accounts.google.auzen.us.kg Open in urlscan Pro
172.67.152.191 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accounts.google.auzen.us.kg/
Effective URL:
https://accounts.google.auzen.us.kg/
Submission: On November 25 via automatic, source openphish (November 25th 2024, 1:11:10 am UTC) — Scanned from US

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 28 HTTP transactions. The main IP is 172.67.152.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.google.auzen.us.kg.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.

This is the only time accounts.google.auzen.us.kg was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
10	172.67.152.191 172.67.152.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
1	142.250.65.163 142.250.65.163	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
28	6

10 172.67.152.191 (United States)

ASN13335 (CLOUDFLARENET, US)

accounts.google.auzen.us.kg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

accounts.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	gstatic.com www.gstatic.com fonts.gstatic.com	516 KB
10	us.kg accounts.google.auzen.us.kg	162 KB
2	google.com play.google.com — Cisco Umbrella Rank: 19 Failed
1	youtube.com accounts.youtube.com — Cisco Umbrella Rank: 306
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
28	5

	Domain	Requested by
11	www.gstatic.com	accounts.google.auzen.us.kg www.gstatic.com
10	accounts.google.auzen.us.kg	accounts.google.auzen.us.kg www.gstatic.com
2	play.google.com	www.gstatic.com
1	accounts.youtube.com	www.gstatic.com
1	fonts.gstatic.com	accounts.google.auzen.us.kg
0	static.cloudflareinsights.com Failed	accounts.google.auzen.us.kg
28	6

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
auzen.us.kg WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://accounts.google.auzen.us.kg/
Frame ID: 06E4AF423A8C8ED0C54466F28F9F0B71
Requests: 21 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.auzen.us.kg&v=-164629396&timestamp=1732497066278
Frame ID: 3FA5266001E73C304CBF5A496CD21F44
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.auzen.us.kg/_/bscframe
Frame ID: 47007EA27844F14D0A41F60FE3C1DE82
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.auzen.us.kg/_/bscframe
Frame ID: 29167470E2EAEC8BBDB1007294D8C428
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.auzen.us.kg/_/bscframe
Frame ID: 85EE81CFD08B6132212BF4FC0CC39E06
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.auzen.us.kg/_/bscframe
Frame ID: F875619C861DA4ACF089C1A42B5474EB
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.auzen.us.kg/_/bscframe
Frame ID: 487FE2651F5BD2703922B5CB3BBB7F74
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - Google Accounts

Page URL History Show full URLs

http://accounts.google.auzen.us.kg/ HTTP 307
https://accounts.google.auzen.us.kg/ Page URL

Page Statistics

28
Requests

89 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

679 kB
Transfer

2641 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/accounts?p=signin_privatebrowsing&hl=en-US
Title: Learn more about using Guest mode

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=en-US&p=account_iph
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accounts.google.auzen.us.kg/ HTTP 307
https://accounts.google.auzen.us.kg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
accounts.google.auzen.us.kg/
Redirect Chain

