aap.hum.works Open in urlscan Pro
3.135.34.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aap.hum.works/
Effective URL:
https://aap.hum.works/login
Submission: On April 24 via manual (April 24th 2023, 12:22:46 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 3.135.34.65, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is aap.hum.works. The Cisco Umbrella rank of the primary domain is 392773.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 10th 2023. Valid for: 5 months.

This is the only time aap.hum.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	3.135.34.65 3.135.34.65	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1 2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:828::2011	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
15	5

10 3.135.34.65 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-34-65.us-east-2.compute.amazonaws.com

aap.hum.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hum.works 2 redirects aap.hum.works — Cisco Umbrella Rank: 392773	337 KB
4	google.com accounts.google.com — Cisco Umbrella Rank: 92	117 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8088	18 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 2097
15	5

	Domain	Requested by
10	aap.hum.works	2 redirects aap.hum.works
4	accounts.google.com	aap.hum.works accounts.google.com
2	cdn.mouseflow.com	1 redirects aap.hum.works
1	fonts.gstatic.com
1	csp.withgoogle.com	aap.hum.works
15	5

This site contains no links.

Subject Issuer	Validity	Valid
*.hum.works Amazon RSA 2048 M01	`2023-02-10` - `2023-07-20`	5 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://aap.hum.works/login
Frame ID: 9FBD97A72944B8E577C0DCFE280E1D14
Requests: 12 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=filled_black&text=signin_with&logo_alignment=left&client_id=16829160427-hc741e0fet1h9hgdpo79pahq87ipkt89.apps.googleusercontent.com&iframe_id=gsi_962213_686569&as=STzW0duZtPwcYJpEooaObQ
Frame ID: 13F2985506322A2AB3BF9EEC5EE43561
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hum - Harness the power of your data

Page URL History Show full URLs

http://aap.hum.works/ HTTP 301
https://aap.hum.works/ HTTP 307
https://aap.hum.works/login Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Page Statistics

15
Requests

93 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

499 kB
Transfer

749 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aap.hum.works/ HTTP 301
https://aap.hum.works/ HTTP 307
https://aap.hum.works/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js HTTP 301
https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
aap.hum.works/
Redirect Chain

http://aap.hum.works/
https://aap.hum.works/
https://aap.hum.works/login

4 KB
4 KB

102ms
102ms

Document
text/html

3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ca3ea5a69915c3e258c042fb07bb4656ac1537b4c2f75db15b759110b88eebb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 12:22:41 GMT

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 12:22:41 GMT
location: /login

GET
H2 200 login.js Show response
aap.hum.works/static/scripts/ 167 KB
167 KB 104ms
103ms Script
text/javascript 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/scripts/login.js?adb3dc2695d7f0a317d4
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 760aae6ba55043b5ae7e1da2deb9154f7e5e55cd803218c5a3f70858689a5712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:28 GMT
accept-ranges: bytes
content-length: 170735
content-type: text/javascript; charset=utf-8

GET
H2 200 login.css
aap.hum.works/static/styles/ 10 KB
10 KB 309ms
308ms Stylesheet
text/css 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/styles/login.css
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 4d9d864e10800c39c1fbc74f4e81f1cbf142a3433feebcd2c456b29eb90f38be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 9799
content-type: text/css; charset=utf-8

GET
H2 200 poppins-regular.woff2
aap.hum.works/static/fonts/poppins/ 9 KB
9 KB 309ms
307ms Font
font/woff2 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/fonts/poppins/poppins-regular.woff2
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 732e43229ce9eaac74f92f3af70256997660699de1a04cdd9f1e72a40874a146

Request headers

Referer: https://aap.hum.works/login
Origin: https://aap.hum.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 9576
content-type: font/woff2

GET
H2 200 poppins-bold.woff2
aap.hum.works/static/fonts/poppins/ 9 KB
9 KB 308ms
307ms Font
font/woff2 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/fonts/poppins/poppins-bold.woff2
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 973e2c605e457287bd45ee4ec436fe4824c4c4419b942489a63569c443266199

Request headers

Referer: https://aap.hum.works/login
Origin: https://aap.hum.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 9480
content-type: font/woff2

GET
H2 200 avenir-book.woff2
aap.hum.works/static/fonts/avenir/ 9 KB
10 KB 309ms
308ms Font
font/woff2 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/fonts/avenir/avenir-book.woff2
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ed39010ec998eca4afc5fcad1db4441d2a7518869ae36eb69cd4711c75b0fccd

Request headers

Referer: https://aap.hum.works/login
Origin: https://aap.hum.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 9668
content-type: font/woff2

GET
H2 200 avenir-black.woff2
aap.hum.works/static/fonts/avenir/ 10 KB
10 KB 309ms
308ms Font
font/woff2 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/fonts/avenir/avenir-black.woff2
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 0ae8418e5dd45661aecc2d8fc7a3378104d548ceed930fd154f80e11fa24f01e

