google.0wn.kr Open in urlscan Pro
3.34.123.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://google.0wn.kr/
Effective URL:
https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.go...
Submission: On April 17 via automatic, source certstream-suspicious (April 17th 2023, 6:52:36 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 3.34.123.68, located in Incheon, Korea, Republic Of and belongs to AMAZON-02, US. The main domain is google.0wn.kr.
TLS certificate: Issued by R3 on April 17th 2023. Valid for: 3 months.

This is the only time google.0wn.kr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	3.34.123.68 3.34.123.68	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
19	5

6 3.34.123.68 (Incheon, Korea, Republic Of) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com

google.0wn.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gstatic.com www.gstatic.com fonts.gstatic.com	367 KB
6	0wn.kr 1 redirects google.0wn.kr	179 KB
1	youtube.com accounts.youtube.com — Cisco Umbrella Rank: 891
19	3

	Domain	Requested by
9	www.gstatic.com	google.0wn.kr www.gstatic.com
6	google.0wn.kr	1 redirects google.0wn.kr www.gstatic.com
4	fonts.gstatic.com	google.0wn.kr
1	accounts.youtube.com	www.gstatic.com
19	4

This site contains links to these domains. Also see Links.

Domain
support.google.com
accounts.google.com

Subject Issuer	Validity	Valid
google.0wn.kr R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession
Frame ID: C4C697DB8EC7DA37168ED15E628E07EA
Requests: 17 HTTP requests in this frame

Frame: https://google.0wn.kr/identifier_files/CheckConnection.html
Frame ID: E597A9A079126182F224B11546D66948
Requests: 1 HTTP requests in this frame

Frame: https://google.0wn.kr/identifier_files/bscframe.html
Frame ID: 5308AB45E4FF7DE17F79456B387CF4C4
Requests: 1 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1108652608&timestamp=1681714352164
Frame ID: 80BA120D3529801A142EF22B40730ADB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - Google Accounts

Page URL History Show full URLs

https://google.0wn.kr/ HTTP 302
https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=... Page URL

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

546 kB
Transfer

2025 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/chrome/answer/6130773?hl=en
Title: Learn more

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=en&p=account_iph
Title: Help

Search URL Search Domain Scan URL

URL: https://accounts.google.com/TOS?loc=KR&hl=en&privacy=true
Title: Privacy

Search URL Search Domain Scan URL

URL: https://accounts.google.com/TOS?loc=KR&hl=en
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://google.0wn.kr/ HTTP 302
https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request identifier Show response
google.0wn.kr/v3/signin/
Redirect Chain

https://google.0wn.kr/
https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession

1013 KB
177 KB

562ms
562ms

Document
text/html

3.34.123.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.34.123.68 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dfc155fd4601164fadab479c630ffb11a62677a0979e4293119f8333174bf2b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 06:52:30 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 573
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 06:52:30 GMT
Location: /v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlELRcdeplivD... 205 KB
72 KB 178ms
83ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlELRcdeplivD2BLPKlTBlt-a_CYDQ/m=_b,_tp,_r

Requested by

Host: google.0wn.kr
URL: https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d27d7132de78c927e476f9e3ecc70f1a0be908702f5a6f65ca5799b9768e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73334
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 20:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:31 GMT

GET
H/1.1 404
NOT FOUND CheckConnection.html Show response
google.0wn.kr/identifier_files/ Frame E597 207 B
394 B 280ms
280ms Document
text/html 3.34.123.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.0wn.kr/identifier_files/CheckConnection.html
Requested by: Host: google.0wn.kr
URL: https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.34.123.68 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

Referer: https://google.0wn.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 06:52:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 404
NOT FOUND bscframe.html Show response
google.0wn.kr/identifier_files/ Frame 5308 207 B
394 B 277ms
277ms Document
text/html 3.34.123.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.0wn.kr/identifier_files/bscframe.html
Requested by: Host: google.0wn.kr
URL: https://google.0wn.kr/v3/signin/identifier?dsh=S1375788286%3A1681116506564739&authuser=0&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAlAmgQ&hl=en&flowName=GlifWebSignIn&flowEntry=AddSession
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.34.123.68 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

