urlscan.io logo urlscan.io
SecurityTrails logo

app.datarails.com Open in urlscan Pro
2606:4700:3108::ac42:28a2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://support.datarails.com/
Effective URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Submission: On January 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3108::ac42:28a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.datarails.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.
This is the only time app.datarails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 2606:4700:310... 13335 (CLOUDFLAR...)
10 52.240.48.36 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 5
3    2606:4700:3108::ac42:28a2 (United States)

ASN13335 (CLOUDFLARENET, US)
support.datarails.com
app.datarails.com
10    52.240.48.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
datarailsprod.blob.core.windows.net
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
10 windows.net
datarailsprod.blob.core.windows.net
119 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 122
accounts.google.com — Cisco Umbrella Rank: 74
127 KB
3 datarails.com
support.datarails.com
app.datarails.com
6 KB
1 gstatic.com
ssl.gstatic.com
114 KB
17 4
Domain Requested by
10 datarailsprod.blob.core.windows.net app.datarails.com
datarailsprod.blob.core.windows.net
3 apis.google.com app.datarails.com
apis.google.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 app.datarails.com 1 redirects
1 ssl.gstatic.com accounts.google.com
1 support.datarails.com 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-11-14 -
2022-11-14		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Frame ID: A3A816521C6B69111FA8EF55FCDB6E7F
Requests: 14 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 16A7F6BF14C7659BF5656121F47659E9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. https://support.datarails.com/ HTTP 302
    https://app.datarails.com/doc360/jwt HTTP 302
    https://app.datarails.com/accounts/login/?next=/doc360/jwt Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

364 kB
Transfer

600 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://support.datarails.com/ HTTP 302
    https://app.datarails.com/doc360/jwt HTTP 302
    https://app.datarails.com/accounts/login/?next=/doc360/jwt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.datarails.com/accounts/login/
Redirect Chain
  • https://support.datarails.com/
  • https://app.datarails.com/doc360/jwt
  • https://app.datarails.com/accounts/login/?next=/doc360/jwt
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364b176b068a84863886d096d783e3d28eff17cf477a4500a8a95e39e7da4162
Security Headers
Name Value
Content-Security-Policy connect-src 'self' notifications.datarails.com ws://notifications.datarails.com 'unsafe-inline'; default-src 'self' *.google.com datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-inline' notifications.datarails.com; img-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; font-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; script-src 'self' *.google.com https://datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 15 Jan 2022 06:22:25 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Cookie, Origin
x-frame-options
DENY
content-security-policy
connect-src 'self' notifications.datarails.com ws://notifications.datarails.com 'unsafe-inline'; default-src 'self' *.google.com datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-inline' notifications.datarails.com; img-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; font-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; script-src 'self' *.google.com https://datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-eval' 'unsafe-inline'
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sdaah9gs5Fsltgr6p%2Fg3IOaeQPvk87Qy0irEIVXmwsyEue1C9caWOzjnjn9c68GKbale6yOw1v3XYq%2FuDj1W%2FHsMvYlX6YpmCChj1aeIJtpjI910a%2Fs0jWrHTrPRgK0RIYjT0Nw7rjdNS9kSa0et"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cdd026c69c76910-FRA
content-encoding
br

Redirect headers

date
Sat, 15 Jan 2022 06:22:24 GMT
content-type
text/html; charset=utf-8
location
/accounts/login/?next=/doc360/jwt
x-frame-options
DENY
vary
Origin, Cookie
content-security-policy
connect-src 'self' notifications.datarails.com ws://notifications.datarails.com 'unsafe-inline'; font-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; default-src 'self' *.google.com datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-inline' notifications.datarails.com; script-src 'self' *.google.com https://datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H4YvAVKSJlu%2BO4RjOmp%2BsJHN%2FdzzyDQJSDBLjgVT3a%2BMziGXUCdihxhz3PEtbhHF4j9gAjypg%2FAKIYjsxbf%2ByEjgup4oU%2B2RGND7UQpHk7fjKrmaitpKM7hgcX5I8GFC6tcb9KTRg81vQJX%2FR%2Fm"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cdd026a6db26910-FRA
style.css
datarailsprod.blob.core.windows.net/static/hippo-login/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4dcb4b992c0af081d64edab65ed67e5a824edb34e9823817c2606bd78248d2bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Sun, 15 Sep 2019 09:23:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D739BE68DB4F3E
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
66bb8989-201e-00cf-74d8-09c69f000000
x-ms-version
2009-09-19
Content-Length
9078
jquery.min.js
datarailsprod.blob.core.windows.net/static/hippo-login/js/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/js/jquery.min.js
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Tue, 29 May 2018 08:45:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
C27PF+MAN5lNP/7lG1JZFA==
ETag
0x8D5C5408226F1A7
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
f7cffb3d-201e-012e-4fd8-0967bf000000
x-ms-version
2009-09-19
Content-Length
93435
client:platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js?onload=start
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aa9e6d21978185255f68a04ca44d1ea071b2c26efa39f55c2a40f84a3dddf7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-97PbGDlUn4cb/OJfIQMuGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 06:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"b40e83c6d8a30db654d6d732708b1dc7"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-97PbGDlUn4cb/OJfIQMuGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 15 Jan 2022 06:22:25 GMT
logo.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/logo.png
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1cf7e6dbbd9911ff31165036a2147fa5f166396e7179819a21845ee1c967075e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Sun, 21 Aug 2016 15:44:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
RoIYxJS30xiIvRfqWKDIBg==
ETag
0x8D3C9DA0B4E175F
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
66bb8a1c-201e-00cf-78d8-09c69f000000
x-ms-version
2009-09-19
Content-Length
4346
Microsoft.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/Microsoft.png
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6e8192f6b0ced07744acca281cedb95ba4dc6a1ccaa915f0167939ad56f9700b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Mon, 20 Sep 2021 09:34:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wZaUyZiauoR5VVPl6GpVJQ==
ETag
0x8D97C19DA99DAD6
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
66bb8a6c-201e-00cf-42d8-09c69f000000
x-ms-version
2009-09-19
Content-Length
1674
Onelogin.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/Onelogin.png
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0065738f8b46302da5cc3930f0340033e135aca21a371ef836311a83121f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Mon, 20 Sep 2021 09:34:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
CW9y6xlmGqPd9JqSyoc0tg==
ETag
0x8D97C19DA99DAD6
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
f7cffbbd-201e-012e-37d8-0967bf000000
x-ms-version
2009-09-19
Content-Length
2231
Okta.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/Okta.png
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f3dad13774968eee9a9489ea077687dc69a889926744460517d00eb8b0adea00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Mon, 20 Sep 2021 09:34:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7Q2qN0uHkeunWkmfOjtmgA==
ETag
0x8D97C19DA99DAD6
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
66bb8abc-201e-00cf-09d8-09c69f000000
x-ms-version
2009-09-19
Content-Length
1879
Google.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/sso/Google.png
Requested by
Host: app.datarails.com
URL: https://app.datarails.com/accounts/login/?next=/doc360/jwt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a32eb3f53ef74d5a2c9663c5436d5af8f0ae6745cb7f73752d4c07f05e951a98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Mon, 20 Sep 2021 09:34:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
N4E/6bqs3Gbdm2j/vYJ82Q==
ETag
0x8D97C19DA9A01F2
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
f7cffbfa-201e-012e-70d8-0967bf000000
x-ms-version
2009-09-19
Content-Length
2417
email.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/ 		334 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/email.png
Requested by
Host: datarailsprod.blob.core.windows.net
URL: https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4bf5298a9b8155baf37bffbf58b288d3c391c85a1d6713484d74020b01978656

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:25 GMT
Last-Modified
Sun, 18 Mar 2018 11:02:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
rAuQXjiHpwmAwtAgGLl8TA==
ETag
0x8D58CBFBD3F8D08
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
66bb8b0a-201e-00cf-4ad8-09c69f000000
x-ms-version
2009-09-19
Content-Length
334
lock.png
datarailsprod.blob.core.windows.net/static/hippo-login/images/ 		253 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/images/lock.png
Requested by
Host: datarailsprod.blob.core.windows.net
URL: https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a33c9a01553febfa9f6849f036bfda030858812ab5d9c6d9fe7aef4a811195c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:26 GMT
Last-Modified
Sun, 18 Mar 2018 11:02:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QHsdkeTSvQILVCgZcy3M6w==
ETag
0x8D58CBFBD3D913D
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
f7cffc3a-201e-012e-27d8-0967bf000000
x-ms-version
2009-09-19
Content-Length
253
icomoon.ttf
datarailsprod.blob.core.windows.net/static/hippo-login/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datarailsprod.blob.core.windows.net/static/hippo-login/fonts/icomoon.ttf?6migdk
Requested by
Host: datarailsprod.blob.core.windows.net
URL: https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b0b4c3df6102402842bc2679a1c59abb8f05bfbeb40e040a78f5f6839845a045

