URL: http://www.edms.mdu25.site/
Submission: On January 01 via api from US — Scanned from US

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 43.241.58.34, located in Thailand and belongs to DRAGONHISPEED-AS-AP dragonhispeed, TH. The main domain is www.edms.mdu25.site.
This is the only time www.edms.mdu25.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 43.241.58.34 63940 (DRAGONHIS...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
17 4
Apex Domain
Subdomains
Transfer
11 mdu25.site
www.edms.mdu25.site
253 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 163
accounts.google.com — Cisco Umbrella Rank: 113
60 KB
1 gstatic.com
www.gstatic.com
35 KB
17 3
Domain Requested by
11 www.edms.mdu25.site www.edms.mdu25.site
3 accounts.google.com apis.google.com
www.edms.mdu25.site
www.gstatic.com
2 apis.google.com www.edms.mdu25.site
apis.google.com
1 www.gstatic.com accounts.google.com
17 4

This site contains links to these domains. Also see Links.

Domain
access.line.me
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.edms.mdu25.site/
Frame ID: F1B9BF7EF55F14EFC2A7992A67812C73
Requests: 13 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: A6FB740831AF23B0B89D78C7E8AE0BC0
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

ระบบการจัดการเอกสาร นพค.25 สนภ.2 นทพ. - เข้าระบบด้วยบัญชีสมาชิกที่มีอยู่แล้ว

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

17
Requests

35 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

347 kB
Transfer

766 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.edms.mdu25.site/
4 KB
2 KB
Document
General
Full URL
http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
d05998341e1a780eec59664c9a8b60163b89c1015a8e7d3d271b8a416ad3d6d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1669
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Jan 2023 09:42:44 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding,User-Agent
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
index
www.edms.mdu25.site/index.php/css/view/
135 KB
32 KB
Stylesheet
General
Full URL
http://www.edms.mdu25.site/index.php/css/view/index?20220704
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
837c8c79d4765569e68b3bfaea27df66ecbaa039abf56bfaee83c01aa8857957
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:44 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding,User-Agent
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31557600
Connection
keep-alive
Content-Length
32300
X-XSS-Protection
1; mode=block
th
www.edms.mdu25.site/index.php/js/view/index/
194 KB
49 KB
Script
General
Full URL
http://www.edms.mdu25.site/index.php/js/view/index/th?20220704
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
303796bac0791e6689ecfd6400640a0b5bbf884252a7f010888c743272cf602f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:44 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding,User-Agent
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31557600
Connection
keep-alive
Content-Length
49422
X-XSS-Protection
1; mode=block
logo.png
www.edms.mdu25.site/datas/images/
8 KB
9 KB
Image
General
Full URL
http://www.edms.mdu25.site/datas/images/logo.png
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
d83ae70a7b29e6199d005a899f708cd6e3e7bfbc91e842f62e5afad2b56800be

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Mon, 01 Aug 2022 13:54:11 GMT
Server
nginx
ETag
"62e7db03-2184"
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8580
platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js?onload=googleSigninLoad
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/index.php/js/view/index/th?20220704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8972916de0c6c3574ad90237a188cfca40d9bf100904937b4c057b442f466bf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 01 Jan 2023 09:42:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20937
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"33f6dee489833071"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jan 2023 09:42:49 GMT
/
www.edms.mdu25.site/
4 KB
4 KB
Image
General
Full URL
http://www.edms.mdu25.site/
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Jan 2023 09:42:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding,User-Agent
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1671
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
en.gif
www.edms.mdu25.site/language/
382 B
742 B
Image
General
Full URL
http://www.edms.mdu25.site/language/en.gif
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
af0b0413707a12e92c6fa3811643406d8bdca710ecb2fb414651ccfd359a6cd0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:06 GMT
Server
nginx
X-Accel-Version
0.01
ETag
"17e-5e58fa22036d7"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
382
X-XSS-Protection
1; mode=block
th.gif
www.edms.mdu25.site/language/
360 B
720 B
Image
General
Full URL
http://www.edms.mdu25.site/language/th.gif
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
3c99a77aab3aafe1e4f706109c0e6651fd1214744614d2e3a91eb7c0b6ed24cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:07 GMT
Server
nginx
X-Accel-Version
0.01
ETag
"168-5e58fa22ecd37"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
360
X-XSS-Protection
1; mode=block
la.gif
www.edms.mdu25.site/language/
558 B
918 B
Image
General
Full URL
http://www.edms.mdu25.site/language/la.gif
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
5b695681be7c9a47b1aac78e9d2a63330b9d23425d461417ff11d59b0f5203dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:07 GMT
Server
nginx
X-Accel-Version
0.01
ETag
"22e-5e58fa227a147"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
X-XSS-Protection
1; mode=block
icomoon.ttf
www.edms.mdu25.site/skin/fonts/
53 KB
53 KB
Font
General
Full URL
http://www.edms.mdu25.site/skin/fonts/icomoon.ttf
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/index.php/css/view/index?20220704
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
f99b32a60b38e54a1c775379364bf84cca7fe674ef36ca699b6bd07d415a0696

Request headers

Referer
http://www.edms.mdu25.site/index.php/css/view/index?20220704
Origin
http://www.edms.mdu25.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:43 GMT
Server
nginx
ETag
"62ee3b8f-d38c"
Content-Type
application/x-font-ttf
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54156
thsarabunnew-webfont.woff
www.edms.mdu25.site/skin/fonts/
51 KB
51 KB
Font
General
Full URL
http://www.edms.mdu25.site/skin/fonts/thsarabunnew-webfont.woff
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/index.php/css/view/index?20220704
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
a5f4eac957aecb8e896a19d6ba5e748133c99e74d3b620b41e81125d8a1c1fff

