URL: https://poc.indonesia.alerta.mapbiomas.org/
Submission: On October 19 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 35.211.96.1, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is poc.indonesia.alerta.mapbiomas.org.
TLS certificate: Issued by R3 on October 19th 2023. Valid for: 3 months.
This is the only time poc.indonesia.alerta.mapbiomas.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 35.211.96.1 15169 (GOOGLE)
2 142.250.184.206 15169 (GOOGLE)
3 142.250.185.205 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
14 4
Apex Domain
Subdomains
Transfer
8 mapbiomas.org
poc.indonesia.alerta.mapbiomas.org
alertas-workspace.mapbiomas.org
1 MB
5 google.com
apis.google.com — Cisco Umbrella Rank: 125
accounts.google.com — Cisco Umbrella Rank: 32
65 KB
1 gstatic.com
www.gstatic.com
36 KB
14 3
Domain Requested by
7 poc.indonesia.alerta.mapbiomas.org poc.indonesia.alerta.mapbiomas.org
3 accounts.google.com apis.google.com
poc.indonesia.alerta.mapbiomas.org
www.gstatic.com
2 apis.google.com poc.indonesia.alerta.mapbiomas.org
apis.google.com
1 www.gstatic.com accounts.google.com
1 alertas-workspace.mapbiomas.org poc.indonesia.alerta.mapbiomas.org
14 5

This site contains no links.

Subject Issuer Validity Valid
poc.indonesia.alerta.mapbiomas.org
R3
2023-10-19 -
2024-01-17
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
alertas-workspace.mapbiomas.org
R3
2023-09-30 -
2023-12-29
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://poc.indonesia.alerta.mapbiomas.org/
Frame ID: AC022251775A3DB2CA4B0CD4A3DD8BED
Requests: 10 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: F054F483E94F6F437AD66A77EA9C9F2A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Alerts Workspace

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

1254 kB
Transfer

4612 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
poc.indonesia.alerta.mapbiomas.org/
3 KB
1 KB
Document
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy nginx /
Resource Hash
232161caf13f1faf12c271b9863f56b3bf1acddc91c3a957b66c42c3961acbf6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Thu, 19 Oct 2023 13:24:18 GMT
etag
W/"652fe810-da1"
last-modified
Wed, 18 Oct 2023 14:13:36 GMT
server
Caddy nginx
platform.js
apis.google.com/js/
56 KB
22 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
58ce837eacdf9d9f4038f4ecdbebc41c418b346ceffd66d2faa9a97b72aac854
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poc.indonesia.alerta.mapbiomas.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 13:24:19 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21930
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d5ad85e4d3af90e1"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:24:19 GMT
styles.04facf516975860f4299.css
poc.indonesia.alerta.mapbiomas.org/
482 KB
76 KB
Stylesheet
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/styles.04facf516975860f4299.css
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
8179ebbbc91633c2ed3acc3f94c5b8f81c53dfdb029f5d95c5cea4752a25ffb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poc.indonesia.alerta.mapbiomas.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:19 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:12:47 GMT
server
Caddy, nginx
etag
W/"652fe7df-789e2"
content-type
text/css
cache-control
public, max-age=2678400
alt-svc
h3=":443"; ma=2592000
runtime-es2015.4e474f23959ff631dea3.js
poc.indonesia.alerta.mapbiomas.org/
2 KB
1 KB
Script
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/runtime-es2015.4e474f23959ff631dea3.js
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
ddc2d4b15fc7cf0a928e78e683e4af822643dd87f09ea5963028d7c0b38c12b0

Request headers

Referer
https://poc.indonesia.alerta.mapbiomas.org/
Origin
https://poc.indonesia.alerta.mapbiomas.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:19 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:12:48 GMT
server
Caddy, nginx
etag
W/"652fe7e0-906"
content-type
application/javascript
cache-control
public, max-age=2678400
alt-svc
h3=":443"; ma=2592000
polyfills-es2015.a94e3dd2f14020809731.js
poc.indonesia.alerta.mapbiomas.org/
36 KB
12 KB
Script
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/polyfills-es2015.a94e3dd2f14020809731.js
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
8c7196912ce909835501574554b283e1df3a8cfdec069bb1a9a408d9f6a87ea6

Request headers

Referer
https://poc.indonesia.alerta.mapbiomas.org/
Origin
https://poc.indonesia.alerta.mapbiomas.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:19 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:12:48 GMT
server
Caddy, nginx
etag
W/"652fe7e0-906d"
content-type
application/javascript
cache-control
public, max-age=2678400
alt-svc
h3=":443"; ma=2592000
scripts.f46d297f485c945688b3.js
poc.indonesia.alerta.mapbiomas.org/
2 MB
658 KB
Script
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/scripts.f46d297f485c945688b3.js
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
77efe409359acd715a122182fbfe6b22044e6097f6485cc89c846f8738ff25e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poc.indonesia.alerta.mapbiomas.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:19 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:12:47 GMT
server
Caddy, nginx
etag
W/"652fe7df-238d05"
content-type
application/javascript
cache-control
public, max-age=2678400
alt-svc
h3=":443"; ma=2592000
main-es2015.ea23a11d9c17aaa8d713.js
poc.indonesia.alerta.mapbiomas.org/
1 MB
390 KB
Script
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/main-es2015.ea23a11d9c17aaa8d713.js
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
29375aa93262cc272a31a17ac577ad804ac34e21f12a8a8b373310519986a570

Request headers

Referer
https://poc.indonesia.alerta.mapbiomas.org/
Origin
https://poc.indonesia.alerta.mapbiomas.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:19 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:13:36 GMT
server
Caddy, nginx
etag
W/"652fe810-17ba4e"
content-type
application/javascript
cache-control
public, max-age=2678400
alt-svc
h3=":443"; ma=2592000
user
alertas-workspace.mapbiomas.org/api/auth/
41 B
199 B
XHR
General
Full URL
https://alertas-workspace.mapbiomas.org/api/auth/user
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/polyfills-es2015.a94e3dd2f14020809731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy / Express
Resource Hash
fa4204d4ebc64caef6d55c70d2daa3a3e1c64d2b69609c86ec5b48f792631f8a

Request headers

Accept
application/json, text/plain, */*
Referer
https://poc.indonesia.alerta.mapbiomas.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:21 GMT
server
Caddy
etag
W/"29-O6gP33ALmcYdbLhsI8ncjapAJ44"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
41
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/
118 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
b1b691042e5004430e4e2f28fa0c18c2d50ec524bfef6dd04102471effa09436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poc.indonesia.alerta.mapbiomas.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40609
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 18:41:06 GMT
logo-mapbiomas-alertas.png
poc.indonesia.alerta.mapbiomas.org/assets/img/
14 KB
14 KB
Image
General
Full URL
https://poc.indonesia.alerta.mapbiomas.org/assets/img/logo-mapbiomas-alertas.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.96.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.96.211.35.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
1f71561fd7d196599d4a12b54eb82dfbd22e15ece8366f381b5d1d6279137d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poc.indonesia.alerta.mapbiomas.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:21 GMT
last-modified
Wed, 18 Oct 2023 14:13:36 GMT
server
Caddy, nginx
etag
"652fe810-36ed"
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
14061
iframe
accounts.google.com/o/oauth2/ Frame F054
287 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
ESF /
Resource Hash
383ee6278339af6a850091b6cd34d64bb13e4e2c28459cc25996319fb5222658
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-gFw0CJpR65ZHcjbJ2phpPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://poc.indonesia.alerta.mapbiomas.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-gFw0CJpR65ZHcjbJ2phpPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 13:24:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GGnn-y2UjSg.es5.O/am=gAE/d=1/rs=AOaEmlEeHvFuQiB5dktbuBnd5Tyq1q-Fqw/ Frame F054
104 KB
36 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GGnn-y2UjSg.es5.O/am=gAE/d=1/rs=AOaEmlEeHvFuQiB5dktbuBnd5Tyq1q-Fqw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
1e0e38c2ff95f37147e34d29bb6bab81ad7c3a9fe14e2dc85a103b35d2218565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 05:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36434
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 18:43:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 05:23:21 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame F054
2 KB
916 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: poc.indonesia.alerta.mapbiomas.org
URL: https://poc.indonesia.alerta.mapbiomas.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
GSE /
Resource Hash
b30ac02fa3a9f37804c7729a318211f8094a30b39105d3ffe507871666e67953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 13:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame F054
50 B
374 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fpoc.indonesia.alerta.mapbiomas.org&client_id=795199018892-9451jlrojdfvf37n33jksbj9v51f5f74.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GGnn-y2UjSg.es5.O/am=gAE/d=1/rs=AOaEmlEeHvFuQiB5dktbuBnd5Tyq1q-Fqw/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vN4gB8Bz80zHZmYtPmR5mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:24:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-vN4gB8Bz80zHZmYtPmR5mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 19 Oct 2023 14:24:24 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| gapi object| ___jsl object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| $ function| jQuery object| bootstrap object| __zone_symbol__loadfalse function| moment function| _ object| moment-range object| bootbox object| L object| turf object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest object| ee object| module$contents$ee$batch_Export object| EXPORTED_FN_INFO object| Pace function| PerfectScrollbar object| __core-js_shared__ object| core function| SimpleBar function| daterangepicker object| echarts function| Sugar function| Hammer object| __zone_symbol__testPassiveEventSupportfalse object| __zone_symbol__ON_PROPERTYtestPassiveEventSupport object| __zone_symbol__blurfalse object| __zone_symbol__focusfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| osapi object| __zone_symbol__messagefalse object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=OGPv9h2Wg7G-HnWOgtFXTp1IzJGERWlAcLnoBrhmth9IN10dwo3pprsExFT1IB2k3uXG_VMIpEK8PTu_-WN3rDYUByCRX3upQllST4waCntCxkfdMtWUkYdU2hvKJnj1e0wuztoRUOoRARHasOF0IioRnn2TwJehUwd0qQqEnD0
.poc.indonesia.alerta.mapbiomas.org/ Name: G_ENABLED_IDPS
Value: google

4 Console Messages

Source Level URL
Text
network error URL: https://alertas-workspace.mapbiomas.org/api/auth/user
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs(Line 184)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()