Request headers

Referer: https://aap.hum.works/login
Origin: https://aap.hum.works
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 9856
content-type: font/woff2

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 78ms
47ms Script
application/javascript 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: aap.hum.works
URL: https://aap.hum.works/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

439dfc8ab4893fe6c1c79f3755ebd3232543abd56f8d15399e94b1d17395e273

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vPxkLbJ_eZQKkQq5hHbbVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vPxkLbJ_eZQKkQq5hHbbVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 24 Apr 2023 12:22:41 GMT

GET
H2

200

8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js
https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js

61 KB
18 KB

12ms
12ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: b03f4602502c0a56ed98b3cf9e674a44277548e1ca714a5feffcc5b78b89c90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:42 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:09:01 GMT
server
etag: "4b7443ee8f6cd91:0"
x-hw: 1682338962.cds287.fr8.hn,1682338962.cds009.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes

Redirect headers

date: Mon, 24 Apr 2023 12:22:42 GMT
x-hw: 1682338962.cds287.fr8.hn,1682338962.cds271.fr8.c
location: https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/8586c76a-610d-4afc-ad68-ae2a06c1b704.js
content-length: 0

GET
H2 200 sprite.svg
aap.hum.works/static/ 117 KB
117 KB 103ms
103ms Other
image/svg+xml 3.135.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aap.hum.works/static/sprite.svg?1681876634
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.34.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-34-65.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: be9f98fd9d81aea938131b16c374dae339994a33a104563f44a1925fd97c5dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:42 GMT
last-modified: Wed, 19 Apr 2023 03:58:27 GMT
accept-ranges: bytes
content-length: 119562
content-type: image/svg+xml

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 71ms
70ms Stylesheet
text/css 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-CBtthutiAZdSHkKXfapMlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-CBtthutiAZdSHkKXfapMlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 24 Apr 2023 12:22:42 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
525 B 35ms
35ms XHR
application/json 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=16829160427-hc741e0fet1h9hgdpo79pahq87ipkt89.apps.googleusercontent.com&as=STzW0duZtPwcYJpEooaObQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

397603ad1ba702b542a03712856e4991781498115c7ece8d4c238e1a05bb3db3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V91Nt8LlCYW32HZhIbEM5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aap.hum.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:22:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V91Nt8LlCYW32HZhIbEM5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aap.hum.works
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 button Show response
accounts.google.com/gsi/ Frame 13F2 107 KB
38 KB 115ms
115ms Document
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=filled_black&text=signin_with&logo_alignment=left&client_id=16829160427-hc741e0fet1h9hgdpo79pahq87ipkt89.apps.googleusercontent.com&iframe_id=gsi_962213_686569&as=STzW0duZtPwcYJpEooaObQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e17fd6d88e5f4002ddc40e4006bee9c31b99d279bc2c21125cc5e05749bc2049

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-3-grU6_tEUh4_WWTZnrzww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aap.hum.works/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-3-grU6_tEUh4_WWTZnrzww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 12:22:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 13F2 0
0 52ms
28ms Other
text/html 2a00:1450:4001:828::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: aap.hum.works
URL: https://aap.hum.works/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accounts.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 13F2 51 KB
27 KB 33ms
9ms Font
font/ttf 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:28:45 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aap.hum.works
accounts.google.com
cdn.mouseflow.com
csp.withgoogle.com
fonts.gstatic.com
151.139.128.10
2a00:1450:4001:801::2003
2a00:1450:4001:827::200d
2a00:1450:4001:828::2011
3.135.34.65
0ae8418e5dd45661aecc2d8fc7a3378104d548ceed930fd154f80e11fa24f01e
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
397603ad1ba702b542a03712856e4991781498115c7ece8d4c238e1a05bb3db3
439dfc8ab4893fe6c1c79f3755ebd3232543abd56f8d15399e94b1d17395e273
4d9d864e10800c39c1fbc74f4e81f1cbf142a3433feebcd2c456b29eb90f38be
732e43229ce9eaac74f92f3af70256997660699de1a04cdd9f1e72a40874a146
760aae6ba55043b5ae7e1da2deb9154f7e5e55cd803218c5a3f70858689a5712
973e2c605e457287bd45ee4ec436fe4824c4c4419b942489a63569c443266199
b03f4602502c0a56ed98b3cf9e674a44277548e1ca714a5feffcc5b78b89c90f
be9f98fd9d81aea938131b16c374dae339994a33a104563f44a1925fd97c5dfb
ca3ea5a69915c3e258c042fb07bb4656ac1537b4c2f75db15b759110b88eebb5
e17fd6d88e5f4002ddc40e4006bee9c31b99d279bc2c21125cc5e05749bc2049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ed39010ec998eca4afc5fcad1db4441d2a7518869ae36eb69cd4711c75b0fccd

aap.hum.works Open in urlscan Pro 3.135.34.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

499 kBTransfer

749 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

aap.hum.works Open in urlscan Pro
3.135.34.65 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

499 kB
Transfer

749 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions