urlscan.io logo urlscan.io
SecurityTrails logo

oup.hum.works Open in urlscan Pro
3.135.157.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oup.hum.works/
Effective URL: https://oup.hum.works/login
Submission: On October 19 via manual from PL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 3.135.157.78, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is oup.hum.works. The Cisco Umbrella rank of the primary domain is 60848.
TLS certificate: Issued by Amazon on June 21st 2022. Valid for: a year.
This is the only time oup.hum.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 3.135.157.78 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 151.139.128.11 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 5
10    3.135.157.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-157-78.us-east-2.compute.amazonaws.com
oup.hum.works
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn.mouseflow.com
3    2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
10 hum.works
oup.hum.works — Cisco Umbrella Rank: 60848
311 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 112
accounts.google.com — Cisco Umbrella Rank: 83
113 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7140
17 KB
1 gstatic.com
www.gstatic.com
35 KB
16 4
Domain Requested by
10 oup.hum.works 2 redirects oup.hum.works
3 accounts.google.com apis.google.com
oup.hum.works
www.gstatic.com
3 apis.google.com oup.hum.works
apis.google.com
2 cdn.mouseflow.com 1 redirects oup.hum.works
1 www.gstatic.com accounts.google.com
16 5

This site contains no links.

Subject Issuer Validity Valid
*.hum.works
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oup.hum.works/login
Frame ID: B9CDDB7CE55B71750A2D660042E1EABA
Requests: 12 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: A3BA4A170E8E2260F18A9866557BEB52
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hum - Digital Thought Leadership for Associations

Page URL History Show full URLs

  1. http://oup.hum.works/ HTTP 301
    https://oup.hum.works/ HTTP 307
    https://oup.hum.works/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

16
Requests

94 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

476 kB
Transfer

794 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oup.hum.works/ HTTP 301
    https://oup.hum.works/ HTTP 307
    https://oup.hum.works/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js HTTP 301
  • https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
oup.hum.works/
Redirect Chain
  • http://oup.hum.works/
  • https://oup.hum.works/
  • https://oup.hum.works/login
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
5989ce0bfcb70f337a28fdfffe6a2db6101d50dfa363ba1ee8a805d3406cafa8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Wed, 19 Oct 2022 10:36:46 GMT

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 19 Oct 2022 10:36:46 GMT
location
/login
login.js
oup.hum.works/static/scripts/ 		150 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/scripts/login.js?6794c594f88c6d675396
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
893d81011ef91cb53da9a3ccdf166b50806d0e0a4cd15ff0f3d861bb00da9076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
153619
content-type
text/javascript; charset=utf-8
login.css
oup.hum.works/static/styles/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/styles/login.css
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9599695b780dd27ec7cb2a2686e01138340c51a854e590f2305026ea3662a91d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
9698
content-type
text/css; charset=utf-8
poppins-regular.woff2
oup.hum.works/static/fonts/poppins/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/fonts/poppins/poppins-regular.woff2
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
732e43229ce9eaac74f92f3af70256997660699de1a04cdd9f1e72a40874a146

Request headers

Referer
https://oup.hum.works/login
Origin
https://oup.hum.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
9576
content-type
font/woff2
poppins-bold.woff2
oup.hum.works/static/fonts/poppins/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/fonts/poppins/poppins-bold.woff2
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
973e2c605e457287bd45ee4ec436fe4824c4c4419b942489a63569c443266199

Request headers

Referer
https://oup.hum.works/login
Origin
https://oup.hum.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
9480
content-type
font/woff2
avenir-book.woff2
oup.hum.works/static/fonts/avenir/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/fonts/avenir/avenir-book.woff2
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ed39010ec998eca4afc5fcad1db4441d2a7518869ae36eb69cd4711c75b0fccd

Request headers

Referer
https://oup.hum.works/login
Origin
https://oup.hum.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
9668
content-type
font/woff2
avenir-black.woff2
oup.hum.works/static/fonts/avenir/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/fonts/avenir/avenir-black.woff2
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0ae8418e5dd45661aecc2d8fc7a3378104d548ceed930fd154f80e11fa24f01e

Request headers

Referer
https://oup.hum.works/login
Origin
https://oup.hum.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
9856
content-type
font/woff2
api:client.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a242fb3a4122f8d6ea77665913c22a6ac68069ec4d7767399075ae83d7c7207c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 10:36:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"eece51e2b1dd7e5b"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 10:36:47 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		309 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 04:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107095
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Oct 2023 04:33:00 GMT
8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js
  • https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
abb6d652849fc4920148af8247b2c586676d6c5967479c6c65da0222b5787a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 14:16:49 GMT
server
etag
"6fb5ec4445ded81:0"
x-hw
1666175808.cds263.lo4.hn,1666175808.cds322.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17365

Redirect headers

date
Wed, 19 Oct 2022 10:36:47 GMT
x-hw
1666175807.cds263.lo4.hn,1666175807.cds315.lo4.c
location
https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js
content-length
0
sprite.svg
oup.hum.works/static/ 		108 KB
108 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oup.hum.works/static/sprite.svg?1665953858
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.157.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-157-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
21a7d63472832a9bf98f8aeebc9ec7aa6ff67a5ae27a5ed86626bf8bdad2e49d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:47 GMT
last-modified
Sun, 16 Oct 2022 20:58:36 GMT
accept-ranges
bytes
content-length
110377
content-type
image/svg+xml
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		62 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oup.hum.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 00:14:26 GMT
x-content-type-options
nosniff
age
37341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 00:14:26 GMT
iframe
accounts.google.com/o/oauth2/ Frame A3BA 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac730c3e5543c6221b6d0fd302d922e0b4cd30f5bec5dba3e3f3f022de4fbdb8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-H-iYPUFYx1NFnQcinXj9AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oup.hum.works/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-H-iYPUFYx1NFnQcinXj9AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 10:36:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame A3BA 		2 KB
847 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: oup.hum.works
URL: https://oup.hum.works/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a910564197af12f9bed7662c82a0f7a4ca26af47341b8739370875e53df0bae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 10:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/ Frame A3BA 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fedd4922ba44ec7c3dce64469364fc59cb7290d054861f60e02101a293d5092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 04:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34880
x-xss-protection
0
last-modified
Sat, 08 Oct 2022 03:40:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 04:08:59 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame A3BA 		49 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Foup.hum.works&client_id=16829160427-hc741e0fet1h9hgdpo79pahq87ipkt89.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EHBSX3iAkrKShhMCWyv5dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:36:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-EHBSX3iAkrKShhMCWyv5dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 19 Oct 2022 10:36:48 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| gapi object| ___jsl object| _mfq object| dashConfig boolean| isUnderMaintenance object| MicroModal object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| mouseflowHeatmap object| mouseflow

2 Cookies

Domain/Path Name / Value
.oup.hum.works/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=MsKtf5ciug6Tw6z0OKRAPUV0bYJ9lLvADyFTjtxEmgSRDEwW3x6ULz4MFPQHwl6BXkBGHhgBtrNo9y1VzdSPUAeOrhvaebWJRVdwg3NjsSgs6VR2jrShrKrzWgEpGLMvi3HN-WW9Wa3Vnh-d8zpBvO_8we1zKMIcgsGLYvb8IaA

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()