http://accounts.google.auzen.us.kg/
https://accounts.google.auzen.us.kg/

1013 KB
154 KB

1354ms
935ms

Document
text/html

172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6dcfb2e22f5ec0f4711a17ff047e010a193b0b1295595d5bc64d789f47bffe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc3385d5708f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
reporting-endpoints: default="/v3/signin/_/AccountsSignInUi/web-reports?context=eJwNwz1IAmEcB2B74R8hDhEOYkMlCNJQnhjh0GAQDQ1R0VZp4pUHcdp5Bq2BQXZ9QUYcBUFD4Roh2QcGBS3Z3XtCtDRFKtFQUGP0e-Cxa6zb7rYN-9y2G0-Jhaff2BBOFd5ZFG9nauwe5UqNKfgZrbMvzGXrbBPPtDor4p6jwXS8KzbYA7p-GsyHg_P7NI7ZlwrlMfb3RApeOA26xoGCQWHs-jDIi4moSQv4nTLpF8fOTZpEoZNTGC_7OZXRWuf0jF6NUx-ubXPawKTOKY0HV5yOsD1kUQeOTFg0ise7Fp3gjrNKeVRcVVrB1ccq5bDN0XJ6uFVqbjXK-muTpzeWXIxIcVFWJXV5TknKqijHZzNqIiOlRWVJVCIBfyAoCEKoxx-MpPz_emSQ7w"
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=71487&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4488&delivery_rate=288&cwnd=12000&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=932&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, accept-encoding
x-auto-login: realm=com.google&args=continue%3Dhttps://accounts.google.com/
x-content-type-options: nosniff
x-frame-options: DENY
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Location: https://accounts.google.auzen.us.kg/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs... 758 KB
234 KB 294ms
139ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEKOVju77kNq_KIx7ImGjAKN_2G_Q/m=_b,_tp

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

575ff49d0d724ac2e028454778fb982440503538a46c3dd126fc2858d91787cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 243456
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 05:33:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 05:33:29 GMT
last-modified: Wed, 20 Nov 2024 01:43:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 239190
x-xss-protection: 0
server: sffe

POST
H3 204 fine-allowlist
accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/cspreport/ 0
2 KB 660ms
658ms Other
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/csp-report
Referer: https://accounts.google.auzen.us.kg/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76197&sent=153&recv=67&lost=0&retrans=0&sent_bytes=165406&recv_bytes=8991&delivery_rate=884269&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=1884&x=1", cfExtPri, cfHdrFlush;dur=0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Mon, 25 Nov 2024 01:11:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
priority: u=4,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
cache-control: no-store
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
referrer-policy: no-referrer
cf-ray: 8e7dc33fe8c308f6-LAX
permissions-policy: interest-cohort=()
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
x-xss-protection: 0
server: cloudflare

GET vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2
fonts.gstatic.com/s/googlesans/v58/ 51 KB
51 KB 289ms
138ms Font
font/woff2 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

sffe /

Resource Hash

b342a0861eda53a8b25cea5573516c6ba50a9f3b32257bf160c8a425a307896d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://accounts.google.auzen.us.kg
Referer: https://accounts.google.auzen.us.kg/

Response headers

age: 278790
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 19:44:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 19:44:35 GMT
last-modified: Tue, 23 May 2023 16:35:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52212
x-xss-protection: 0
server: sffe

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 33 KB
12 KB 139ms
138ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEKOVju77kNq_KIx7ImGjAKN_2G_Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

81181680863de2d95c8c878c25afd7e072c4ba3a10a4bb09cead1b2b3a7b2221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 238347
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 06:58:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 06:58:38 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 12510
x-xss-protection: 0
server: sffe

GET
H3 200 m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,niKKCd,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,oqkvI... Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 694 KB
201 KB 139ms
139ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,niKKCd,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,oqkvIf,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,SpsfSb,aC1iue,tUnxGc,aW3pY,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,xBaz7b,eVCnO,LDQI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

78f2cf9ac93e2f69fe20ac0cebcbf0a35a239163d2ff8d2df585c8b5a9a98497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 178105
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 23:42:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 23:42:40 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 205814
x-xss-protection: 0
server: sffe

GET
H3 200 m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 9 KB
3 KB 148ms
148ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,hc6Ubd,inNHtf,lsjVmc,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,qmdT9,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

f5390743638ac795c6656be835e71decb27dd654b6c683802246f8243fcfed68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 196434
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 18:37:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 18:37:11 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 3204
x-xss-protection: 0
server: sffe

GET
H3 200 m=p3hmRc,LvGhrf,RqjULd Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 21 KB
7 KB 139ms
138ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,pxq3x,qPYxq,qmdT9,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

92110863beffbb09c6313ceff62ee3b56b51e2bb2b04e7ae029eb7ff288e8f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 173442
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 01:00:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:00:24 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 7338
x-xss-protection: 0
server: sffe

GET
H3 200 m=ZwDk9d,RMhBfe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 3 KB
1 KB 140ms
139ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

2e97bf41c7c4c1708292e4fd91e03bc7b74fd0ced3a3dca7c0ae77400d49060c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 248605
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 04:07:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:07:41 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 1413
x-xss-protection: 0
server: sffe

GET
H3 200 m=P6sQOc Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 1 KB
805 B 139ms
138ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

b6e268ad998935c1cacffbc50efe550c2d7d2d4cb85979c6edead5c9d859d130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 218656
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 12:26:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 12:26:50 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 779
x-xss-protection: 0
server: sffe

GET
H3 200 m=sOXFj,q0xTif,ZZ4WUe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 3 KB
2 KB 181ms
181ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

da5859707d9db2a1475231fc10ba7c6ffa4726dcb81215d840b1c03d082892f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 01:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 01:11:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 1583
x-xss-protection: 0
server: sffe

GET
H3 200 m=iAskyc,ziXSP Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 2 KB
867 B 180ms
180ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,q0xTif,qPYxq,qmdT9,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

29bf215462714c08e95464fe2182ae8bf8a0231cebb58a1e3376024a45608f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 01:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 01:11:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 842
x-xss-protection: 0
server: sffe

GET
H2 403 CheckConnection
accounts.youtube.com/accounts/ Frame 3FA5 0
0 472ms
168ms Document
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.auzen.us.kg&v=-164629396&timestamp=1732497066278

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2eeisqmIO_uvBTeFJ7grYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2eeisqmIO_uvBTeFJ7grYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 01:11:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 batchexecute Show response
accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/data/ 141 B
2 KB 380ms
378ms XHR
application/json 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/data/batchexecute?rpcids=UEkKwb&source-path=%2F&f.sid=7670710501101691742&bl=boq_identityfrontendauthuiserver_20241119.04_p0&hl=en-US&_reqid=54667&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59f3894d4d0cda38320088ff9a9fc1b45e138489b9a8f69ac6993330c950ef6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

x-goog-ext-391502476-jspb: ["S-1441974474:1732497064375954"]
Referer: https://accounts.google.auzen.us.kg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75591&sent=159&recv=71&lost=0&retrans=0&sent_bytes=168079&recv_bytes=10330&delivery_rate=3845&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=3059&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 01:11:06 GMT
content-type: application/json; charset=utf-8
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, accept-encoding
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
cache-control: no-store
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
referrer-policy: no-referrer
cf-ray: 8e7dc3491d8c08f6-LAX
permissions-policy: interest-cohort=()
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
x-xss-protection: 0
server: cloudflare

GET
H3 200 bscframe
accounts.google.auzen.us.kg/_/ Frame 4700 0
0 465ms
465ms Document
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/_/bscframe

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc3491d9908f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=75591&sent=161&recv=71&lost=0&retrans=0&sent_bytes=169710&recv_bytes=10330&delivery_rate=3845&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=3145&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 m=wg1P6b Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 5 KB
2 KB 142ms
142ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,iAskyc,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,q0xTif,qPYxq,qmdT9,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

c99d1ea69dadfeda8af7a835271791cafb34bf58d1a477a2cc022e2938db403f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 130769
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:51:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:51:37 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 2007
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 4700 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4700 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 bscframe
accounts.google.auzen.us.kg/_/ Frame 2916 0
0 475ms
474ms Document
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/_/bscframe

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc34c3a3d08f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=76898&sent=165&recv=74&lost=0&retrans=0&sent_bytes=171612&recv_bytes=10887&delivery_rate=8911&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=3669&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2916 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2916 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 bscframe
accounts.google.auzen.us.kg/_/ Frame 85EE 0
0 698ms
697ms Document
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/_/bscframe

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc34f7f1608f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=76275&sent=174&recv=78&lost=0&retrans=0&sent_bytes=176333&recv_bytes=11856&delivery_rate=7349&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=4411&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=... 3 KB
2 KB 140ms
139ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ck=boq-identity.AccountsSignInUi.91Qyn4pextM.L.F4.O/am=iB3MZNgGEBD_8DSgN6BIIGQAAAAAAAAAAMAGAACAhwE/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,LvGhrf,MpJwZc,NOeYWe,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,hc6Ubd,iAskyc,inNHtf,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,n73qwf,niKKCd,njlZCf,oLggrd,oqkvIf,p3hmRc,pxq3x,q0xTif,qPYxq,qmdT9,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEtvaPisZQse6XFigDtsslDGtnJDw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

30fea7f5c990065189c2e22b04b07e201591355052c970d524f15b948a48efbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
age: 130770
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:51:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:51:37 GMT
last-modified: Tue, 19 Nov 2024 03:46:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
accept-ranges: bytes
content-length: 1618
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
accounts.google.auzen.us.kg/ 5 KB
3 KB 352ms
351ms Other
image/x-icon 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://accounts.google.auzen.us.kg/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 41776
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 12:50:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76440&sent=171&recv=77&lost=0&retrans=0&sent_bytes=173563&recv_bytes=11811&delivery_rate=3865&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=4069&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 01:11:07 GMT
content-type: image/x-icon
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: DENY
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
cache-control: public, max-age=300, s-maxage=7200
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
cf-ray: 8e7dc34f8f2508f6-LAX
permissions-policy: interest-cohort=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1494
x-xss-protection: 0
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 85EE 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 85EE 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 bscframe
accounts.google.auzen.us.kg/_/ Frame F875 0
0 450ms
449ms Document
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/_/bscframe

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc3540def08f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=75661&sent=178&recv=80&lost=0&retrans=0&sent_bytes=178234&recv_bytes=12387&delivery_rate=20938&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=4892&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F875 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F875 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 bscframe
accounts.google.auzen.us.kg/_/ Frame 487F 0
0 372ms
371ms Document
text/html 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/_/bscframe

Requested by

Host: accounts.google.auzen.us.kg
URL: https://accounts.google.auzen.us.kg/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=7200
cf-cache-status: DYNAMIC
cf-ray: 8e7dc3571aa308f6-LAX
content-encoding: zstd
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Mon, 25 Nov 2024 01:11:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=75263&sent=182&recv=82&lost=0&retrans=0&sent_bytes=180137&recv_bytes=12918&delivery_rate=4027&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=5301&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 487F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 487F 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST log
play.google.com/ 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 440ms
149ms Preflight
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://accounts.google.auzen.us.kg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 25 Nov 2024 01:11:09 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 439ms
150ms Preflight
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://accounts.google.auzen.us.kg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 25 Nov 2024 01:11:09 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 browserinfo Show response
accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/ 90 B
1 KB 417ms
416ms XHR
application/json 172.67.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.auzen.us.kg/v3/signin/_/AccountsSignInUi/browserinfo?f.sid=7670710501101691742&bl=boq_identityfrontendauthuiserver_20241119.04_p0&hl=en-US&_reqid=154667&rt=j

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77f3fdcd4224848b5d7a0ccde62d911345fd1947586f5e59cabeab922c5fb70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.auzen.us.kg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74870&sent=186&recv=85&lost=0&retrans=0&sent_bytes=182036&recv_bytes=13735&delivery_rate=4819&cwnd=86400&unsent_bytes=0&cid=b14a614a4c15e8ec&ts=5901&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 01:11:09 GMT
content-type: application/json; charset=utf-8
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
vary: accept-encoding
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.googleapis.com https://*.youtube.com https://*.github.com https://*.githubusercontent.com https://*.bloomberg.com https://*.recaptcha.net https://*.auzen.us.kg; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: blob:; connect-src 'self' *; frame-src 'self' https://*.google.com https://*.youtube.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://*.google.com https://*.github.com https://*.bloomberg.com https://*.auzen.us.kg; upgrade-insecure-requests
cache-control: no-store
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
referrer-policy: no-referrer
cf-ray: 8e7dc35a986e08f6-LAX
permissions-policy: interest-cohort=()
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
x-xss-protection: 0
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.google.auzen.us.kg/	1970-01-21 10:50:57	Name: __Host-GAPS Value: 1:N4CNSNbl-vQ-NCkpCr6lSOmzZPsBFA:iGx4Hd6Fk8afrwYO
			accounts.google.auzen.us.kg/	1970-01-21 01:58:09	Name: OTZ Value: 7836551_96_96__96_

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://accounts.google.auzen.us.kg/ Message: [Report Only] Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.81r_gfkf0jY.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://accounts.google.auzen.us.kg/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://*.auzen.us.kg". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation	verbose	URL: https://accounts.google.auzen.us.kg/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	error	Message: Refused to frame 'https://accounts.google.auzen.us.kg/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://accounts.google.auzen.us.kg/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://accounts.google.auzen.us.kg/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://accounts.google.auzen.us.kg/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://accounts.google.auzen.us.kg/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
javascript	error	URL: https://accounts.google.auzen.us.kg/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://accounts.google.auzen.us.kg' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://accounts.google.auzen.us.kg/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://accounts.google.auzen.us.kg' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google.com https://.gstatic.com https://.googleapis.com https://.youtube.com https://.github.com https://.githubusercontent.com https://.bloomberg.com https://.recaptcha.net https://.auzen.us.kg; style-src 'self' 'unsafe-inline' ; img-src 'self' data: blob:; connect-src 'self' ; frame-src 'self' https://.google.com https://.youtube.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://.google.com https://.github.com https://.bloomberg.com https://.auzen.us.kg; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.auzen.us.kg
accounts.youtube.com
fonts.gstatic.com
play.google.com
static.cloudflareinsights.com
www.gstatic.com
play.google.com
static.cloudflareinsights.com
142.250.65.163
142.251.40.227
172.67.152.191
2607:f8b0:4006:80f::200e
2607:f8b0:4006:824::200e
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0a6dcfb2e22f5ec0f4711a17ff047e010a193b0b1295595d5bc64d789f47bffe
29bf215462714c08e95464fe2182ae8bf8a0231cebb58a1e3376024a45608f66
2e97bf41c7c4c1708292e4fd91e03bc7b74fd0ced3a3dca7c0ae77400d49060c
30fea7f5c990065189c2e22b04b07e201591355052c970d524f15b948a48efbd
575ff49d0d724ac2e028454778fb982440503538a46c3dd126fc2858d91787cd
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
78f2cf9ac93e2f69fe20ac0cebcbf0a35a239163d2ff8d2df585c8b5a9a98497
81181680863de2d95c8c878c25afd7e072c4ba3a10a4bb09cead1b2b3a7b2221
92110863beffbb09c6313ceff62ee3b56b51e2bb2b04e7ae029eb7ff288e8f27
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
b342a0861eda53a8b25cea5573516c6ba50a9f3b32257bf160c8a425a307896d
b6e268ad998935c1cacffbc50efe550c2d7d2d4cb85979c6edead5c9d859d130
b77f3fdcd4224848b5d7a0ccde62d911345fd1947586f5e59cabeab922c5fb70
c59f3894d4d0cda38320088ff9a9fc1b45e138489b9a8f69ac6993330c950ef6
c99d1ea69dadfeda8af7a835271791cafb34bf58d1a477a2cc022e2938db403f
da5859707d9db2a1475231fc10ba7c6ffa4726dcb81215d840b1c03d082892f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
f5390743638ac795c6656be835e71decb27dd654b6c683802246f8243fcfed68

accounts.google.auzen.us.kg Open in urlscan Pro 172.67.152.191 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

28 Requests

89 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

6 IPs

1 Countries

679 kBTransfer

2641 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

accounts.google.auzen.us.kg Open in urlscan Pro
172.67.152.191 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

89 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

679 kB
Transfer

2641 kB
Size

2
Cookies

28 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!