crm.pslasecurity.com Open in urlscan Pro
3.231.182.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://crm.pslasecurity.com/
Effective URL:
https://crm.pslasecurity.com/login/?next=/
Submission: On January 26 via automatic, source certstream-suspicious (January 26th 2020, 6:10:11 pm UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 3.231.182.75, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is crm.pslasecurity.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 26th 2020. Valid for: 3 months.

This is the only time crm.pslasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 17	3.231.182.75 3.231.182.75		14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:814::200a		15169 (GOOGLE) (GOOGLE)
17	2

17 3.231.182.75 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-182-75.compute-1.amazonaws.com

crm.pslasecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	pslasecurity.com 1 redirects crm.pslasecurity.com	613 KB
1	googleapis.com fonts.googleapis.com	610 B
17	2

	Domain	Requested by
17	crm.pslasecurity.com	1 redirects crm.pslasecurity.com
1	fonts.googleapis.com	crm.pslasecurity.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
crm.pslasecurity.com Let's Encrypt Authority X3	`2020-01-26` - `2020-04-25`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crm.pslasecurity.com/login/?next=/
Frame ID: 2FB8DE11C1F6ED455A3919CE893B6BDD
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://crm.pslasecurity.com/ HTTP 302
https://crm.pslasecurity.com/login/?next=/ Page URL

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

613 kB
Transfer

1237 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://crm.pslasecurity.com/ HTTP 302
https://crm.pslasecurity.com/login/?next=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
crm.pslasecurity.com/login/
Redirect Chain

https://crm.pslasecurity.com/
https://crm.pslasecurity.com/login/?next=/

3 KB
2 KB

118ms
118ms

Document
text/html

3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: fabf60717126b6d3cd345809078f998e16c9bf81c8866e6d07a52e92775b0c73

Request headers

Host: crm.pslasecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.17.7
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Cookie
Set-Cookie: fh2_csrf=8eeuUSR7EIltTkwTLQOol0rEaepQO0lXQISj2TsAb1J7m7EzZ4FQac6deIo8M05f; Domain=.crm.pslasecurity.com; expires=Sun, 24-Jan-2021 18:09:54 GMT; Max-Age=31449600; Path=/; secure
Content-Encoding: gzip

Redirect headers

Server: nginx/1.17.7
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Vary: Cookie
Location: /login/?next=/

GET
H/1.1 200
OK bootstrap.min.css
crm.pslasecurity.com/s/5-9-0/v3/admin/vendor/bootstrap/dist/css/ 138 KB
21 KB 180ms
180ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/admin/vendor/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:21 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a5-22688"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK ionicons.css
crm.pslasecurity.com/s/5-9-0/v3/admin/vendor/ionicons/css/ 57 KB
9 KB 285ms
102ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/admin/vendor/ionicons/css/ionicons.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 6c31c5b05143daa31771cb4997021d0b9a0992bbbdc78b9f6ba4e2743e7a056f

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:21 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a5-e531"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK style.css
crm.pslasecurity.com/s/5-9-0/v3/fonts/icomoon/ 3 KB
1 KB 283ms
94ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/icomoon/style.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 6531b087f12e54a048badf1d4d8bc9cd04707b669c28fe9ca8d0c53e2ddca3d0

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a6-d12"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK style.css
crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/ 1 KB
521 B 289ms
100ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/style.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 9338852b566edc4fb02deb9c3cbf5cd86146d272edbe61262c89e95c78a12a3e

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a6-46f"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK app.css
crm.pslasecurity.com/s/5-9-0/v3/admin/css/ 211 KB
28 KB 364ms
175ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/admin/css/app.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 78762f6a8f5db6819d2f0c0b5f71612d728ea45a00275fe63b8eba637aeaf481

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:21 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a5-34c06"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK custom.css
crm.pslasecurity.com/s/5-9-0/v3/cssc/ 95 KB
15 KB 374ms
179ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/cssc/custom.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: f077175613aec2e7aacf6cbc1f7c2d34f4a97810e07474b5438e55c1036ffd56

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: W/"5d67c8a6-17bef"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK login.css
crm.pslasecurity.com/s/5-9-0/v3/cssc/ 3 KB
1 KB 292ms
98ms Stylesheet
text/css 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/cssc/login.css
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 34f1ea32048aa93d652a3bad8cdd4e719e03d5b76bb6ea248697f97e299ab165

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Nov 2019 16:04:13 GMT
Server: nginx/1.17.7
ETag: W/"5dc04bfd-d04"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK jquery.js Show response
crm.pslasecurity.com/s/5-9-0/ace/js/ 242 KB
72 KB 463ms
176ms Script
application/javascript 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/ace/js/jquery.js
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:42:15 GMT
Server: nginx/1.17.7
ETag: W/"5d67c827-3c72d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK jquery.ajax.config.js Show response
crm.pslasecurity.com/s/5-9-0/js/ 2 KB
1 KB 395ms
108ms Script
application/javascript 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/js/jquery.ajax.config.js
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 9b8c02b6518f006ef7d1daba810e7fe02dffbfcbf6cfdb38526d3803dd670fbf

