passport.xsyn.io Open in urlscan Pro
140.238.196.112  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response passport.xsyn.io/	5 KB 2 KB	126ms 2ms	Document text/html	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 4a2e19d54ace750540f679a9ac9ed8894429a90b759c08a84e8647c36d5d5dc4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 08 Dec 2023 01:20:08 GMT ETag W/"649fe2fb-1455" Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	main.f147f290.chunk.css passport.xsyn.io/static/css/	2 KB 3 KB	3ms 2ms	Stylesheet text/css	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/css/main.f147f290.chunk.css Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash f3b85183180d0e290eca0c7b66e242ac635b24e4993f9a2559479f8806de906c Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fb-9cd" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2509
GET H/1.1	200 OK	2.283583d9.chunk.js Show response passport.xsyn.io/static/js/	2 MB 2 MB	7ms 4ms	Script application/javascript	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/js/2.283583d9.chunk.js Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash a4c85c9f1c2bf9b77783d8ddc64ea98c19ca30ca9d0ebdbcb674ae1f565345ef Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fb-2263fe" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2253822
GET H/1.1	200 OK	main.beb14fc7.chunk.js Show response passport.xsyn.io/static/js/	450 KB 450 KB	8ms 3ms	Script application/javascript	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/js/main.beb14fc7.chunk.js Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 1a137e179d3d774c327187689d0349a45d6486e2f195b95cd7264f280905d6d1 Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fb-706eb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 460523
GET H/1.1	200 OK	bizmo-medium-webfont.6b48d312.woff2 passport.xsyn.io/static/media/	18 KB 19 KB	3ms 3ms	Font application/octet-stream	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/media/bizmo-medium-webfont.6b48d312.woff2 Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/css/main.f147f290.chunk.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash df1932bd9cb9e0f496e46de33b2ea4e62690011a7ae4966c76fa2fd2897a9261 Request headers Referer https://passport.xsyn.io/static/css/main.f147f290.chunk.css Origin https://passport.xsyn.io accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fb-4920" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 18720
OPTIONS H/1.1	200 OK	check api.xsyn.io/api/auth/ Frame	0 0	112ms 2ms	Preflight	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://api.xsyn.io/api/auth/check Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://passport.xsyn.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods GET Access-Control-Allow-Origin https://passport.xsyn.io Connection keep-alive Content-Length 0 Date Fri, 08 Dec 2023 01:20:08 GMT Server nginx/1.18.0 (Ubuntu) Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H/1.1	200 OK	3.8fa080e5.chunk.js Show response passport.xsyn.io/static/js/	32 KB 32 KB	3ms 3ms	Script application/javascript	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/js/3.8fa080e5.chunk.js Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 4bbc6718bb10277ded9ccfce42ed65ab65da04346ff7bdbff86cae2c108d211a Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:32 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fc-7f14" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 32532
GET H/1.1	400 Bad Request	check Show response api.xsyn.io/api/auth/	57 B 380 B	8ms 3ms	Fetch text/plain	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://api.xsyn.io/api/auth/check Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/js/2.283583d9.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash ab9d02562a4a985994c05b4fb68e1662f7dd21c32bc83d029989de5e4df756ea Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://passport.xsyn.io/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT X-Content-Type-Options nosniff Server nginx/1.18.0 (Ubuntu) Vary Origin Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://passport.xsyn.io Access-Control-Allow-Credentials true Connection keep-alive Content-Length 57
GET H/1.1	200 OK	bizmo-regular-webfont.13810924.woff2 passport.xsyn.io/static/media/	18 KB 18 KB	3ms 3ms	Font application/octet-stream	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://passport.xsyn.io/static/media/bizmo-regular-webfont.13810924.woff2 Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/css/main.f147f290.chunk.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash edc631cb5c21fbac85129ac056b9f210467f4c62f036c233b3d86358fb17ba3c Request headers Referer https://passport.xsyn.io/static/css/main.f147f290.chunk.css Origin https://passport.xsyn.io accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:08 GMT Last-Modified Sat, 01 Jul 2023 08:25:31 GMT Server nginx/1.18.0 (Ubuntu) ETag "649fe2fb-4888" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 18568
