sso.crfhealth.net Open in urlscan Pro
18.197.237.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trialconsent.crfhealth.net/participant
Effective URL:
https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialcons...
Submission Tags: falconsandbox
Submission: On March 01 via api (March 1st 2022, 10:37:09 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 18.197.237.37, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is sso.crfhealth.net.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 11th 2020. Valid for: 2 years.

This is the only time sso.crfhealth.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 7	18.158.71.247 18.158.71.247	16509 (AMAZON-02) (AMAZON-02)
12	18.197.237.37 18.197.237.37	16509 (AMAZON-02) (AMAZON-02)
17	3

7 18.158.71.247 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-71-247.eu-central-1.compute.amazonaws.com

trialconsent.crfhealth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-trialconsent.crfhealth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.197.237.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

sso.crfhealth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	crfhealth.net 3 redirects trialconsent.crfhealth.net api-trialconsent.crfhealth.net sso.crfhealth.net	1 MB
17	1

	Domain	Requested by
12	sso.crfhealth.net	trialconsent.crfhealth.net sso.crfhealth.net
5	trialconsent.crfhealth.net	3 redirects trialconsent.crfhealth.net
2	api-trialconsent.crfhealth.net	trialconsent.crfhealth.net
17	3

This site contains no links.

Subject Issuer	Validity	Valid
trialconsent.crfhealth.net DigiCert SHA2 Extended Validation Server CA	`2021-10-14` - `2022-10-22`	a year	crt.sh
sso.crfhealth.net DigiCert SHA2 High Assurance Server CA	`2020-06-11` - `2022-06-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialconsent.crfhealth.net%2Fpt%2Ffe%2Frest%2Fv1%2Fsso%3FReferer%3Dhttps%25253A%25252F%25252Ftrialconsent.crfhealth.net%25252Fparticipant&state=ulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU&nonce=LuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY&client_id=TrialConsent
Frame ID: 6B17B39CFDE87C7E6FE3FA6D628D9889
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://trialconsent.crfhealth.net/participant HTTP 302
https://trialconsent.crfhealth.net/participant HTTP 301
http://trialconsent.crfhealth.net/participant/ HTTP 302
https://trialconsent.crfhealth.net/participant/ Page URL
https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

1063 kB
Transfer

3282 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trialconsent.crfhealth.net/participant HTTP 302
https://trialconsent.crfhealth.net/participant HTTP 301
http://trialconsent.crfhealth.net/participant/ HTTP 302
https://trialconsent.crfhealth.net/participant/ Page URL
https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialconsent.crfhealth.net%2Fpt%2Ffe%2Frest%2Fv1%2Fsso%3FReferer%3Dhttps%25253A%25252F%25252Ftrialconsent.crfhealth.net%25252Fparticipant&state=ulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU&nonce=LuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY&client_id=TrialConsent Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://trialconsent.crfhealth.net/participant HTTP 302
https://trialconsent.crfhealth.net/participant HTTP 301
http://trialconsent.crfhealth.net/participant/ HTTP 302
https://trialconsent.crfhealth.net/participant/

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
trialconsent.crfhealth.net/participant/
Redirect Chain

http://trialconsent.crfhealth.net/participant
https://trialconsent.crfhealth.net/participant
http://trialconsent.crfhealth.net/participant/
https://trialconsent.crfhealth.net/participant/

3 KB
2 KB

9ms
9ms

Document
text/html

18.158.71.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trialconsent.crfhealth.net/participant/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.71.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-71-247.eu-central-1.compute.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: 25dd39d85a0e24388279cbd0a7d825cb031f3035cf85932f21ea48f0e974fe0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.17.2
Date: Tue, 01 Mar 2022 22:37:04 GMT
Content-Type: text/html
Last-Modified: Mon, 17 Jan 2022 07:02:59 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: "61e514a3-6ee:dtagent10233220201140653qxFg"
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-548258434"
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Location: https://trialconsent.crfhealth.net/participant/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET ruxitagentjs_ICA2Vfqru_10233220201140653.js
trialconsent.crfhealth.net/ 0
0

GET
H/1.1 200
OK main.bundle.js Show response
trialconsent.crfhealth.net/participant/ 3 MB
669 KB 54ms
32ms Script
application/javascript 18.158.71.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trialconsent.crfhealth.net/participant/main.bundle.js
Requested by: Host: trialconsent.crfhealth.net
URL: https://trialconsent.crfhealth.net/participant/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.71.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-71-247.eu-central-1.compute.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: 685cd5b684620e7866f5968a1bf3f79cf3fc4d9abb260f8194a36544fc5e523f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trialconsent.crfhealth.net/participant/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:04 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 17 Jan 2022 07:02:59 GMT
Server: nginx/1.17.2
ETag: "61e514a3-a7223"
Vary: Accept-Encoding
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="700552996"
Content-Length: 684579

GET
H/1.1 200
OK ClientConfiguration
api-trialconsent.crfhealth.net/pt/fe/rest/v1/ 0
1 KB 36ms
13ms Fetch 18.158.71.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-trialconsent.crfhealth.net/pt/fe/rest/v1/ClientConfiguration
Requested by: Host: trialconsent.crfhealth.net
URL: https://trialconsent.crfhealth.net/participant/main.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.71.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-71-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: application/json
Referer: https://trialconsent.crfhealth.net/participant/
Accept-Language: de-DE,de;q=0.9
crfclient: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
location: https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialconsent.crfhealth.net%2Fpt%2Ffe%2Frest%2Fv1%2Fsso%3FReferer%3Dhttps%25253A%25252F%25252Ftrialconsent.crfhealth.net%25252Fparticipant&state=ulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU&nonce=LuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY&client_id=TrialConsent
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://trialconsent.crfhealth.net
X-OneAgent-JS-Injection: true
Access-Control-Expose-Headers: location
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Server-Timing: dtRpid;desc="-2003857293", dtTao;desc="1", dtSInfo;desc="0"
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, content-type, accept, authorization, crfclient
Content-Length: 0

OPTIONS
H/1.1 204
No Content ClientConfiguration
api-trialconsent.crfhealth.net/pt/fe/rest/v1/ 0
0 57ms
15ms Preflight 18.158.71.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-trialconsent.crfhealth.net/pt/fe/rest/v1/ClientConfiguration
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.71.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-71-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,crfclient
Origin: https://trialconsent.crfhealth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: https://trialconsent.crfhealth.net
Vary: Accept-Encoding, Origin
Access-Control-Allow-Headers: origin, content-type, accept, authorization, crfclient
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Max-Age: 86400
Date: Tue, 01 Mar 2022 22:37:05 GMT
Cache-control: private

GET
H/1.1 200
OK Primary Request authorization.oauth2 Show response
sso.crfhealth.net/as/ 12 KB
13 KB 153ms
31ms Document
text/html 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialconsent.crfhealth.net%2Fpt%2Ffe%2Frest%2Fv1%2Fsso%3FReferer%3Dhttps%25253A%25252F%25252Ftrialconsent.crfhealth.net%25252Fparticipant&state=ulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU&nonce=LuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY&client_id=TrialConsent

Requested by

Host: trialconsent.crfhealth.net
URL: https://trialconsent.crfhealth.net/participant/main.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

de4aa27f40109aaa12769429f53a61bc037ae8945974eae4af759b705b8da614

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trialconsent.crfhealth.net/participant/

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Server-Timing: dtRpid;desc="322751254", dtSInfo;desc="0"
X-OneAgent-JS-Injection: true
Referrer-Policy: origin
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 12241

GET
H/1.1 200
OK ruxitagentjs_ICA2Vfqru_10233220201140653.js Show response
sso.crfhealth.net/ 193 KB
75 KB 12ms
12ms Script
text/javascript 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/ruxitagentjs_ICA2Vfqru_10233220201140653.js

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fapi-trialconsent.crfhealth.net%2Fpt%2Ffe%2Frest%2Fv1%2Fsso%3FReferer%3Dhttps%25253A%25252F%25252Ftrialconsent.crfhealth.net%25252Fparticipant&state=ulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU&nonce=LuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY&client_id=TrialConsent

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bc250b992aa112711760377a2cf272f595a739eb67bf4a648707c1b0e96e45a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 76259
Expires: Wed, 01 Mar 2023 22:37:05 GMT

GET
H/1.1 200
OK crf.js Show response
sso.crfhealth.net/assets/scripts/ 6 KB
6 KB 36ms
20ms Script
application/javascript 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/scripts/crf.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9bba36a2dbb609190e31aee85bca9ef2abc803f10a6c3ac12a257dd2fd34a91a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Wed, 28 Jul 2021 12:33:08 GMT
Content-Type: application/javascript
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 5795

GET
H/1.1 200
OK bootstrap.min.css
sso.crfhealth.net/assets/css/bootstrap/css/ 118 KB
119 KB 48ms
33ms Stylesheet
text/css 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/css/bootstrap/css/bootstrap.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Fri, 05 Jun 2020 16:44:56 GMT
Content-Type: text/css
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 121154

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
sso.crfhealth.net/assets/scripts/ 87 KB
88 KB 49ms
34ms Script
application/javascript 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/scripts/jquery-3.5.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Sun, 19 Dec 2021 10:41:30 GMT
Content-Type: application/javascript
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 89476

GET
H/1.1 200
OK bootstrap.min.js Show response
sso.crfhealth.net/assets/css/bootstrap/js/ 36 KB
37 KB 46ms
30ms Script
application/javascript 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/css/bootstrap/js/bootstrap.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Fri, 05 Jun 2020 16:44:56 GMT
Content-Type: application/javascript
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 37045

GET
H/1.1 200
OK crf.css
sso.crfhealth.net/assets/css/ 16 KB
16 KB 47ms
32ms Stylesheet
text/css 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/css/crf.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

134e6977a5228d5a62124f5dac94be2e7692ef4374a7e88d98dee1ecce998935

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Mon, 22 Jun 2020 10:53:00 GMT
Content-Type: text/css
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 16334

GET
H/1.1 200
OK Signant_color_svg.svg
sso.crfhealth.net/assets/images/ 3 KB
4 KB 11ms
10ms Image
image/svg+xml 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.crfhealth.net/assets/images/Signant_color_svg.svg

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/assets/css/crf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4acc94dfb3c2a6348710078215075134b0a995bece6fab43f142117a4de10e92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso.crfhealth.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Fri, 05 Jun 2020 16:44:56 GMT
Content-Type: image/svg+xml
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Content-Length: 3374

GET
H/1.1 200
OK noto-sans-v6-latin-regular.woff2
sso.crfhealth.net/assets/fonts/google-fonts/ 15 KB
16 KB 13ms
12ms Font
font/woff2 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/fonts/google-fonts/noto-sans-v6-latin-regular.woff2

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/assets/css/crf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

79dcc0f086921867789a2f71bc7bb0ca07e128738a6cc9b6ed7e4655bcfd5609

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Referer: https://sso.crfhealth.net/
Origin: https://sso.crfhealth.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Fri, 05 Jun 2020 16:44:55 GMT
ETag: "1591375496:dtagent10233220201140653h+xg"
Transfer-Encoding: chunked
Content-Type: font/woff2
Access-Control-Allow-Origin: https://sso.crfhealth.net
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Server-Timing: dtRpid;desc="-1702028081", dtSInfo;desc="0"

GET
H/1.1 200
OK noto-sans-v6-latin-700.woff2
sso.crfhealth.net/assets/fonts/google-fonts/ 15 KB
16 KB 12ms
12ms Font
font/woff2 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/assets/fonts/google-fonts/noto-sans-v6-latin-700.woff2

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/assets/css/crf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

15ef67ee9f1e0fa9ecfdc236fc7373668e95806ecd93fc4b42f97cea0eef6709

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Referer: https://sso.crfhealth.net/
Origin: https://sso.crfhealth.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 22:37:05 GMT
Referrer-Policy: origin
Last-Modified: Fri, 05 Jun 2020 16:44:55 GMT
ETag: "1591375496:dtagent10233220201140653h+xg"
Transfer-Encoding: chunked
Content-Type: font/woff2
Access-Control-Allow-Origin: https://sso.crfhealth.net
X-OneAgent-JS-Injection: true
Cache-Control: max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Server-Timing: dtRpid;desc="200451700", dtSInfo;desc="0"

POST
H/1.1 200
OK rb_bf52621fhf Show response
sso.crfhealth.net/ 107 B
518 B 10ms
10ms XHR
text/plain 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.crfhealth.net/rb_bf52621fhf?type=js3&sn=v_4_srv_7_sn_360D60A35BA391A7B57675FEE5DF48AE_perc_100000_ol_0_mul_1_app-3Ab82abc154c619973_1_app-3Aea7c4b59f27d43eb_1&svrid=7&flavor=post&vi=ALPWTKKOUPTKKSJSOQUFFKMGLRGJJEMO-0&modifiedSince=1645776716725&rf=https%3A%2F%2Fsso.crfhealth.net%2Fas%2Fauthorization.oauth2%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi-trialconsent.crfhealth.net%252Fpt%252Ffe%252Frest%252Fv1%252Fsso%253FReferer%253Dhttps%2525253A%2525252F%2525252Ftrialconsent.crfhealth.net%2525252Fparticipant%26state%3Dulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU%26nonce%3DLuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY%26client_id%3DTrialConsent&bp=3&app=ea7c4b59f27d43eb&crc=2377907320&en=zj4lshca&end=1

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/ruxitagentjs_ICA2Vfqru_10233220201140653.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

be9f16e9fc47f1d031794de5f169e7567b7fe4fb71cee8aa42b60e3c22b5d66b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Referer: https://sso.crfhealth.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://sso.crfhealth.net
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Access-Control-Allow-Credentials: true
Date: Tue, 01 Mar 2022 22:37:06 GMT
Content-Length: 107
Content-Type: text/plain;charset=utf-8

POST
H/1.1 200
OK rb_bf52621fhf Show response
sso.crfhealth.net/ 107 B
518 B 10ms
9ms XHR
text/plain 18.197.237.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sso.crfhealth.net
URL: https://sso.crfhealth.net/ruxitagentjs_ICA2Vfqru_10233220201140653.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.237.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-237-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

be9f16e9fc47f1d031794de5f169e7567b7fe4fb71cee8aa42b60e3c22b5d66b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://.crfhealth.net 'self'; base-uri 'self'; object-src 'self'

Request headers

Referer: https://sso.crfhealth.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://sso.crfhealth.net
Content-Security-Policy: frame-ancestors 'self' https://*.crfhealth.net; script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src https://*.crfhealth.net 'self'; base-uri 'self'; object-src 'self'
Access-Control-Allow-Credentials: true
Date: Tue, 01 Mar 2022 22:37:08 GMT
Content-Length: 107
Content-Type: text/plain;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trialconsent.crfhealth.net
URL: https://trialconsent.crfhealth.net/ruxitagentjs_ICA2Vfqru_10233220201140653.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trialconsent.crfhealth.net/	1969-12-31 23:59:59	Name: 87bd98831942bacb8e7bc795bab559ad Value: 58f9857a2720d3ad0f59c827809766b5
.crfhealth.net/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_7_sn_360D60A35BA391A7B57675FEE5DF48AE_perc_100000_ol_0_mul_1_app-3Ab82abc154c619973_1_app-3Aea7c4b59f27d43eb_1
api-trialconsent.crfhealth.net/	1969-12-31 23:59:59	Name: f5cb2d3a438441e862b3f3a4c6238096 Value: 8beaeb6a591b0165e22c8a3b33ed52e5
sso.crfhealth.net/	1969-12-31 23:59:59	Name: PF Value: 8C0icbvHRvtAf7NGLQrK7G
.crfhealth.net/	1969-12-31 23:59:59	Name: rxVisitor Value: 1646174225314C4VNIS15K6KGKHCPKVJLPPPN83HPFC7M
.crfhealth.net/	1969-12-31 23:59:59	Name: dtLatC Value: 62
.crfhealth.net/	1969-12-31 23:59:59	Name: dtSa Value: -
sso.crfhealth.net/	1970-01-20 01:16:15	Name: login-url Value: https%3A%2F%2Fsso.crfhealth.net%2Fas%2Fauthorization.oauth2%3Fscope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapi-trialconsent.crfhealth.net%252Fpt%252Ffe%252Frest%252Fv1%252Fsso%253FReferer%253Dhttps%2525253A%2525252F%2525252Ftrialconsent.crfhealth.net%2525252Fparticipant%26state%3Dulu-OEsRwbY4J_7fO-eyc6SH2jzqlzFbKbuuz8-A-tU%26nonce%3DLuZNb9LYg-gUV3WY-gU2sbTPs9CvX_mFbhUPHEdCAeY%26client_id%3DTrialConsent
.crfhealth.net/	1969-12-31 23:59:59	Name: rxvt Value: 1646176025382\|1646174225316
.crfhealth.net/	1969-12-31 23:59:59	Name: dtPC Value: 7$374225312_326h-vALPWTKKOUPTKKSJSOQUFFKMGLRGJJEMO-0e0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trialconsent.crfhealth.net/ruxitagentjs_ICA2Vfqru_10233220201140653.js Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-trialconsent.crfhealth.net
sso.crfhealth.net
trialconsent.crfhealth.net
trialconsent.crfhealth.net
18.158.71.247
18.197.237.37
134e6977a5228d5a62124f5dac94be2e7692ef4374a7e88d98dee1ecce998935
15ef67ee9f1e0fa9ecfdc236fc7373668e95806ecd93fc4b42f97cea0eef6709
25dd39d85a0e24388279cbd0a7d825cb031f3035cf85932f21ea48f0e974fe0b
4acc94dfb3c2a6348710078215075134b0a995bece6fab43f142117a4de10e92
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
685cd5b684620e7866f5968a1bf3f79cf3fc4d9abb260f8194a36544fc5e523f
79dcc0f086921867789a2f71bc7bb0ca07e128738a6cc9b6ed7e4655bcfd5609
9bba36a2dbb609190e31aee85bca9ef2abc803f10a6c3ac12a257dd2fd34a91a
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
bc250b992aa112711760377a2cf272f595a739eb67bf4a648707c1b0e96e45a7
be9f16e9fc47f1d031794de5f169e7567b7fe4fb71cee8aa42b60e3c22b5d66b
de4aa27f40109aaa12769429f53a61bc037ae8945974eae4af759b705b8da614
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

sso.crfhealth.net Open in urlscan Pro 18.197.237.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

3 IPs

1 Countries

1063 kBTransfer

3282 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

sso.crfhealth.net Open in urlscan Pro
18.197.237.37 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

1063 kB
Transfer

3282 kB
Size

10
Cookies

17 HTTP transactions
0 data transactions