consent.crosoftware.net

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 54.187.112.75, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is consent.crosoftware.net.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.

This is the only time consent.crosoftware.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	54.187.112.75 54.187.112.75	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.36 13.224.193.36	16509 (AMAZON-02) (AMAZON-02)
4	2

5 54.187.112.75 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-112-75.us-west-2.compute.amazonaws.com

billing.crosoftware.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idp.crosoftware.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.crosoftware.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-36.fra2.r.cloudfront.net

cdn.crob.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	crosoftware.net 2 redirects billing.crosoftware.net idp.crosoftware.net consent.crosoftware.net	4 KB
1	crob.in cdn.crob.in	3 KB
4	2

	Domain	Requested by
3	consent.crosoftware.net	consent.crosoftware.net
1	cdn.crob.in	consent.crosoftware.net
1	idp.crosoftware.net	1 redirects
1	billing.crosoftware.net	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid
consent.crosoftware.net R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
*.crob.in Amazon	`2021-09-06` - `2022-10-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
Frame ID: 1CAA13384C5B90AB8224FAE268C9C35D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cro Software Authentication

Page URL History Show full URLs

https://billing.crosoftware.net/ HTTP 307
https://idp.crosoftware.net/oauth2/auth?response_type=code&client_id=cro-billing&redirect_uri=https%3A%2... HTTP 302
https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274 Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

7 kB
Transfer

11 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billing.crosoftware.net/ HTTP 307
https://idp.crosoftware.net/oauth2/auth?response_type=code&client_id=cro-billing&redirect_uri=https%3A%2F%2Fbilling.crosoftware.net%2Fauth%2Fcallback&scope=openid+offline+accounting&state=Aw3v64XWgMpZit1XAtXeZByxL42Nnz HTTP 302
https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
consent.crosoftware.net/
Redirect Chain

https://billing.crosoftware.net/
https://idp.crosoftware.net/oauth2/auth?response_type=code&client_id=cro-billing&redirect_uri=https%3A%2F%2Fbilling.crosoftware.net%2Fauth%2Fcallback&scope=openid+offline+accounting&state=Aw3v64XWg...
https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274

2 KB
1 KB

508ms
172ms

Document
text/html

54.187.112.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.187.112.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-112-75.us-west-2.compute.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

c5f9afe8c8f817fc166919899d3106a58ae6ae08f2d23a2e91ed633fdefc7ea2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.crob.in; img-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent.crosoftware.net
:scheme: https
:path: /login?login_challenge=45415738e9454100ace2f74be8d2c274
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.8
date: Sat, 18 Sep 2021 08:03:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Cookie
content-security-policy: default-src 'self' cdn.crob.in; img-src *
set-cookie: _csrf_token=MTYzMTk1MjIxM3xJamRwYms0d1JsWk5ZMm94VjNGQ016Sk5lakZFYTFGd1pESndZbUpPUmtveVJVSlFhVUZ2TnpWYWVVRTlJZ289fM43yzb4nIeiRk8EpG7w8UUE2XZkG_e0BPHPOBnRY-Fi; HttpOnly
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

Redirect headers

server: nginx/1.15.8
date: Sat, 18 Sep 2021 08:03:33 GMT
content-type: text/html; charset=utf-8
content-length: 109
location: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
set-cookie: oauth2_authentication_csrf=MTYzMTk1MjIxM3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRGM0WmpneU9UVTVPVFJpWlRReVkyTTRNREkyTkRCbVptVTVPRE5sWXpNM3yt2ZNKAKxFUI5imKf5BY66Bz7r52mP24-rxXEfG456bw==; Path=/; Expires=Mon, 18 Oct 2021 08:03:33 GMT; Max-Age=2592000; HttpOnly; Secure
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 style.css
consent.crosoftware.net/static/stylesheets/ 5 KB
2 KB 166ms
165ms Stylesheet
text/css 54.187.112.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.crosoftware.net/static/stylesheets/style.css

Requested by

Host: consent.crosoftware.net
URL: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.187.112.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-112-75.us-west-2.compute.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

65bdf852ba14c795c24b62212b9bf5d53e4f4fbf03a78cc0a4c923cead821712

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.crob.in; img-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/stylesheets/style.css
pragma: no-cache
cookie: _csrf_token=MTYzMTk1MjIxM3xJamRwYms0d1JsWk5ZMm94VjNGQ016Sk5lakZFYTFGd1pESndZbUpPUmtveVJVSlFhVUZ2TnpWYWVVRTlJZ289fM43yzb4nIeiRk8EpG7w8UUE2XZkG_e0BPHPOBnRY-Fi
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: consent.crosoftware.net
referer: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 21:32:01 GMT
server: nginx/1.15.8
x-frame-options: DENY
content-type: text/css; charset=utf-8
content-security-policy: default-src 'self' cdn.crob.in; img-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 logo_with_text.svg
cdn.crob.in/ 3 KB
3 KB 86ms
12ms Image
image/svg+xml 13.224.193.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crob.in/logo_with_text.svg
Requested by: Host: consent.crosoftware.net
URL: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d2916ce9f4a9daa44a5356745d73e1470fc7edd7def153a700c179382852211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent.crosoftware.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:07:24 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified: Tue, 09 Oct 2018 20:55:50 GMT
server: AmazonS3
age: 3371
etag: "81653a746cc7dc859fcd6f6f827ab660"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3146
x-amz-cf-id: IPTjQPvBcssllqjOQW5EXnKeWy-L4_3q7AF8ygFZiXiUWm8_XnvRAA==

GET
H2 200 main.js Show response
consent.crosoftware.net/static/js/ 186 B
485 B 166ms
165ms Script
application/javascript 54.187.112.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.crosoftware.net/static/js/main.js

Requested by

Host: consent.crosoftware.net
URL: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.187.112.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-112-75.us-west-2.compute.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

1f8a0bd673d79f75840eb6d825181aa315c68dbbcfe3f5db957f76f1115a9809

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.crob.in; img-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/js/main.js
pragma: no-cache
cookie: _csrf_token=MTYzMTk1MjIxM3xJamRwYms0d1JsWk5ZMm94VjNGQ016Sk5lakZFYTFGd1pESndZbUpPUmtveVJVSlFhVUZ2TnpWYWVVRTlJZ289fM43yzb4nIeiRk8EpG7w8UUE2XZkG_e0BPHPOBnRY-Fi
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: consent.crosoftware.net
referer: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://consent.crosoftware.net/login?login_challenge=45415738e9454100ace2f74be8d2c274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' cdn.crob.in; img-src *
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 21:32:01 GMT
server: nginx/1.15.8
date: Sat, 18 Sep 2021 08:03:34 GMT
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 186
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| appHeight

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billing.crosoftware.net/	1970-01-19 23:28:48	Name: session Value: 61459d5484dfcd00506aafca2cb90ca8fee9b836a9431b110283a0020d04dffdf887ca690e3855057dd7c1b4
idp.crosoftware.net/	1970-01-19 22:02:24	Name: oauth2_authentication_csrf Value: MTYzMTk1MjIxM3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRGM0WmpneU9UVTVPVFJpWlRReVkyTTRNREkyTkRCbVptVTVPRE5sWXpNM3yt2ZNKAKxFUI5imKf5BY66Bz7r52mP24-rxXEfG456bw==
consent.crosoftware.net/	1969-12-31 23:59:59	Name: _csrf_token Value: MTYzMTk1MjIxM3xJamRwYms0d1JsWk5ZMm94VjNGQ016Sk5lakZFYTFGd1pESndZbUpPUmtveVJVSlFhVUZ2TnpWYWVVRTlJZ289fM43yzb4nIeiRk8EpG7w8UUE2XZkG_e0BPHPOBnRY-Fi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' cdn.crob.in; img-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billing.crosoftware.net
cdn.crob.in
consent.crosoftware.net
idp.crosoftware.net
13.224.193.36
54.187.112.75
1f8a0bd673d79f75840eb6d825181aa315c68dbbcfe3f5db957f76f1115a9809
4d2916ce9f4a9daa44a5356745d73e1470fc7edd7def153a700c179382852211
65bdf852ba14c795c24b62212b9bf5d53e4f4fbf03a78cc0a4c923cead821712
c5f9afe8c8f817fc166919899d3106a58ae6ae08f2d23a2e91ed633fdefc7ea2

consent.crosoftware.net Open in urlscan Pro 54.187.112.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

2 IPs

1 Countries

7 kBTransfer

11 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

consent.crosoftware.net Open in urlscan Pro
54.187.112.75 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

7 kB
Transfer

11 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions