urlscan.io logo urlscan.io
SecurityTrails logo

ms.spr.ly Open in urlscan Pro
40.70.156.155  Public Scan

Go To Rescan Add Verdict Report
URL: http://ms.spr.ly/l/60199ttb7
Submission: On October 13 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 40.70.156.155, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ms.spr.ly. The Cisco Umbrella rank of the primary domain is 700727.
This is the only time ms.spr.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40.70.156.155 8075 (MICROSOFT...)
2 18.66.192.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
6 4
Apex Domain
Subdomains		 Transfer
4 sprinklr.com
sprcdn-assets.sprinklr.com — Cisco Umbrella Rank: 62607
prod2-assets.sprinklr.com — Cisco Umbrella Rank: 386381
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
25 KB
1 spr.ly
ms.spr.ly — Cisco Umbrella Rank: 700727
2 KB
6 3
Domain Requested by
2 prod2-assets.sprinklr.com ms.spr.ly
2 sprcdn-assets.sprinklr.com ms.spr.ly
1 ajax.googleapis.com ms.spr.ly
1 ms.spr.ly
6 4

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.sprinklr.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-07		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ms.spr.ly/l/60199ttb7
Frame ID: 4F7BA451415E90BFAB3FD11DA02549AE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

36 kB
Transfer

80 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 60199ttb7
ms.spr.ly/l/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ms.spr.ly/l/60199ttb7
Protocol
HTTP/1.1
Server
40.70.156.155 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
866af179bbe31e10185f198b8d0deee579ae90362217e195f771dc3a849db1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sprinklr.com; script-src 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com; script-src-elem 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
public, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
1694
Content-Security-Policy
default-src 'self' *.sprinklr.com; script-src 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com; script-src-elem 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com
Content-Type
text/html;charset=UTF-8
Date
Fri, 13 Oct 2023 08:46:16 GMT
Referrer-Policy
same-origin
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
long-message.css
sprcdn-assets.sprinklr.com/redirector/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sprcdn-assets.sprinklr.com/redirector/css/long-message.css
Requested by
Host: ms.spr.ly
URL: http://ms.spr.ly/l/60199ttb7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-127.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab41941965341178a619d78f34e6a486a5c89376e60129d5eb5de7c38a5a1792

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:50:20 GMT
x-amz-version-id
3N8l_R74UTy7IKItBjWIur9.A.HMLdzd
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
last-modified
Fri, 07 Aug 2020 16:50:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
86157
etag
"a416ee73358e580e9a3591e79916e9e6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2028
x-amz-cf-id
vF-1avpnUFTgFTN1ALRhecE51MAzFGJGEtRS6Guq-ll6At4sXeGsWg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: ms.spr.ly
URL: http://ms.spr.ly/l/60199ttb7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 11:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 11:15:23 GMT
60199ttb7.js
prod2-assets.sprinklr.com/spr-hash-prod2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod2-assets.sprinklr.com/spr-hash-prod2/60199ttb7.js
Requested by
Host: ms.spr.ly
URL: http://ms.spr.ly/l/60199ttb7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9bdaae1463d7edc2f753ea2d76699c1b24e80fb85aab8af23b66acc48f65dea6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 08:46:17 GMT
content-encoding
gzip
x-cache
TCP_MISS
content-length
554
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 13 Oct 2023 06:00:00 GMT
etag
"0x8DBCBB1A2E2E5DC"
x-azure-ref
20231013T084616Z-6mnp2pfmvd3y9cmubcn9c2v9b000000003ag00000001z105
content-type
text/html
access-control-allow-origin
*
x-ms-request-id
721051d9-e01e-0073-60b1-fdb847000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
accept-ranges
bytes
long-message.js
sprcdn-assets.sprinklr.com/redirector/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sprcdn-assets.sprinklr.com/redirector/js/long-message.js
Requested by
Host: ms.spr.ly
URL: http://ms.spr.ly/l/60199ttb7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-127.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e643c9898e4dee89e2a43906d2005d9f1af30a72f5fd463bc492134e25b6135a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:55:43 GMT
x-amz-version-id
0HcdmcQSBpM9CIPpeuFAec7G.GONoJlM
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
last-modified
Fri, 07 Aug 2020 16:50:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
67834
etag
"43018251f47c5098d23279cb3bf9b59d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
3025
x-amz-cf-id
ZGX3Ch0US4WWIBJJuCMQ0vXZ8XGGZFTvxz8ManQdywnzJxsdGEq2lw==
A26F9FBDC8CEF42B53E9E090EF5272EE
prod2-assets.sprinklr.com/spr-uploads-prod2/50197/ACCOUNT/IMAGE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod2-assets.sprinklr.com/spr-uploads-prod2/50197/ACCOUNT/IMAGE/A26F9FBDC8CEF42B53E9E090EF5272EE
Requested by
Host: ms.spr.ly
URL: http://ms.spr.ly/l/60199ttb7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7342d826a219fd1042bb0798a34e44ba9f0eb5484486ed587a9e9f1a046ecabb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 08:46:17 GMT
last-modified
Thu, 22 Jun 2023 04:24:21 GMT
etag
"0x8DB72D88D54DAE1"
x-azure-ref
20231013T084617Z-6mnp2pfmvd3y9cmubcn9c2v9b000000003ag00000001z132
x-cache
TCP_MISS
content-type
image
access-control-allow-origin
*
x-ms-request-id
66e75333-f01e-0028-7eb1-fdbf3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
1731
x-ms-lease-state
available

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| lprops

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js(Line 32)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self' *.sprinklr.com". Either the 'unsafe-inline' keyword, a hash ('sha256-33YGiROm4Pzv0xXIPo82M0Dt2zrdnP4IgbJq1WeAtf8='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js(Line 34)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src-elem 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com". Either the 'unsafe-inline' keyword, a hash ('sha256-7trjwlQ5vzpJni9NA1st/UR3EtEIaiwwjAcdEXgmPPw='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.sprinklr.com; script-src 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com; script-src-elem 'self' *.sprinklr.com *.googleapis.com *.amazonaws.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN