
1 MB 1192ms
971ms Script
application/javascript 2606:4700:20::681a:35a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn57.com/crm-assets/bundle.js?platform=desktop&v=5.1.120
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:35a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a784f47f9ef44c721ffe91d3790984c0bd9d47e21a03639b05cd5c69fcc7702

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d749ee-5e6dfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwZ1yrwlls8pxrGd8QGp%2ByJLqiwGNffmtwiBaGR49BzHiHXuPCKcROrdeJ%2Bfl1XoebfnTenskvCwylJYggpjLoQOhQFK1k12hCNLVsHoS74MkMHPP8BYNvsUi1Suh%2BnmrAfVMDgYYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 86e88584ce124bd8-BUF
access-controll-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 4 KB
752 B 132ms
68ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 10:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 10:33:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 10:54:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 38 KB
2 KB 110ms
47ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,500,600,700,800&subset=cyrillic

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0cc53f028e339aee4c545abe6465c95363baa799d669486b28726d90c91db00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 10:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 10:54:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 10:54:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 109ms
46ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c52d49c035a989f4de1ee855def8cf4b8c29408f6548c62d8843994da5cd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 10:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 10:44:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 10:54:37 GMT

GET
H3 206 sound-click.ogg
crm.vexusgroup.net/crm-assets/ 7 KB
7 KB 229ms
224ms Media
audio/ogg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/sound-click.ogg
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2cdd58787b50a29df84dab61352960a73b036a7b5c6a35db863ab7895936ec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-1ad2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I78Rb%2BfqryFNVm%2F3WvoQqcI5MME87sTPiYv%2BHevIWh2GnKj%2BsrcqtI4PLe%2FRHC21Ez9cqq9XeJ%2FK8ng5dw3Yq9QFLuQBI%2F%2FaiMFIxmW8YCWYgzXlsNy5CmI1sF66hrBKcVBZXc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 0-6865/6866
cache-control: max-age=14400
cf-ray: 86e88590286636b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 6866
access-controll-allow-origin: *, *

GET
H3 206 sound-notification.ogg
crm.vexusgroup.net/crm-assets/ 12 KB
13 KB 243ms
238ms Media
audio/ogg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/sound-notification.ogg
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8cf8b2bba827398c3321546f6311db96cab0c17915585baca1c08ab0c2758f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-3117"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS5kzNxOTDsa9mQ4tZWPbKmyjQkV64L6TMja%2FM4Kqvyj%2FhRBNrj5knAdVTi5PzBaSOk2ChQVoggSzgiSZb%2Brh1GpmydEB%2Fu%2Brpd%2FthqhuslLgHzSdmtfDlAt8BqK4o44IKiLA3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 0-12566/12567
cache-control: max-age=14400
cf-ray: 86e88590286736b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 12567
access-controll-allow-origin: *, *

GET
H3 206 sound-tab-switch.ogg
crm.vexusgroup.net/crm-assets/ 8 KB
9 KB 144ms
139ms Media
audio/ogg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/sound-tab-switch.ogg
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819e9b498bf0751d4ca7d48cfa5c05027b6be0fc1cfd61abb2044cc21c004c32

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-2159"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjZoNNZ%2BFJTP4pOXBQ5d%2FJIWRBm2OHkdzMGrQaOWf6fI337xSB0zBKKVRJP3vrjDIR6qrNjiaXQfqNH0wO3jSZDhBq1AdkAu9FhkyQ0rmeqP3lUt0zK6VXlOPEqtw02jihyY7Rk%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 0-8536/8537
cache-control: max-age=14400
cf-ray: 86e88590286836b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 8537
access-controll-allow-origin: *, *

GET
H3 206 hover.mp3
crm.vexusgroup.net/crm-assets/ 6 KB
6 KB 236ms
231ms Media
audio/mpeg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/hover.mp3
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f634815dd027c504f38974a2a23159449eba102752d7718ac9c254205d771c52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-16db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4WP9YCAsL1gwpBAkCO0riLdCLqt7A6KjFZ1eUTTXe6uKnD0CH4%2BOJiLOj81Ciy%2B%2Bth5z6gPbAlIOrBZ8veyvs8PDHkhke%2B43uuGKGfEgg1d%2B7zJazvXQ9Rdv0XllHOZaxDv7oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-5850/5851
cache-control: max-age=14400
cf-ray: 86e88590286936b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 5851
access-controll-allow-origin: *, *

GET
H3 206 sound-error.ogg
crm.vexusgroup.net/crm-assets/ 6 KB
7 KB 250ms
246ms Media
audio/ogg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/sound-error.ogg
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9faf8dbe2d45606437efab084345abc5ff29347f8fc8ac61db5a6bc769bd3629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-199b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcGi5rf%2F3ru%2Fbmlb%2F2zcMX4JchcMG0a7A8i27NWwVflA4vVXfQrvd8jxLUp%2BZwBKKM2vPY%2B5DtCkMTJ8E56oqMu5r%2FqVHTqPpErTODQjkX5A2SFbIr%2F5d%2B%2BVdKoZgu8uHcbpgNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 0-6554/6555
cache-control: max-age=14400
cf-ray: 86e88590286a36b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 6555
access-controll-allow-origin: *, *

GET
H3 206 incoming-call-ringtone.mp3
crm.vexusgroup.net/crm-assets/ 366 KB
366 KB 446ms
442ms Media
audio/mpeg 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vexusgroup.net/crm-assets/incoming-call-ringtone.mp3
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/country-block
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd9e187a3823c7cc9952d6922fc7619055a77cf48d7487a3e2e275a0e83f2a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://crm.vexusgroup.net/en/country-block
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-5b69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iaq45pe%2FkQhLUrBq%2FuAYQkHyKI8We%2BW0Eb1TOwk%2FGuAy3joYiKUIoUqM%2B%2FzUlqg%2Farqv2q7CGobglBfau9kuV8DiSSm81PjmtQX1%2FwvN2ObHG6KhVlA%2FUC0zirNcsL9zfCuTh54%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-374425/374426
cache-control: max-age=14400
cf-ray: 86e88590286c36b2-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 374426
access-controll-allow-origin: *, *

OPTIONS
H3 200 en
trade.vexusgroup.net/api/tokens/2/ 0
0 277ms
218ms Preflight 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trade.vexusgroup.net/api/tokens/2/en?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://crm.vexusgroup.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-max-age: 3600000
access-controll-allow-origin: * *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e885908a954bc6-BUF
date: Wed, 03 Apr 2024 10:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBIdhk0v3BQzOOneXe6Oriy8NhHfPzSAo7Ex%2FuW83NUT%2Bxhzo5LfjkxWLgQLRdjWFGXxA%2FF2Zo6snOPrmrw7mupvn0F80iiK27OKSZeuV%2BgxppJu5XuFeIkO99hDxxAyrXPGhJ5SpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H3 200 en Show response
trade.vexusgroup.net/api/tokens/2/ 10 KB
5 KB 218ms
218ms XHR
application/json 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trade.vexusgroup.net/api/tokens/2/en?
Requested by: Host: cdn57.com
URL: https://cdn57.com/crm-assets/bundle.js?platform=desktop&v=5.1.120
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5efc0431d6bf757a4d2dfcd621f1b05f37cc54108ba3284e0b4b146fb53df5c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://crm.vexusgroup.net/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
access-controll-allow-origin: *, *
server: cloudflare
etag: W/"29c7-xfA0xfOPRN+gNRZKtIiHaH0Wavk"
access-control-max-age: 3600000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijvHQO4OimXFSFFJ%2B51mxkurI1fzfgP55%2FH4qJrj9t5zM2rIzyOgHeQ8ujVBucHwU%2FHx6vm1Iju60RJ%2BDnAiviIhiBlbzrA5L5h3rQ6fDT2yPvAnErd%2FmwFd6SLJSdsfNhTNrTYyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization
vary: Accept-Encoding
cf-ray: 86e88591eb5a4bc6-BUF
access-control-allow-headers: Content-Type, Authorization