Request headers

Referer
http://www.edms.mdu25.site/index.php/css/view/index?20220704
Origin
http://www.edms.mdu25.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:45 GMT
Server
nginx
ETag
"62ee3b91-caf4"
Content-Type
application/x-font-woff
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51956
thsarabunnew_bold-webfont.woff
www.edms.mdu25.site/skin/fonts/
51 KB
51 KB
Font
General
Full URL
http://www.edms.mdu25.site/skin/fonts/thsarabunnew_bold-webfont.woff
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/index.php/css/view/index?20220704
Protocol
HTTP/1.1
Server
43.241.58.34 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
7792dfc28a9bc9559d391e8109a338a7546b04eab9f1896c7ed021b4563bc75c

Request headers

Referer
http://www.edms.mdu25.site/index.php/css/view/index?20220704
Origin
http://www.edms.mdu25.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 01 Jan 2023 09:42:45 GMT
Last-Modified
Sat, 06 Aug 2022 09:59:46 GMT
Server
nginx
ETag
"62ee3b92-ca20"
Content-Type
application/x-font-woff
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51744
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/
109 KB
36 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=googleSigninLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9313576448e5201db2ab8887305bfec55941d7e11b5529576eaeb2b5ddeedf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.edms.mdu25.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36882
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 18:18:50 GMT
iframe
accounts.google.com/o/oauth2/ Frame A6FB
283 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7c17c89f9d2787ea39cd4e042e1d1434408d354b7d4f518cfaf24854ebad959
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t4hN1M2EgQVBC54LNJRwmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.edms.mdu25.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-t4hN1M2EgQVBC54LNJRwmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 09:42:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame A6FB
2 KB
850 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.edms.mdu25.site
URL: http://www.edms.mdu25.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8932514fa6b2a31de6c610aa62c40b833ec65474e5b6f1f74695f546a9239401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 01 Jan 2023 09:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/ Frame A6FB
100 KB
35 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b83f3ce09c6b7766d84ad900122472457954a2cde3d722b2ae3c6a3f66f7b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35134
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 07:40:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 15:52:06 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame A6FB
49 B
98 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Fwww.edms.mdu25.site&client_id=741701108402-mv3qi08soomhhn5j4gl42dd1m3jlnpit.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MKHR9anrFsOG5AYru8tpJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 09:42:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-MKHR9anrFsOG5AYru8tpJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 01 Jan 2023 09:42:50 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| WEB_URL function| initAutoComplete function| initFacebookButton function| initFacebook function| fbLoginSubmit object| auth2 function| initGooleSignin function| googleSigninLoad function| initGoogleButton function| ggLoginSubmit undefined| loader object| modal function| send function| hideModal function| showModal function| defaultSubmit function| doFormSubmit function| initWriteTab function| dataTableActionCallback function| checkUsername function| checkPassword function| checkIdcard function| initMailserver function| replaceURL function| initSystem function| initLinesettings function| selectMenu function| loadJavascript function| initEditInplace function| initCopyToClipboard function| initFirstRowNumberOnly function| initPageWrite function| initEditProfile function| initRegisterFrm undefined| createLikeButton function| initWeb function| barcodeEnabled function| initCalendarRange string| ACCEPT_ALL string| CANCEL string| CHANGE_COLOR string| CHECK string| CHECKBOX string| COOKIES_SETTINGS string| DELETE string| DISABLE string| ENABLE string| INVALID_DATA string| NEXT_MONTH string| PLEASE_BROWSE_FILE string| PLEASE_FILL_IN string| PLEASE_SAVE_BEFORE_CONTINUING string| PLEASE_SELECT string| PLEASE_SELECT_AT_LEAST_ONE_ITEM string| PREV_MONTH string| SELECT_ALL string| SELECT_NONE string| SORRY_XXX_NOT_FOUND string| SUCCESSFULLY_COPIED_TO_CLIPBOARD string| SUCCESSFULLY_UPLOADED_XXX_FILES string| THE_TYPE_OF_FILE_IS_INVALID string| UNCHECK string| YOU_WANT_TO_XXX string| YOU_WANT_TO_XXX_THE_SELECTED_ITEMS function| forEach function| floatval function| toCurrency function| round function| copyToClipboard function| trans function| jsonToParams function| debug function| timeToMinute function| timeToSecond object| GClass function| GNative function| GAjax function| GForm function| GModal function| GFx function| GScroll function| preload object| GEvent object| Cookie function| GLoading function| GValidator function| GDrag function| GDragMove function| GMask function| GInput function| GDropdown function| GCalendar function| GFxZoom function| Color function| GDDColor function| GLightbox function| callClick function| $G function| $E object| $K function| GAutoComplete function| Calendar function| Clock function| GDatalist function| Datalist function| GDDMenu function| GDPanel function| GDragDrop function| EditInPlace function| GGraphs function| GInputGroup function| GLoader function| GMultiSelect function| GRange function| GSelect function| GTable function| PDPA string| google_client_id string| FIRST_MODULE object| gapi object| ___jsl object| osapi

4 Cookies

Domain/Path Name / Value
www.edms.mdu25.site/ Name: PHPSESSID
Value: is14fd8pnqs2mivu5vebniv0ot
www.edms.mdu25.site/ Name: my_lang
Value: th
.www.edms.mdu25.site/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=sy4Jp-ak7ih3FQdVux-Y72Uet_pssOZ-fPtXn6HgnqRU2E9s-i7sx280DO3LH5CGHp9oR4xQ2gv5UiKJVulTJ1-ROY_yKGOX8A0gMxDeaASAGAP_DSW4Oh36zKS1PTrGKgbu1x0YgKMm1DfcoCtCr07miRxJ4VtZryurxWY2xBg

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block