GET H/1.1	200 OK	bc.png afiles.ninja-cdn.com/passport/background_images/	796 KB 797 KB	156ms 5ms	Image image/png	140.238.196.112 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://afiles.ninja-cdn.com/passport/background_images/bc.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 140.238.196.112 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 4d8ce0513e5ac974ccadfb536efe05cd05f72da3d796aee602d562611b9f824a Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 01:20:09 GMT Last-Modified Sat, 10 Dec 2022 06:52:21 GMT Server nginx/1.18.0 (Ubuntu) ETag "63942ca5-c7196" Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 815510
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 3 KB	12ms 2ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/js/main.beb14fc7.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 85e06ae9907d5c17c129a60fae67990abc6a5d665b332ed2b2953a279a259a32 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 01:20:08 GMT content-md5 H+c01FbZUrD3TcHFjDRSRA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 reporting-endpoints x-fb-debug qSi1JYIOWiwb7FxYvk6OL1w4/IkUg9mmSHRasRmUgwRt5PrNRSsUOZTtlUryCYbi3k7wJYs3IqbTtRm+KUJe7Q== x-fb-content-md5 2e42d4679df7ad267777a2b337e5c69d cross-origin-opener-policy same-origin-allow-popups etag "1e3f7afe57e6c6a0af0ef625a19557af" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 08 Dec 2023 01:35:42 GMT
GET H2	200	api.js Show response apis.google.com/js/	18 KB 8 KB	240ms 132ms	Script text/javascript	142.250.204.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/js/2.283583d9.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f14.1e100.net Software sffe / Resource Hash e4722f3b2470e7a0a87291293f4b412824f667a413ca6cd806580905fa550a13 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 01:20:09 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7112 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "13c0b25e48eb016d" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 01:20:09 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ce6189e35117adedb9ee54c3e042fd476adf539c84752da55138d074986a59d Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	15 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3be38ce7a84456cd4608ad1dd25e7e9ea78963d0eb62e522f10a9f948d78de38 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	302 KB 87 KB	11ms 5ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=2db011eeeabadc58ac58e75634543e75 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash d1b6ca84565547dc1efa31495eec6f549849b40d0fa71b9969ce6f2601dd4356 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://passport.xsyn.io/ Origin https://passport.xsyn.io accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 01:20:09 GMT content-md5 QTWP5hItFeWeCLNxhbnxMg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88321 reporting-endpoints x-fb-debug p6GmkjKg1E/f1kHo/iIbgmZwR2onSPdLb8lFjigmuywTa4L0T9N3P/po3bvGqKGPFjaw3lQDrG16009+S6PRyw== x-fb-content-md5 96c5807c8642117376400c8e3f281fc0 cross-origin-opener-policy same-origin-allow-popups etag "88409af98a3dd54ef0b3ac66340ac104" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 06 Dec 2024 23:02:57 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/	119 KB 40 KB	3ms 2ms	Script text/javascript	142.250.204.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f14.1e100.net Software sffe / Resource Hash d92109482c87751fbd919548cf170a85981c720435a0cd24c1e7f726e4660c78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://passport.xsyn.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 14:23:49 GMT content-encoding gzip x-content-type-options nosniff age 39380 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40787 x-xss-protection 0 last-modified Wed, 08 Nov 2023 22:37:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 06 Dec 2024 14:23:49 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame FDCC	290 B 1 KB	302ms 107ms	Document text/html	74.125.24.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.84 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f84.1e100.net Software ESF / Resource Hash 8d812b0583c1b7349ca74df55953635f3d83606e2adcae2066f01c934da1ef22 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--0-C6y7A_l0C8Gf2Dm4RDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://passport.xsyn.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce--0-C6y7A_l0C8Gf2Dm4RDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 01:20:09 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.hVzgusK66f4.es5.O/am=AAM/d=1/rs=AOaEmlGdJVXTndUL-Wi-z140h5v3upoWIA/ Frame FDCC	107 KB 37 KB	407ms 3ms	Script text/javascript	172.217.24.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.hVzgusK66f4.es5.O/am=AAM/d=1/rs=AOaEmlGdJVXTndUL-Wi-z140h5v3upoWIA/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f35.1e100.net Software sffe / Resource Hash 1c2e5784c4f46c28653ff80fe87581076b88abd72ff526ede5745200ee541d4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 04:39:11 GMT content-encoding gzip x-content-type-options nosniff age 247258 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37650 x-xss-protection 0 last-modified Sat, 02 Dec 2023 05:45:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 04 Dec 2024 04:39:11 GMT
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame FDCC	2 KB 912 B	106ms 105ms	Other text/html	74.125.24.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.84 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f84.1e100.net Software GSE / Resource Hash 380e213b6599321f8a78d5d0a98928c9224f9939900c5225341c81d986b27945 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Fri, 08 Dec 2023 01:20:09 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response o370480.ingest.sentry.io/api/6194602/envelope/	41 B 364 B	20ms 6ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o370480.ingest.sentry.io/api/6194602/envelope/?sentry_key=f389e257602342899d1639d9c0c7f476&sentry_version=7 Requested by Host: passport.xsyn.io URL: https://passport.xsyn.io/static/js/2.283583d9.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash af149d01900e0d0808369bfdea5e48cdfd311af6bb356c15381d0dcea2ada3ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://passport.xsyn.io/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 08 Dec 2023 01:20:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41
GET H2	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame FDCC	49 B 376 B	118ms 118ms	XHR application/json	74.125.24.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fpassport.xsyn.io&client_id=467953368642-8cobg822tej2i50ncfg4ge1pm4c5v033.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.hVzgusK66f4.es5.O/am=AAM/d=1/rs=AOaEmlGdJVXTndUL-Wi-z140h5v3upoWIA/m=base Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.84 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f84.1e100.net Software ESF / Resource Hash 4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YsCfp8MxF-uj2hgoG1dwYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 01:20:10 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'report-sample' 'nonce-YsCfp8MxF-uj2hgoG1dwYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-encoding gzip cross-origin-embedder-policy require-corp cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control public, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Fri, 08 Dec 2023 02:20:10 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| webpackJsonppassport-web object| __SENTRY__ object| ws function| setImmediate function| clearImmediate object| _ethers object| __MUI_LICENSE_INFO__ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| fbAsyncInit object| FB object| __buffer object| gapi object| ___jsl object| _F_toggles object| osapi

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 21:10:09	Name: NID Value: 511=oVrxnxXqK2xL00ZcCP3MS5E9cBNz6AyxNkcdUvMaoLpUYOEC3wcIj3WrquBldTEGWmLpdwKBgpCNBf2Sa_rgqK6Lxds0U_shkgnso_RGlKfsfrzqIWNV2fhlF___wNbkibvNuBvFH6FW-tIiMdJ81isQED1A86xtYSFa0y9wy-U
			.passport.xsyn.io/	1970-01-21 02:22:38	Name: G_ENABLED_IDPS Value: google

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.xsyn.io/api/auth/check Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
rendering	error	URL: https://passport.xsyn.io/static/js/2.283583d9.chunk.js(Line 1) Message: Error: <svg> attribute height: Expected length, "px".
rendering	error	URL: https://passport.xsyn.io/static/js/2.283583d9.chunk.js(Line 1) Message: Error: <svg> attribute height: Expected length, "px".
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
afiles.ninja-cdn.com
api.xsyn.io
apis.google.com
connect.facebook.net
o370480.ingest.sentry.io
passport.xsyn.io
www.gstatic.com
140.238.196.112
142.250.204.14
157.240.8.23
172.217.24.35
34.120.195.249
74.125.24.84
1a137e179d3d774c327187689d0349a45d6486e2f195b95cd7264f280905d6d1
1c2e5784c4f46c28653ff80fe87581076b88abd72ff526ede5745200ee541d4a
380e213b6599321f8a78d5d0a98928c9224f9939900c5225341c81d986b27945
3be38ce7a84456cd4608ad1dd25e7e9ea78963d0eb62e522f10a9f948d78de38
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4a2e19d54ace750540f679a9ac9ed8894429a90b759c08a84e8647c36d5d5dc4
4bbc6718bb10277ded9ccfce42ed65ab65da04346ff7bdbff86cae2c108d211a
4d8ce0513e5ac974ccadfb536efe05cd05f72da3d796aee602d562611b9f824a
85e06ae9907d5c17c129a60fae67990abc6a5d665b332ed2b2953a279a259a32
8ce6189e35117adedb9ee54c3e042fd476adf539c84752da55138d074986a59d
8d812b0583c1b7349ca74df55953635f3d83606e2adcae2066f01c934da1ef22
a4c85c9f1c2bf9b77783d8ddc64ea98c19ca30ca9d0ebdbcb674ae1f565345ef
ab9d02562a4a985994c05b4fb68e1662f7dd21c32bc83d029989de5e4df756ea
af149d01900e0d0808369bfdea5e48cdfd311af6bb356c15381d0dcea2ada3ed
d1b6ca84565547dc1efa31495eec6f549849b40d0fa71b9969ce6f2601dd4356
d92109482c87751fbd919548cf170a85981c720435a0cd24c1e7f726e4660c78
df1932bd9cb9e0f496e46de33b2ea4e62690011a7ae4966c76fa2fd2897a9261
e4722f3b2470e7a0a87291293f4b412824f667a413ca6cd806580905fa550a13
edc631cb5c21fbac85129ac056b9f210467f4c62f036c233b3d86358fb17ba3c
f3b85183180d0e290eca0c7b66e242ac635b24e4993f9a2559479f8806de906c