Submitted URL: https://sso.rilldata.com/
Effective URL: https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEz...
Submission: On July 05 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 2606:4700::6813:a818, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.rilldata.com.
TLS certificate: Issued by E5 on June 15th 2024. Valid for: 3 months.
This is the only time auth.rilldata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.196.206.10 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.235.101.7 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
32 5
Apex Domain
Subdomains
Transfer
8 rilldata.com
sso.rilldata.com
auth.rilldata.com
433 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 434
206 KB
1 sprig.com
api.sprig.com — Cisco Umbrella Rank: 4614 Failed
32 3
Domain Requested by
6 sso.rilldata.com 1 redirects sso.rilldata.com
4 storage.googleapis.com auth.rilldata.com
2 auth.rilldata.com 1 redirects sso.rilldata.com
1 api.sprig.com sso.rilldata.com
32 4

This site contains links to these domains. Also see Links.

Domain
www.rilldata.com
Subject Issuer Validity Valid
sso.rilldata.com
R10
2024-07-05 -
2024-10-03
3 months crt.sh
auth.rilldata.com
E5
2024-06-15 -
2024-09-13
3 months crt.sh
istio-gateway.sprig.com
Amazon RSA 2048 M03
2024-04-22 -
2025-05-21
a year crt.sh
storage.googleapis.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
Frame ID: D94B246883A4FFEE3EA2F9ACABE85519
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Sign In with Auth0

Page URL History Show full URLs

  1. https://sso.rilldata.com/ Page URL
  2. https://sso.rilldata.com/loginAuth0 HTTP 302
    https://auth.rilldata.com/authorize?client_id=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&scope=openid%20profile%... HTTP 302
    https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

34 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

636 kB
Transfer

795 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.rilldata.com/ Page URL
  2. https://sso.rilldata.com/loginAuth0 HTTP 302
    https://auth.rilldata.com/authorize?client_id=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820&state=eyJyZXR1cm5UbyI6Imh0dHBzOi8vZGFzaC5yaWxsZGF0YS5jb20ifQ HTTP 302
    https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
sso.rilldata.com/
3 KB
2 KB
Document
General
Full URL
https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.206.10 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.206.196.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
97ef7a8130c3f04def0917ff544a0b5185a8b53dd27e64217b343f12cd2637ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
false
content-encoding
gzip
content-security-policy
default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
cross-origin
cross-origin-resource-policy
unsafe-none
date
Fri, 05 Jul 2024 07:37:21 GMT
etag
W/"d87-oHMUOG9q2J+QJkW2rcv9DYviIcI"
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM *
x-powered-by
Express
x-xss-protection
1; mode=block
modernizr-3.3.1.js
sso.rilldata.com/js/modernizr/
17 KB
7 KB
Script
General
Full URL
https://sso.rilldata.com/js/modernizr/modernizr-3.3.1.js
Requested by
Host: sso.rilldata.com
URL: https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.206.10 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.206.196.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
f221f602084c6faca84d7a14b1a0dd3ae7945d400cd8fe4c5147998889beea7a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sso.rilldata.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
cross-origin-embedder-policy
credentialless
x-powered-by
Express
cross-origin-resource-policy
unsafe-none
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 03:42:49 GMT
cross-origin-opener-policy
cross-origin
etag
W/"42af-18dedcecaa8"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM *
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
access-control-allow-credentials
false
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
jquery-1.9.1.js
sso.rilldata.com/js/jquery/
0
0
Script
General
Full URL
https://sso.rilldata.com/js/jquery/jquery-1.9.1.js
Requested by
Host: sso.rilldata.com
URL: https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.206.10 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.206.196.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sso.rilldata.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
cross-origin-embedder-policy
credentialless
x-powered-by
Express
cross-origin-resource-policy
unsafe-none
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 03:42:49 GMT
cross-origin-opener-policy
cross-origin
etag
W/"169d5-18dedcecaa8"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM *
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
access-control-allow-credentials
false
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
jquery.browser.min.js
sso.rilldata.com/js/jquery/
0
0

jquery-ui-1.12.0.min.js
sso.rilldata.com/js/jquery/
0
0

polyfill.min.js
sso.rilldata.com/js/polyfill/
0
0

polyfill.min.js
sso.rilldata.com/js/babel-polyfill/
0
0

moment.min.js
sso.rilldata.com/js/moment/
0
0

sprig.v2.3.0.js
sso.rilldata.com/js/sprig/
0
0

angular-1.5.8.min.js
sso.rilldata.com/js/angular-1.5.8/
0
0

angular-animate-1.5.8.min.js
sso.rilldata.com/js/angular-1.5.8/
0
0

angular-route-1.5.8.min.js
sso.rilldata.com/js/angular-1.5.8/
0
0

angular-resource-1.5.8.min.js
sso.rilldata.com/js/angular-1.5.8/
0
0

angular-aria-1.5.8.min.js
sso.rilldata.com/js/angular-1.5.8/
0
0

angular-material-1.1.3.min.js
sso.rilldata.com/js/angular-material/
0
0

ngPerformance.min.js
sso.rilldata.com/js/ngPerformance/
0
0

hotkeys.min.js
sso.rilldata.com/js/angular-hotkeys/build/
0
0

angular-drag-and-drop-lists.min.js
sso.rilldata.com/js/angular-drag-and-drop-lists/
0
0

angular-masonry-0.16.0.min.js
sso.rilldata.com/js/angular-masonry/
0
0

ag-grid-4.0.0.min.js
sso.rilldata.com/js/ag-grid/
0
0

sprintf.min.js
sso.rilldata.com/js/sprintf/
0
0

i18n-node-angular-1.4.0.min.js
sso.rilldata.com/js/i18n-node-angular/
0
0

_login-22.01.13.js
sso.rilldata.com/cat/
0
0

_login-22.01.13.css
sso.rilldata.com/style/_/
22 KB
5 KB
Stylesheet
General
Full URL
https://sso.rilldata.com/style/_/_login-22.01.13.css
Requested by
Host: sso.rilldata.com
URL: https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.206.10 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.206.196.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sso.rilldata.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
cross-origin-embedder-policy
credentialless
x-powered-by
Express
cross-origin-resource-policy
unsafe-none
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 03:47:50 GMT
cross-origin-opener-policy
cross-origin
etag
W/"59e0-18dedd36270"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM *
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
access-control-allow-credentials
false
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
Primary Request login
auth.rilldata.com/
Redirect Chain
  • https://sso.rilldata.com/loginAuth0
  • https://auth.rilldata.com/authorize?client_id=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response...
  • https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM...
357 KB
358 KB
Document
General
Full URL
https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
Requested by
Host: sso.rilldata.com
URL: https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcda51fcc94d8ca3c58d726306f521c49cb5059cd6a0aec69823baa692018830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sso.rilldata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
89e5b08068099f16-FRA
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 07:37:23 GMT
etag
W/"5942a-T1xusFoNjlwIvyDS1URo90FL2vg"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
0cfb72bde548adbf2bc9
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1720165044
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
89e5b07e3dc09f16-FRA
content-length
930
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 07:37:23 GMT
location
/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
a6a8dcb806eb95b48960
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1720165044
sprig.v2.3.0.js
sso.rilldata.com/js/sprig/
191 KB
58 KB
Script
General
Full URL
https://sso.rilldata.com/js/sprig/sprig.v2.3.0.js?id=8XzcfJAHZl
Requested by
Host: sso.rilldata.com
URL: https://sso.rilldata.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.206.10 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.206.196.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sso.rilldata.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
cross-origin-embedder-policy
credentialless
x-powered-by
Express
cross-origin-resource-policy
unsafe-none
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 03:42:49 GMT
cross-origin-opener-policy
cross-origin
etag
W/"2fbe5-18dedcecaa8"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM *
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
access-control-allow-credentials
false
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
config
api.sprig.com/sdk/1/environments/8XzcfJAHZl/
0
0

config
api.sprig.com/sdk/1/environments/8XzcfJAHZl/
0
0
Preflight
General
Full URL
https://api.sprig.com/sdk/1/environments/8XzcfJAHZl/config
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.235.101.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-101-7.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,userleap-platform,x-ul-sdk-version
Access-Control-Request-Method
GET
Origin
https://sso.rilldata.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,userleap-platform,x-ul-sdk-version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Fri, 05 Jul 2024 07:37:23 GMT
server
istio-envoy
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary
Access-Control-Request-Headers
x-envoy-upstream-service-time
7
fonts.css
storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/
324 B
820 B
Stylesheet
General
Full URL
https://storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/fonts.css
Requested by
Host: auth.rilldata.com
URL: https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3b38e2e44f334286e6eaecb0f0ce30eac12ec33b32d31dcc0e84b6d73e62f2a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:23 GMT
age
0
x-guploader-uploadid
ACJd0NoGGZZS6CjYtean6YY9Ved0oiTX4KnfBVPhtU3T5n6WNkok5wlLETF6U6RBCDEq7IXedGo
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
last-modified
Tue, 25 Apr 2023 15:06:48 GMT
server
UploadServer
etag
"711da4feb6ce3066412b932c23354117"
x-goog-generation
1682435208768646
x-goog-hash
crc32c=ugKY/Q==, md5=cR2k/rbOMGZBK5MsIzVBFw==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
324
accept-ranges
bytes
content-type
text/css
expires
Fri, 05 Jul 2024 08:37:23 GMT
Inter-Regular.woff2
storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/
99 KB
100 KB
Font
General
Full URL
https://storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/Inter-Regular.woff2?v=3.19
Requested by
Host: auth.rilldata.com
URL: https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dabd641cef740ab78824af4a25be8515fcf41faefc22d7e23ba5c64cdde0cb91

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://auth.rilldata.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:24 GMT
age
0
x-guploader-uploadid
ACJd0NpTyrXurLSwBIpd29aQnV4U0LpSIMdQkx2c49IzboDVOs0ftEd2A5XJnupG3_6h2yCJqIE
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101692
last-modified
Tue, 25 Apr 2023 10:04:23 GMT
server
UploadServer
etag
"689ee5dfb2230f02d22fd49c9289d481"
x-goog-generation
1682417063407723
x-goog-hash
crc32c=7OOEBg==, md5=aJ7l37IjDwLSL9SckonUgQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
101692
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 05 Jul 2024 08:37:24 GMT
Inter-Medium.woff2
storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/
103 KB
104 KB
Font
General
Full URL
https://storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/fonts/Inter-Medium.woff2?v=3.19
Requested by
Host: auth.rilldata.com
URL: https://auth.rilldata.com/login?state=hKFo2SBxQ2hVeVBGSV9taGdENjBmLXE5bDFUenUtZXVacThLbKFupWxvZ2luo3RpZNkgOTBENHlvUHdiSFEzTm43N1ZSb2NKOTJTbDNKdGxqc0qjY2lk2SBDcUlzTjNWMGdMdVJ2WVRBcnp1ckFzZElsWGZKZkM1Zw&client=CqIsN3V0gLuRvYTArzurAsdIlXfJfC5g&protocol=oauth2&scope=openid%20profile%20email&response_type=id_token&redirect_uri=https%3A%2F%2Fdash.rilldata.com%2Fcallback&response_mode=form_post&nonce=dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2fa4577ef065bdc9b85e7c984cb3399bcf3a45981ed83ed6866a19d3a5d8c036

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://auth.rilldata.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:23 GMT
age
0
x-guploader-uploadid
ACJd0NoxoWDcKeZ5Ty1ycJksICG_IPd0NaoxxLcxh94cpxSOtvSgM23Q-7N1xQAKp7hBr_y7OtE
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105600
last-modified
Tue, 25 Apr 2023 10:04:23 GMT
server
UploadServer
etag
"58d7e6901d08a0c7337fec2d36d69bef"
x-goog-generation
1682417063137059
x-goog-hash
crc32c=6WZPZg==, md5=WNfmkB0IoMczf+wtNtab7w==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
105600
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 05 Jul 2024 08:37:23 GMT
favicon.png
storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/
1 KB
2 KB
Other
General
Full URL
https://storage.googleapis.com/stage-cdn.rilldata.io/auth0-assets/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
19f23b04752c438be532027459a1570a0b7b2c08faecfe6b8438fd8043bc3934

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:37:24 GMT
age
0
x-guploader-uploadid
ACJd0Nr0E9WOmX5Dyo2nlgDfa4PeYOJd1ZdbTjd9hY6OpwPjXSdp71Wa4wrTYnHKPRzv2S2WZMU
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
last-modified
Thu, 01 Feb 2024 23:10:19 GMT
server
UploadServer
etag
"e922609554cb8f8df4049a22029c824e"
x-goog-generation
1706829019306332
x-goog-hash
crc32c=6/Y0/w==, md5=6SJglVTLj430BJoiApyCTg==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1368
accept-ranges
bytes
content-type
image/png
expires
Fri, 05 Jul 2024 08:37:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/jquery/jquery.browser.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/jquery/jquery-ui-1.12.0.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/polyfill/polyfill.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/babel-polyfill/polyfill.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/moment/moment.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/sprig/sprig.v2.3.0.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-1.5.8/angular-1.5.8.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-1.5.8/angular-animate-1.5.8.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-1.5.8/angular-route-1.5.8.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-1.5.8/angular-resource-1.5.8.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-1.5.8/angular-aria-1.5.8.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-material/angular-material-1.1.3.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/ngPerformance/ngPerformance.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-hotkeys/build/hotkeys.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-drag-and-drop-lists/angular-drag-and-drop-lists.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/angular-masonry/angular-masonry-0.16.0.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/ag-grid/ag-grid-4.0.0.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/sprintf/sprintf.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/js/i18n-node-angular/i18n-node-angular-1.4.0.min.js
Domain
sso.rilldata.com
URL
https://sso.rilldata.com/cat/_login-22.01.13.js
Domain
api.sprig.com
URL
https://api.sprig.com/sdk/1/environments/8XzcfJAHZl/config

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| __svelte

10 Cookies

Domain/Path Name / Value
auth.rilldata.com/usernamepassword/login Name: _csrf
Value: 7NKQ0RXV4C0yf19Dy3E51UBL
sso.rilldata.com/ Name: XSRF-TOKEN
Value: ZDOfjXpa-RK8O_uGqqmMY2J7EJJ22M9p3pSQ
sso.rilldata.com/ Name: mmx.hello
Value: c058e6fe-2eb8-4cfc-b3ee-2cd10048bfa2
sso.rilldata.com/ Name: mmx.sid
Value: s%3AzWaFoOhbLxxroO-dfb2T_PaSZrKW_K6c.zFOpIcH4mPa5Ip1SdoAb1DW%2FDWt3k7saqQL53DXlBCs
sso.rilldata.com/ Name: auth_verification
Value: %7B%22nonce%22%3A%22dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820%22%2C%22state%22%3A%22eyJyZXR1cm5UbyI6Imh0dHBzOi8vZGFzaC5yaWxsZGF0YS5jb20ifQ%22%7D.9_B_AMhw--YXhFvy3ldant3AEY-JLWYEg590cDvLr0c
sso.rilldata.com/ Name: _auth_verification
Value: %7B%22nonce%22%3A%22dyYa2ytA0jZYK1QwZ8WNeTG-vi7mksSImOKhBp0U820%22%2C%22state%22%3A%22eyJyZXR1cm5UbyI6Imh0dHBzOi8vZGFzaC5yaWxsZGF0YS5jb20ifQ%22%7D.3YGXfGbCaJiASbFmU7OYgCn8rSKOmO5OJSIg4wtZ52U
auth.rilldata.com/ Name: did
Value: s%3Av0%3A2da1a10a-139b-4b74-a6dd-38d0077d4c28.TybQZZC1l13VSpf5zEw1%2FUrVFr66ckphml%2BNZNXLLtw
auth.rilldata.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLRGDmXyXzsW1pGvoCi75__gqpA6gPtz8zNOSgSuEdvX89K5fIwDJFQSQc57ftuNps8hhy-c2bnm4o54nFwwNH6mY29va2llg6dleHBpcmVz1_8dzWUAZouXM65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ioR5XqvBiurzCAOajTUSPhBOgd6081vt3Bo6ZMHjRGU
auth.rilldata.com/ Name: did_compat
Value: s%3Av0%3A2da1a10a-139b-4b74-a6dd-38d0077d4c28.TybQZZC1l13VSpf5zEw1%2FUrVFr66ckphml%2BNZNXLLtw
auth.rilldata.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLRGDmXyXzsW1pGvoCi75__gqpA6gPtz8zNOSgSuEdvX89K5fIwDJFQSQc57ftuNps8hhy-c2bnm4o54nFwwNH6mY29va2llg6dleHBpcmVz1_8dzWUAZouXM65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ioR5XqvBiurzCAOajTUSPhBOgd6081vt3Bo6ZMHjRGU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob:; frame-ancestors *; object-src 'none'; connect-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *
X-Xss-Protection 1; mode=block