GET
H3 200 bg.png
crm.vexusgroup.net/crm-assets/ 471 KB
472 KB 420ms
419ms Image
image/png 172.67.129.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crm.vexusgroup.net/crm-assets/bg.png
Requested by: Host: crm.vexusgroup.net
URL: https://crm.vexusgroup.net/en/crm/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211c88366ce6e85f71154e13f3a886e99b5997631f6e47b3c2ff6ffef878fd9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/en/crm/login
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:54:38 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 13:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d749ee-75c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkb6D5RRate0U8Za%2B3tqS7Bo0gcDsBRYpWup1VyHqTot45qd9zL8vzLVtkH6C8x%2Ft2qa7z9Rve7uQCba9ZfViqwh%2FytD5lPVnKzq8tWitxOdIA87Qv3BZDotw7FjR3bGvkPwpwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e88590386e36b2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 482367
access-controll-allow-origin: *, *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 98ms
26ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://crm.vexusgroup.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 07:56:34 GMT
x-content-type-options: nosniff
age: 10684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 07:56:34 GMT

GET
H/1.1 200
OK 87a8ff98-265e-43f4-a147-5f79bf7efce1
api.alfatrading.io/v1/storage/ 137 KB
138 KB 805ms
571ms Other
image/jpeg 5.61.61.16
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alfatrading.io:8080/v1/storage/87a8ff98-265e-43f4-a147-5f79bf7efce1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.61.61.16 Manchester, United Kingdom, ASN9009 (M247, RO),
Reverse DNS: anodes-fresh.powcall.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 19904b3372798fd4b746c30071fc2572c16ec8200249e304fb361f35a40818c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://crm.vexusgroup.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 10:54:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 360000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, HEAD, PATCH
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization, authorization, Sid
Vary: Accept-Encoding
Content-Disposition: attachment;filename=2024-04-01%2012.37.05.jpg
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin, Content-Type, Authorization, authorization, Sid, X-XSS-Protection
Content-Length: 140209
Access-Controll-Allow-Origin: *, *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn57.com
URL: https://cdn57.com/crm-assets/bundle.css?platform=desktop&v=5.1.120

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://crm.vexusgroup.net/en/crm/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.alfatrading.io
cdn57.com
crm.vexusgroup.net
fonts.googleapis.com
fonts.gstatic.com
trade.vexusgroup.net
cdn57.com
172.67.129.244
2606:4700:20::681a:35a
2607:f8b0:4006:820::200a
2607:f8b0:4006:822::2003
5.61.61.16
13fb6f5ccec8908e35e08eaea42aab927a91328cbc015a35a1f4649341f589db
19904b3372798fd4b746c30071fc2572c16ec8200249e304fb361f35a40818c3
211c88366ce6e85f71154e13f3a886e99b5997631f6e47b3c2ff6ffef878fd9f
2b8cf8b2bba827398c3321546f6311db96cab0c17915585baca1c08ab0c2758f
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3bd9e187a3823c7cc9952d6922fc7619055a77cf48d7487a3e2e275a0e83f2a6
54c52d49c035a989f4de1ee855def8cf4b8c29408f6548c62d8843994da5cd8b
5efc0431d6bf757a4d2dfcd621f1b05f37cc54108ba3284e0b4b146fb53df5c4
819e9b498bf0751d4ca7d48cfa5c05027b6be0fc1cfd61abb2044cc21c004c32
8a784f47f9ef44c721ffe91d3790984c0bd9d47e21a03639b05cd5c69fcc7702
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9faf8dbe2d45606437efab084345abc5ff29347f8fc8ac61db5a6bc769bd3629
a0cc53f028e339aee4c545abe6465c95363baa799d669486b28726d90c91db00
cf2cdd58787b50a29df84dab61352960a73b036a7b5c6a35db863ab7895936ec
f634815dd027c504f38974a2a23159449eba102752d7718ac9c254205d771c52

crm.vexusgroup.net Open in urlscan Pro 172.67.129.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

94 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

2282 kBTransfer

7183 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

crm.vexusgroup.net Open in urlscan Pro
172.67.129.244 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2282 kB
Transfer

7183 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions