wick.crm.me
Open in
urlscan Pro
69.16.202.219
Public Scan
Effective URL: https://wick.crm.me/crm/app/index.php/zurmo/default/login
Submission Tags: phishingrod
Submission: On January 24 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 9th 2023. Valid for: 3 months.
This is the only time wick.crm.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 16 | 69.16.202.219 69.16.202.219 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
15 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
crm.me
3 redirects
wick.crm.me |
740 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
16 | wick.crm.me |
3 redirects
wick.crm.me
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
wick.crm.me
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
redlotus.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wick.crm.me cPanel, Inc. Certification Authority |
2023-11-09 - 2024-02-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wick.crm.me/crm/app/index.php/zurmo/default/login
Frame ID: 0AFFAD7D31F57FB67A558C6884F4BF35
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
CRM.me - Sign inPage URL History Show full URLs
-
https://wick.crm.me/
HTTP 302
https://wick.crm.me/crm/ HTTP 302
https://wick.crm.me/crm/app/index.php HTTP 302
https://wick.crm.me/crm/app/index.php/zurmo/default/login Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Copyright © RedLotus Inc., 2023. All rights reserved.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wick.crm.me/
HTTP 302
https://wick.crm.me/crm/ HTTP 302
https://wick.crm.me/crm/app/index.php HTTP 302
https://wick.crm.me/crm/app/index.php/zurmo/default/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
wick.crm.me/crm/app/index.php/zurmo/default/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zurmo-blue.css
wick.crm.me/crm/app/themes/default/css/ |
273 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imports-blue.css
wick.crm.me/crm/app/themes/default/css/ |
3 MB 193 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commercial.css
wick.crm.me/crm/app/themes/default/css/ |
1 KB 593 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
wick.crm.me/crm/app/themes/default/css/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redlotus.css
wick.crm.me/crm/app/themes/default/css/ |
1 MB 234 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1673704739
wick.crm.me/crm/app/index.php/min/serve/g/js/lm/ |
932 KB 262 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZurmoDialog.js
wick.crm.me/crm/app/assets/89ecfec7/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-interactions.js
wick.crm.me/crm/app/assets/89ecfec7/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZurmoLogo.png
wick.crm.me/crm/app/themes/default/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox-icon.svg
wick.crm.me/crm/app/themes/default/images/icon/ |
160 B 192 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkboxActive-icon.svg
wick.crm.me/crm/app/themes/default/images/icon/ |
230 B 274 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Zurmo.png
wick.crm.me/crm/app/themes/default/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| transferModalValues function| rebuildDynamicSearchRowNumbersAndStructureInput function| afterDynamicSearchValidateAjaxAction function| resolveClearLinkPrefixLabelAndVisibility function| processAjaxSuccessError function| movePager function| movePagerToJuiPortletHead function| movePagerToDialogTitleBar function| movePagerToTooltipTitleBar function| processListViewSummaryClone function| updateListViewSelectedIds function| addListViewSelectedIdsToUrl function| resetSelectedListAttributes number| windowTop number| diff object| AmCharts object| juiPortlets function| CalendarEvent function| addSpansToDatesOnCalendar function| replaceAllSvgImagesWithInlineSvg function| registerMultipleSelect function| registerMultipleSelectItemsEvents function| recalculateMultipleSelectPivot function| registerMultipleSelectHolderActions function| registerRadioButtons function| registerSearchWithoutScope function| joinJuiPortletOptionsMenu function| $ function| jQuery function| Spinner function| Color object| jQuery1111047468739011212494 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wick.crm.me/ | Name: PHPSESSID Value: eo2rro0aitsp00ji1ad4h5een4 |
|
wick.crm.me/ | Name: DefaultUserInterfaceType Value: Desktop |
|
wick.crm.me/ | Name: UserInterfaceType Value: Desktop |
|
wick.crm.me/ | Name: YII_CSRF_TOKEN Value: 6ed925eba37e43b182e853422ec927730ab6ea2c |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
wick.crm.me
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
69.16.202.219
0633296a6cd45d3e4fef2381d3e14585d075ec7aca780948c505c65654896790
3259fbe716e3c031fe0f80e292b6f657ecbc68b2d8a4684b0731d144e5ee90ba
626ae8fd4d19cf083eb5f37e3a548b4cfa56e1bf0d451cb5262265f2c7f5b9e7
7bb9bba5b1011219028da3fe9258291dded923cd92cbde9612d32ff7fdebf2a3
8d6d2b2abb8754b7f5036ae79eae4c2d3134e07e935f6da2bad3efaee93767e3
93b2d1fe10febcd4f66463aafba1eb81d29f81ab512b5d4daeb39db5837694c5
b4ba4d3c028de7e041cb5ed842073174054a4fee2b652e6902c5779c320ec652
c57ee8c14d72bf62abd88f4c1cd6198a0f0472c356be1830e6aa76a7b03427fb
c9c5344f84e020448473b201ba76e12539d16aff6fbf6d6fc1dff939ba942471
d264548caacccea2efe197440c3781b08e97e5c2d86e164c9920d60a1f51932e
d6c6980600ce8b6082912c5ad2491e1d0f7babdd4f770619025d6ab05f36d79f
e9da6bd92a850a9eb6a1e678696f12f11d0598d93b341b43c4e3c4955e18540d
f2431a35190218b8d6bdb1aef6ea3376ced4a7935497de2c85120f317d77565f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb8e4ae3477ad1363951238466c5468e078cc4f5637e48a794c178cd6d758dfb