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:42:13 GMT
Server: nginx/1.17.7
ETag: W/"5d67c825-72f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK ua2ajax.js Show response
crm.pslasecurity.com/s/5-9-0/js/ 971 B
689 B 384ms
94ms Script
application/javascript 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/js/ua2ajax.js
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 13be9ec7edf2aa329d7907727c4f3982f81d0824341c8e896287ceec4a9fe940

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:42:13 GMT
Server: nginx/1.17.7
ETag: W/"5d67c825-3cb"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK u2f-api.js Show response
crm.pslasecurity.com/s/5-9-0/v3/js/ 20 KB
5 KB 392ms
98ms Script
application/javascript 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/js/u2f-api.js
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 8b52cb68d6b23ca186348f0964007e388897efcbe6a69a5f9c35231f740890ce

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:42:14 GMT
Server: nginx/1.17.7
ETag: W/"5d67c826-518e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK login.js Show response
crm.pslasecurity.com/s/5-9-0/v3/js/ 4 KB
1 KB 465ms
96ms Script
application/javascript 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/js/login.js
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 5d6f38c7946305b49229d12d3dd2924a6c9d90cd5109d66cd498d3c9b355b12f

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 12:42:14 GMT
Server: nginx/1.17.7
ETag: W/"5d67c826-fc8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Connection: keep-alive

GET
H/1.1 200
OK login-logo.png
crm.pslasecurity.com/s/5-9-0/v3/img/ 22 KB
22 KB 106ms
105ms Image
image/png 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/img/login-logo.png
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: a8780489b59d20ffb11586cac24d6d6d33fa2ef265e2b5e0e190be29e4ced795

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: "5d67c8a6-58b1"
Content-Type: image/png
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22705

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://crm.pslasecurity.com/login/?next=/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 26 Jan 2020 18:09:54 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 26 Jan 2020 18:09:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 26 Jan 2020 18:09:54 GMT

GET
H/1.1 200
OK OpenSans-Regular.ttf
crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/ 212 KB
212 KB 102ms
102ms Font
application/octet-stream 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/OpenSans-Regular.ttf
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/style.css
Origin: https://crm.pslasecurity.com

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: "5d67c8a6-350bc"
Content-Type: application/octet-stream
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217276

GET
H/1.1 200
OK OpenSans-Bold.ttf
crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/ 219 KB
219 KB 182ms
182ms Font
application/octet-stream 3.231.182.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/OpenSans-Bold.ttf
Requested by: Host: crm.pslasecurity.com
URL: https://crm.pslasecurity.com/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.182.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-182-75.compute-1.amazonaws.com
Software: nginx/1.17.7 /
Resource Hash: 1b43de2449d39b65ff6f63315d4afda585f72fbbec2e3d9a56f59de6c75149d3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://crm.pslasecurity.com/s/5-9-0/v3/fonts/opensans/style.css
Origin: https://crm.pslasecurity.com

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 18:09:54 GMT
Last-Modified: Thu, 29 Aug 2019 12:44:22 GMT
Server: nginx/1.17.7
ETag: "5d67c8a6-36cc4"
Content-Type: application/octet-stream
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224452

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| getCookie function| csrfSafeMethod function| sameOrigin function| ua2json_convert object| u2f undefined| js_api_version

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.crm.pslasecurity.com/	1970-01-19 15:38:31	Name: fh2_csrf Value: 8eeuUSR7EIltTkwTLQOol0rEaepQO0lXQISj2TsAb1J7m7EzZ4FQac6deIo8M05f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crm.pslasecurity.com
fonts.googleapis.com
2a00:1450:4001:814::200a
3.231.182.75
13be9ec7edf2aa329d7907727c4f3982f81d0824341c8e896287ceec4a9fe940
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1b43de2449d39b65ff6f63315d4afda585f72fbbec2e3d9a56f59de6c75149d3
34f1ea32048aa93d652a3bad8cdd4e719e03d5b76bb6ea248697f97e299ab165
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
5d6f38c7946305b49229d12d3dd2924a6c9d90cd5109d66cd498d3c9b355b12f
6531b087f12e54a048badf1d4d8bc9cd04707b669c28fe9ca8d0c53e2ddca3d0
6c31c5b05143daa31771cb4997021d0b9a0992bbbdc78b9f6ba4e2743e7a056f
78762f6a8f5db6819d2f0c0b5f71612d728ea45a00275fe63b8eba637aeaf481
8b52cb68d6b23ca186348f0964007e388897efcbe6a69a5f9c35231f740890ce
9338852b566edc4fb02deb9c3cbf5cd86146d272edbe61262c89e95c78a12a3e
9b8c02b6518f006ef7d1daba810e7fe02dffbfcbf6cfdb38526d3803dd670fbf
9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24
a8780489b59d20ffb11586cac24d6d6d33fa2ef265e2b5e0e190be29e4ced795
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
f077175613aec2e7aacf6cbc1f7c2d34f4a97810e07474b5438e55c1036ffd56
fabf60717126b6d3cd345809078f998e16c9bf81c8866e6d07a52e92775b0c73