Request headers

Referer
https://datarailsprod.blob.core.windows.net/static/hippo-login/style.css
Origin
https://app.datarails.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 15 Jan 2022 06:22:26 GMT
Last-Modified
Sun, 21 Aug 2016 15:44:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
pWZcOladp4abP3MSba7lXQ==
ETag
0x8D3C9DA0A5E34C8
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
a3fe1df3-801e-002c-64d8-092310000000
x-ms-version
2009-09-19
Content-Length
1368
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		309 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 09:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107219
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 09:58:59 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		62 B
86 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:55:37 GMT
x-content-type-options
nosniff
age
210409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:55:37 GMT
iframe
accounts.google.com/o/oauth2/ Frame 16A7 		512 B
900 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c06a3e6511c9a9daf2fd0d9a9bbd360831f945ea819d181add41bcbdf627595
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hrtb5gX5OpZ8NlAPPaoNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 15 Jan 2022 06:22:26 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-hrtb5gX5OpZ8NlAPPaoNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
341124057-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 16A7 		113 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/341124057-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afbd87106866a83309ba4615e41aee575d89c2064baad0465b199456ae654994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 21:18:29 GMT
x-content-type-options
nosniff
age
32637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115850
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 03:08:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jan 2023 21:18:29 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 16A7 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp.datarails.com&client_id=528766955858-8j6npcjfctg62ni1pd68rlsq32em0ht5.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/341124057-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 06:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 15 Jan 2022 07:22:26 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery function| start object| matchs string| fieldval undefined| electron object| gapi object| ___jsl undefined| event_str boolean| isIE boolean| isEdge boolean| isFirefox boolean| isOpera boolean| escape_check_browser undefined| forms object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| auth2

5 Cookies

Domain/Path Name / Value
app.datarails.com/.* Name: INGRESSCOOKIE
Value: 1642227745.941.53.446608
app.datarails.com/ Name: csrftoken
Value: KPp7BmmjldjtsWBATS2J3IDe5HJLzAQLqsOLCy21C8wssIaddLNZrd4eJI03Z4Xd
.google.com/ Name: NID
Value: 511=D7jobwAI-rNhYtIWA_khcIUxHK8_Yybi4wGTtAjQem0Qf1tS9caUtzJHVMjXq1ilc6Mcmx-KCZ-VRayCw_AEq5Uta_83rM0NWDl2IQSSHkO-UouF1o0QvR5qyqnl3L0Ic07_imeFm4cby8PpJw-vkzGs5_ev2cWPcjffGHCp-0M
app.datarails.com/ Name: next
Value: doc360/jwt
.app.datarails.com/ Name: G_ENABLED_IDPS
Value: google

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' notifications.datarails.com ws://notifications.datarails.com 'unsafe-inline'; default-src 'self' *.google.com datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-inline' notifications.datarails.com; img-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; font-src 'self' data: static.datarails.com datarailsprod.blob.core.windows.net; script-src 'self' *.google.com https://datarailsprod.blob.core.windows.net static.datarails.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
app.datarails.com
datarailsprod.blob.core.windows.net
ssl.gstatic.com
support.datarails.com
2606:4700:3108::ac42:28a2
2a00:1450:4001:801::200e
2a00:1450:4001:809::200d
2a00:1450:4001:829::2003
52.240.48.36
1cf7e6dbbd9911ff31165036a2147fa5f166396e7179819a21845ee1c967075e
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
364b176b068a84863886d096d783e3d28eff17cf477a4500a8a95e39e7da4162
3aa9e6d21978185255f68a04ca44d1ea071b2c26efa39f55c2a40f84a3dddf7c
4bf5298a9b8155baf37bffbf58b288d3c391c85a1d6713484d74020b01978656
4dcb4b992c0af081d64edab65ed67e5a824edb34e9823817c2606bd78248d2bb
5a33c9a01553febfa9f6849f036bfda030858812ab5d9c6d9fe7aef4a811195c
6e8192f6b0ced07744acca281cedb95ba4dc6a1ccaa915f0167939ad56f9700b
7c06a3e6511c9a9daf2fd0d9a9bbd360831f945ea819d181add41bcbdf627595
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
a0065738f8b46302da5cc3930f0340033e135aca21a371ef836311a83121f1df
a32eb3f53ef74d5a2c9663c5436d5af8f0ae6745cb7f73752d4c07f05e951a98
afbd87106866a83309ba4615e41aee575d89c2064baad0465b199456ae654994
b0b4c3df6102402842bc2679a1c59abb8f05bfbeb40e040a78f5f6839845a045
da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a
f3dad13774968eee9a9489ea077687dc69a889926744460517d00eb8b0adea00
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729