Referer: https://google.0wn.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 06:52:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 136ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://google.0wn.kr/
Origin: https://google.0wn.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:50:41 GMT
x-content-type-options: nosniff
age: 219710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 17:50:41 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 141ms
46ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://google.0wn.kr/
Origin: https://google.0wn.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 505287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14576
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 175ms
80ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://google.0wn.kr/
Origin: https://google.0wn.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:03 GMT
x-content-type-options: nosniff
age: 505288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10788
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:03 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 183ms
88ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://google.0wn.kr/
Origin: https://google.0wn.kr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:26 GMT
x-content-type-options: nosniff
age: 505265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:26 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=_b,_r,_tp... 37 KB
13 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlELRcdeplivD2BLPKlTBlt-a_CYDQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f65e6e4bd5b69d331112b7151bb34781b54b46b800b3cb9583dd242e252a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13430
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:31 GMT

GET
H2 200 m=n73qwf,UUJqVe,MpJwZc,pxq3x Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=LEikZe,_b... 53 KB
19 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=LEikZe,_b,_r,_tp,byfTOb,lsjVmc/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=n73qwf,UUJqVe,MpJwZc,pxq3x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3dcd64a3c1de3f00ec177fdedf75263dae83b63a740f950d06498911eb37e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19254
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:31 GMT

GET
H2 200 m=SCuOPb,IZT63,vfuNJf,ws9Tlc,siKnQd,STuCOe,njlZCf,XVq9Qb,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,kibjWe,nnwwYc,ANCJdb,V3dDOb,G0cNrd,zsCYJ,mWLH9d,NOeYWe,O6y8ed,t2srLd,fqEYIb,PrPYRd,NwH0H,OmgaI,hc6... Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=LEikZe,Mp... 517 KB
166 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=LEikZe,MpJwZc,UUJqVe,_b,_r,_tp,byfTOb,lsjVmc,n73qwf,pxq3x/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=SCuOPb,IZT63,vfuNJf,ws9Tlc,siKnQd,STuCOe,njlZCf,XVq9Qb,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,kibjWe,nnwwYc,ANCJdb,V3dDOb,G0cNrd,zsCYJ,mWLH9d,NOeYWe,O6y8ed,t2srLd,fqEYIb,PrPYRd,NwH0H,OmgaI,hc6Ubd,AkfuYc,KUM7Z,oLggrd,inNHtf,L1AAkb,XVMNvd,Mlhmy,lwddkf,gychg,EEDORb,SpsfSb,tUnxGc,aW3pY,kmSu5b,EFQ78c,ZfAoz,xQtZb,I6YDgd,N5Lqpc,fgj8Rb,kWgXee,PkV8id,hmHrle,ovKuLd,zbML3c,yDVVkb,zr1jrb,AD1APd,vHEMJe,YHI3We,YTxL4,MbBXlb,i1Z3Ub,bSspM,UmWJEc,KG2eXe,Uas9Hd,lg30w,e3uIRe,zy0vNb,my67ye,fJpY1b,EN3i8d,K0PMbc,EGw7Od,A2sInc,AvtSve,qmdT9,vDwyod,ZUKRxc,xBaz7b,GGodmf,eVCnO,wzQaQb,BDnJmb,LDQI,SUKkyc,b3kMqb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4abc701cf9f19bdd7d403cf72a473b8488100a62b1f61a1cc1008312781801e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170294
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:31 GMT

GET
H2 200 m=ltDFwf,Rusgnf,Ctsu,UPKV3d,wGM7Jc,IZ1fbc,i5dxUd,m9oV,kSPLL,i5H9N,NTMZac,bTi8wc,SzsEAf,RAnnUd,qPfo0c,PHUIyb,bPkrc,uu7UOe,yRXbo,wg1P6b,soHxf,qNG0Fc,ywOR5c,W2YXuc Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD... 126 KB
36 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD1APd,ANCJdb,AkfuYc,AvtSve,BDnJmb,COQbmf,EEDORb,EFQ78c,EGw7Od,EN3i8d,G0cNrd,GGodmf,I6YDgd,IZT63,K0PMbc,KG2eXe,KUM7Z,L1AAkb,LDQI,LEikZe,MbBXlb,Mlhmy,MpJwZc,N5Lqpc,NOeYWe,NwH0H,O6y8ed,OTA3Ae,OmgaI,PkV8id,PrPYRd,SCuOPb,STuCOe,SUKkyc,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UmWJEc,V3dDOb,XVMNvd,XVq9Qb,YHI3We,YTxL4,ZUKRxc,ZfAoz,_b,_r,_tp,aW3pY,aurFic,b3kMqb,bSspM,byfTOb,e3uIRe,eVCnO,fJpY1b,fKUV3e,fgj8Rb,fqEYIb,gychg,hc6Ubd,hmHrle,i1Z3Ub,inNHtf,kWgXee,kibjWe,kmSu5b,lg30w,lsjVmc,lwddkf,mWLH9d,my67ye,n73qwf,njlZCf,nnwwYc,oLggrd,ovKuLd,pxq3x,qmdT9,siKnQd,t2srLd,tUnxGc,vDwyod,vHEMJe,vfuNJf,ws9Tlc,wzQaQb,xBaz7b,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb,zsCYJ,zy0vNb/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=ltDFwf,Rusgnf,Ctsu,UPKV3d,wGM7Jc,IZ1fbc,i5dxUd,m9oV,kSPLL,i5H9N,NTMZac,bTi8wc,SzsEAf,RAnnUd,qPfo0c,PHUIyb,bPkrc,uu7UOe,yRXbo,wg1P6b,soHxf,qNG0Fc,ywOR5c,W2YXuc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c714fca69ec3e1f46f2e59d9fb5041b5a1f8f91ab4ff95778b050adfd4536d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37034
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:31 GMT

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD... 14 KB
5 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD1APd,ANCJdb,AkfuYc,AvtSve,BDnJmb,COQbmf,Ctsu,EEDORb,EFQ78c,EGw7Od,EN3i8d,G0cNrd,GGodmf,I6YDgd,IZ1fbc,IZT63,K0PMbc,KG2eXe,KUM7Z,L1AAkb,LDQI,LEikZe,MbBXlb,Mlhmy,MpJwZc,N5Lqpc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PkV8id,PrPYRd,RAnnUd,Rusgnf,SCuOPb,STuCOe,SUKkyc,SpsfSb,SzsEAf,U0aPgd,UPKV3d,UUJqVe,Uas9Hd,UmWJEc,V3dDOb,W2YXuc,XVMNvd,XVq9Qb,YHI3We,YTxL4,ZUKRxc,ZfAoz,_b,_r,_tp,aW3pY,aurFic,b3kMqb,bPkrc,bSspM,bTi8wc,byfTOb,e3uIRe,eVCnO,fJpY1b,fKUV3e,fgj8Rb,fqEYIb,gychg,hc6Ubd,hmHrle,i1Z3Ub,i5H9N,i5dxUd,inNHtf,kSPLL,kWgXee,kibjWe,kmSu5b,lg30w,lsjVmc,ltDFwf,lwddkf,m9oV,mWLH9d,my67ye,n73qwf,njlZCf,nnwwYc,oLggrd,ovKuLd,pxq3x,qNG0Fc,qPfo0c,qmdT9,siKnQd,soHxf,t2srLd,tUnxGc,uu7UOe,vDwyod,vHEMJe,vfuNJf,wGM7Jc,wg1P6b,ws9Tlc,wzQaQb,xBaz7b,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb,zsCYJ,zy0vNb/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a286841b02e0257d10853b79afe099641dc12a758d7c7285a84d6be4b34b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4999
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:32 GMT

GET
H3 200 m=ZwDk9d,RMhBfe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD... 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD1APd,ANCJdb,AkfuYc,AvtSve,BDnJmb,COQbmf,Ctsu,EEDORb,EFQ78c,EGw7Od,EN3i8d,G0cNrd,GGodmf,I6YDgd,IZ1fbc,IZT63,K0PMbc,KG2eXe,KUM7Z,L1AAkb,LDQI,LEikZe,MbBXlb,Mlhmy,MpJwZc,N5Lqpc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PkV8id,PrPYRd,RAnnUd,RqjULd,Rusgnf,SCuOPb,STuCOe,SUKkyc,SpsfSb,SzsEAf,U0aPgd,UPKV3d,UUJqVe,Uas9Hd,UmWJEc,V3dDOb,W2YXuc,XVMNvd,XVq9Qb,YHI3We,YTxL4,ZUKRxc,ZfAoz,_b,_r,_tp,aW3pY,aurFic,b3kMqb,bPkrc,bSspM,bTi8wc,byfTOb,e3uIRe,eVCnO,fJpY1b,fKUV3e,fgj8Rb,fqEYIb,gychg,hc6Ubd,hmHrle,i1Z3Ub,i5H9N,i5dxUd,inNHtf,kSPLL,kWgXee,kibjWe,kmSu5b,lg30w,lsjVmc,ltDFwf,lwddkf,m9oV,mWLH9d,my67ye,n73qwf,njlZCf,nnwwYc,oLggrd,ovKuLd,pxq3x,qNG0Fc,qPfo0c,qmdT9,siKnQd,soHxf,t2srLd,tUnxGc,uu7UOe,vDwyod,vHEMJe,vfuNJf,wGM7Jc,wg1P6b,ws9Tlc,wzQaQb,xBaz7b,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb,zsCYJ,zy0vNb/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=ZwDk9d,RMhBfe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7d4868e15e5d5a1c663e4a438bd0dba392be2de16535b0acdcc7bb694bf032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1462
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:32 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD... 1 KB
732 B 63ms
62ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD1APd,ANCJdb,AkfuYc,AvtSve,BDnJmb,COQbmf,Ctsu,EEDORb,EFQ78c,EGw7Od,EN3i8d,G0cNrd,GGodmf,I6YDgd,IZ1fbc,IZT63,K0PMbc,KG2eXe,KUM7Z,L1AAkb,LDQI,LEikZe,MbBXlb,Mlhmy,MpJwZc,N5Lqpc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PkV8id,PrPYRd,RAnnUd,RMhBfe,RqjULd,Rusgnf,SCuOPb,STuCOe,SUKkyc,SpsfSb,SzsEAf,U0aPgd,UPKV3d,UUJqVe,Uas9Hd,UmWJEc,V3dDOb,W2YXuc,XVMNvd,XVq9Qb,YHI3We,YTxL4,ZUKRxc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,b3kMqb,bPkrc,bSspM,bTi8wc,byfTOb,e3uIRe,eVCnO,fJpY1b,fKUV3e,fgj8Rb,fqEYIb,gychg,hc6Ubd,hmHrle,i1Z3Ub,i5H9N,i5dxUd,inNHtf,kSPLL,kWgXee,kibjWe,kmSu5b,lg30w,lsjVmc,ltDFwf,lwddkf,m9oV,mWLH9d,my67ye,n73qwf,njlZCf,nnwwYc,oLggrd,ovKuLd,pxq3x,qNG0Fc,qPfo0c,qmdT9,siKnQd,soHxf,t2srLd,tUnxGc,uu7UOe,vDwyod,vHEMJe,vfuNJf,wGM7Jc,wg1P6b,ws9Tlc,wzQaQb,xBaz7b,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb,zsCYJ,zy0vNb/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbe41fe12666ab62e2d65cc329e7e628f3388d5052bcf98eca9ebd816d11311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 707
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:32 GMT

POST
H/1.1 404
NOT FOUND jserror Show response
google.0wn.kr/v3/signin/_/AccountsSignInUi/ 207 B
394 B 281ms
281ms XHR
text/html 3.34.123.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.0wn.kr/v3/signin/_/AccountsSignInUi/jserror?script=https%3A%2F%2Fgoogle.0wn.kr%2Fv3%2Fsignin%2Fidentifier%3Fdsh%3DS1375788286%253A1681116506564739%26authuser%3D0%26continue%3Dhttps%253A%252F%252Fwww.google.com%252F%26ec%3DGAlAmgQ%26hl%3Den%26flowName%3DGlifWebSignIn%26flowEntry%3DAddSession&error=Failed%20to%20retrieve%20dependencies%20of%20service%20i1Z3Ub%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20e3uIRe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20A2sInc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20bSspM%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YHI3We%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MbBXlb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20SUKkyc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20ZUKRxc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20my67ye%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YTxL4%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27dd%27)&line=Not%20available
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlELRcdeplivD2BLPKlTBlt-a_CYDQ/m=_b,_tp,_r
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.34.123.68 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

Referer: https://google.0wn.kr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Mon, 17 Apr 2023 06:52:32 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

POST
H/1.1 404
NOT FOUND jserror Show response
google.0wn.kr/v3/signin/_/AccountsSignInUi/ 207 B
394 B 277ms
277ms XHR
text/html 3.34.123.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.0wn.kr/v3/signin/_/AccountsSignInUi/jserror?script=https%3A%2F%2Fgoogle.0wn.kr%2Fv3%2Fsignin%2Fidentifier%3Fdsh%3DS1375788286%253A1681116506564739%26authuser%3D0%26continue%3Dhttps%253A%252F%252Fwww.google.com%252F%26ec%3DGAlAmgQ%26hl%3Den%26flowName%3DGlifWebSignIn%26flowEntry%3DAddSession&error=Failed%20to%20retrieve%20dependencies%20of%20service%20i1Z3Ub%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20e3uIRe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20A2sInc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20bSspM%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YHI3We%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MbBXlb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20SUKkyc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20ZUKRxc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20my67ye%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YTxL4%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27dd%27)&line=Not%20available
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlELRcdeplivD2BLPKlTBlt-a_CYDQ/m=_b,_tp,_r
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.34.123.68 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-123-68.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

Referer: https://google.0wn.kr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Mon, 17 Apr 2023 06:52:32 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H2 200 CheckConnection
accounts.youtube.com/accounts/ Frame 80BA 0
0 155ms
58ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1108652608&timestamp=1681714352164

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-vJRD-ysCJiBHQkj91F_QjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://accounts.google.com
X-Xss-Protection	0

Request headers

Referer: https://google.0wn.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-vJRD-ysCJiBHQkj91F_QjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="AccountsDomainCookiesCheckConnectionHttp"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 06:52:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"AccountsDomainCookiesCheckConnectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsDomainCookiesCheckConnectionHttp/external"}]}
server: ESF
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://accounts.google.com
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD... 6 KB
3 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ygnw8zNZYxc.es5.O/ck=boq-identity.AccountsSignInUi.v5UC2wbMsyA.L.B1.O/am=As45HBgEEOdgMgQAAAAAAAAAAFgYmoA/d=1/exm=A2sInc,AD1APd,ANCJdb,AkfuYc,AvtSve,BDnJmb,COQbmf,Ctsu,EEDORb,EFQ78c,EGw7Od,EN3i8d,G0cNrd,GGodmf,I6YDgd,IZ1fbc,IZT63,K0PMbc,KG2eXe,KUM7Z,L1AAkb,LDQI,LEikZe,MbBXlb,Mlhmy,MpJwZc,N5Lqpc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PkV8id,PrPYRd,RAnnUd,RMhBfe,RqjULd,Rusgnf,SCuOPb,STuCOe,SUKkyc,SpsfSb,SzsEAf,U0aPgd,UPKV3d,UUJqVe,Uas9Hd,UmWJEc,V3dDOb,W2YXuc,XVMNvd,XVq9Qb,YHI3We,YTxL4,ZUKRxc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,b3kMqb,bPkrc,bSspM,bTi8wc,bm51tf,byfTOb,e3uIRe,eVCnO,fJpY1b,fKUV3e,fgj8Rb,fqEYIb,gychg,hc6Ubd,hmHrle,i1Z3Ub,i5H9N,i5dxUd,inNHtf,kSPLL,kWgXee,kibjWe,kmSu5b,lg30w,lsjVmc,ltDFwf,lwddkf,m9oV,mWLH9d,my67ye,n73qwf,njlZCf,nnwwYc,oLggrd,ovKuLd,pxq3x,qNG0Fc,qPfo0c,qmdT9,siKnQd,soHxf,t2srLd,tUnxGc,uu7UOe,vDwyod,vHEMJe,vfuNJf,wGM7Jc,wg1P6b,ws9Tlc,wzQaQb,xBaz7b,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb,zsCYJ,zy0vNb/excm=_b,_r,_tp,identifierview/ed=1/wt=2/rs=AOaEmlFC-xMcQQ7IFoab-UoTUY_CxWYksw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;Al0B8:kibjWe;UpnZUd:nnwwYc;fVU0x:E2Xbqf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;nTuGK:JKNPM;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;oSUNyd:K0PMbc;SMDL4c:K0PMbc;vNjB7d:YTxL4;oXZmbc:tUnxGc;EkYFhd:BDnJmb;pXdRYb:fqEYIb;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34220228d511c7771ef00ed3705ba46290e01bfbb2fe52cbeaf239a264f9a7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://google.0wn.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2750
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 02:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:52:32 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			google.0wn.kr/	1970-01-20 11:51:46	Name: OTZ Value: 6990173_56_56__56_

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://google.0wn.kr/identifier_files/bscframe.html Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)
network	error	URL: https://google.0wn.kr/identifier_files/CheckConnection.html Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)
security	warning	URL: https://google.0wn.kr/identifier_files/CheckConnection.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	Message: Refused to frame 'https://accounts.youtube.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://accounts.google.com".
network	error	URL: https://google.0wn.kr/v3/signin/_/AccountsSignInUi/jserror?script=https%3A%2F%2Fgoogle.0wn.kr%2Fv3%2Fsignin%2Fidentifier%3Fdsh%3DS1375788286%253A1681116506564739%26authuser%3D0%26continue%3Dhttps%253A%252F%252Fwww.google.com%252F%26ec%3DGAlAmgQ%26hl%3Den%26flowName%3DGlifWebSignIn%26flowEntry%3DAddSession&error=Failed%20to%20retrieve%20dependencies%20of%20service%20i1Z3Ub%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20e3uIRe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20A2sInc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20bSspM%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YHI3We%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MbBXlb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20SUKkyc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20ZUKRxc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20my67ye%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YTxL4%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27dd%27)&line=Not%20available Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)
network	error	URL: https://google.0wn.kr/v3/signin/_/AccountsSignInUi/jserror?script=https%3A%2F%2Fgoogle.0wn.kr%2Fv3%2Fsignin%2Fidentifier%3Fdsh%3DS1375788286%253A1681116506564739%26authuser%3D0%26continue%3Dhttps%253A%252F%252Fwww.google.com%252F%26ec%3DGAlAmgQ%26hl%3Den%26flowName%3DGlifWebSignIn%26flowEntry%3DAddSession&error=Failed%20to%20retrieve%20dependencies%20of%20service%20i1Z3Ub%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20e3uIRe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20A2sInc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20bSspM%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YHI3We%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20LDQI%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20fJpY1b%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MbBXlb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20SUKkyc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20BDnJmb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20K0PMbc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20EGw7Od%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20b3kMqb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20ZUKRxc%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20my67ye%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20YTxL4%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27dd%27)&line=Not%20available Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.youtube.com
fonts.gstatic.com
google.0wn.kr
www.gstatic.com
2a00:1450:4001:806::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
3.34.123.68
06a286841b02e0257d10853b79afe099641dc12a758d7c7285a84d6be4b34b59
1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a
34220228d511c7771ef00ed3705ba46290e01bfbb2fe52cbeaf239a264f9a7ea
41d27d7132de78c927e476f9e3ecc70f1a0be908702f5a6f65ca5799b9768e87
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4abc701cf9f19bdd7d403cf72a473b8488100a62b1f61a1cc1008312781801e4
64f65e6e4bd5b69d331112b7151bb34781b54b46b800b3cb9583dd242e252a42
7c7d4868e15e5d5a1c663e4a438bd0dba392be2de16535b0acdcc7bb694bf032
8c3dcd64a3c1de3f00ec177fdedf75263dae83b63a740f950d06498911eb37e3
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
c714fca69ec3e1f46f2e59d9fb5041b5a1f8f91ab4ff95778b050adfd4536d43
ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733
dfc155fd4601164fadab479c630ffb11a62677a0979e4293119f8333174bf2b4
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
fbbe41fe12666ab62e2d65cc329e7e628f3388d5052bcf98eca9ebd816d11311

google.0wn.kr Open in urlscan Pro 3.34.123.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

546 kBTransfer

2025 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

google.0wn.kr Open in urlscan Pro
3.34.123.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

546 kB
Transfer

2025 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!