levelcrm.deus.team Open in urlscan Pro
185.154.193.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://levelcrm.deus.team/
Submission: On January 12 via api (January 12th 2024, 11:58:30 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 185.154.193.114, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is levelcrm.deus.team.
TLS certificate: Issued by R3 on January 10th 2024. Valid for: 3 months.

This is the only time levelcrm.deus.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	185.154.193.114 185.154.193.114		9123 (TIMEWEB-AS) (TIMEWEB-AS)
8	2

4 185.154.193.114 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

levelcrm.deus.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	deus.team levelcrm.deus.team	616 KB
0	web-hands.ru Failed crm.web-hands.ru Failed
0	choice-estate.ru Failed crm.choice-estate.ru Failed
8	3

	Domain	Requested by
4	levelcrm.deus.team	levelcrm.deus.team
0	crm.web-hands.ru Failed	levelcrm.deus.team
0	crm.choice-estate.ru Failed	levelcrm.deus.team
8	3

This site contains no links.

Subject Issuer	Validity	Valid
levelcrm.deus.team R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://levelcrm.deus.team/
Frame ID: 959C0C573CF2304107EE8E4E30B49735
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choice Estate CRM.

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

616 kB
Transfer

1757 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response levelcrm.deus.team/	1 KB 810 B	1847ms 165ms	Document text/html	185.154.193.114 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://levelcrm.deus.team/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.154.193.114 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `bb2da8935a5a5713665b4e107ffd4547efb5be386506230de28e18e74611730f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 500 Content-Type text/html; charset=UTF-8 Date Fri, 12 Jan 2024 23:58:23 GMT ETag "476-60eacb6a93a20-gzip" Last-Modified Thu, 11 Jan 2024 14:53:41 GMT Server nginx/1.24.0 Vary Accept-Encoding
GET H/1.1	200 OK	index-dc8ff5dc.js Show response levelcrm.deus.team/assets/	2 MB 570 KB	317ms 317ms	Script application/javascript	185.154.193.114 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://levelcrm.deus.team/assets/index-dc8ff5dc.js Requested by Host: levelcrm.deus.team URL: https://levelcrm.deus.team/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.154.193.114 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `a67052e1e1e9bd9056da5b22536d6c2670b0c69296aa85531d4386ed11ca022e` Request headers Referer https://levelcrm.deus.team/ Origin https://levelcrm.deus.team accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Fri, 12 Jan 2024 23:58:23 GMT Content-Encoding gzip Last-Modified Thu, 11 Jan 2024 14:53:41 GMT Server nginx/1.24.0 ETag W/"65a000f5-187831" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	index-6b46cb78.css levelcrm.deus.team/assets/	190 KB 45 KB	618ms 310ms	Stylesheet text/css	185.154.193.114 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://levelcrm.deus.team/assets/index-6b46cb78.css Requested by Host: levelcrm.deus.team URL: https://levelcrm.deus.team/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.154.193.114 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `6b46cb78f416a46ab9ffb8df9fe85b65bd48f2bbba5ff6189d535fb38e43626c` Request headers accept-language en-US,en;q=0.9 Referer https://levelcrm.deus.team/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Fri, 12 Jan 2024 23:58:23 GMT Content-Encoding gzip Last-Modified Thu, 11 Jan 2024 14:53:44 GMT Server nginx/1.24.0 ETag W/"65a000f8-2f81a" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET		template_styles.min.css crm.choice-estate.ru/local/templates/crm/	0 0

GET		jquery-3.2.1.min.js crm.web-hands.ru//local/templates/crm/vendor/	0 0

GET		sweetalert2.min.css crm.web-hands.ru//local/templates/crm/vendor/sweetalert/	0 0

GET		timepicker.css crm.web-hands.ru//local/templates/crm/vendor/	0 0

GET H/1.1	200 OK	Auth-39d2c264.js Show response levelcrm.deus.team/assets/	271 B 513 B	158ms 157ms	Script application/javascript	185.154.193.114 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://levelcrm.deus.team/assets/Auth-39d2c264.js Requested by Host: levelcrm.deus.team URL: https://levelcrm.deus.team/assets/index-dc8ff5dc.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.154.193.114 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `13ddd4364d16fb17d71929e9d5ebaaeefc42996554f5a020cc08240821646b0a` Request headers Referer https://levelcrm.deus.team/assets/index-dc8ff5dc.js Origin https://levelcrm.deus.team accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Fri, 12 Jan 2024 23:58:24 GMT Content-Encoding gzip Last-Modified Thu, 11 Jan 2024 14:53:44 GMT Server nginx/1.24.0 ETag W/"65a000f8-10f" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: crm.choice-estate.ru
URL: http://crm.choice-estate.ru/local/templates/crm/template_styles.min.css

Domain: crm.web-hands.ru
URL: http://crm.web-hands.ru//local/templates/crm/vendor/jquery-3.2.1.min.js

Domain: crm.web-hands.ru
URL: http://crm.web-hands.ru//local/templates/crm/vendor/sweetalert/sweetalert2.min.css

Domain: crm.web-hands.ru
URL: http://crm.web-hands.ru//local/templates/crm/vendor/timepicker.css?v=%3C?=%20time();%20?%3E

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://levelcrm.deus.team/(Line 10) Message: Mixed Content: The page at 'https://levelcrm.deus.team/' was loaded over HTTPS, but requested an insecure stylesheet 'http://crm.choice-estate.ru/local/templates/crm/template_styles.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://levelcrm.deus.team/ Message: Mixed Content: The page at 'https://levelcrm.deus.team/' was loaded over HTTPS, but requested an insecure script 'http://crm.web-hands.ru//local/templates/crm/vendor/jquery-3.2.1.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://levelcrm.deus.team/(Line 12) Message: Mixed Content: The page at 'https://levelcrm.deus.team/' was loaded over HTTPS, but requested an insecure stylesheet 'http://crm.web-hands.ru//local/templates/crm/vendor/sweetalert/sweetalert2.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://levelcrm.deus.team/(Line 13) Message: Mixed Content: The page at 'https://levelcrm.deus.team/' was loaded over HTTPS, but requested an insecure stylesheet 'http://crm.web-hands.ru//local/templates/crm/vendor/timepicker.css?v=%3C?=%20time();%20?%3E'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crm.choice-estate.ru
crm.web-hands.ru
levelcrm.deus.team
crm.choice-estate.ru
crm.web-hands.ru
185.154.193.114
13ddd4364d16fb17d71929e9d5ebaaeefc42996554f5a020cc08240821646b0a
6b46cb78f416a46ab9ffb8df9fe85b65bd48f2bbba5ff6189d535fb38e43626c
a67052e1e1e9bd9056da5b22536d6c2670b0c69296aa85531d4386ed11ca022e
bb2da8935a5a5713665b4e107ffd4547efb5be386506230de28e18e74611730f

levelcrm.deus.team Open in urlscan Pro 185.154.193.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

616 kBTransfer

1757 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

levelcrm.deus.team Open in urlscan Pro
185.154.193.114 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

616 kB
Transfer

1757 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions