accounts.google.com Open in urlscan Pro
2a00:1450:4001:812::200d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%...
Submission Tags: @phishunt_io
Submission: On January 25 via api (January 25th 2023, 8:50:07 pm UTC) from DE — Scanned from DE

Summary HTTP 7 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2a00:1450:4001:812::200d, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is accounts.google.com. The Cisco Umbrella rank of the primary domain is 75.
TLS certificate: Issued by GTS CA 1C3 on January 9th 2023. Valid for: 3 months.

This is the only time accounts.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
7	4

3 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

accounts.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	google.com accounts.google.com — Cisco Umbrella Rank: 75	64 KB
2	youtube.com accounts.youtube.com — Cisco Umbrella Rank: 818	14 KB
1	gstatic.com ssl.gstatic.com	4 KB
7	3

	Domain	Requested by
3	accounts.google.com	accounts.google.com
2	accounts.youtube.com	accounts.google.com
1	ssl.gstatic.com	accounts.google.com
7	3

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
accounts.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&followup=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfBN95bNziiZsRAlDlr0u3Ab9bbWnDGIylVDOr9v2_tdz5cIxGZdOymfDrasAqaFK2YQ8bX6Q
Frame ID: E1F80972A06995BA1546720E510D1728
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 8CEF903BF46BAB869307DDE51B77B3D8
Requests: 1 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https://accounts.google.com&v=-23758342&timestamp=1674679803124
Frame ID: 7074BAEB8194E5FCB5F423B5F2672FF3
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/v3/signin/_/AccountsSignInUi/cspreport
Frame ID: 046D50C9288394BBA1556430443A12C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden – Google Konten

Page Statistics

7
Requests

86 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

81 kB
Transfer

186 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/chrome/answer/6130773?hl=de
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=de&p=account_iph
Title: Hilfe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request identifier Show response
accounts.google.com/v3/signin/ 152 KB
63 KB 306ms
282ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&followup=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfBN95bNziiZsRAlDlr0u3Ab9bbWnDGIylVDOr9v2_tdz5cIxGZdOymfDrasAqaFK2YQ8bX6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6618edfe0e10a173fdcba1e3c6de6fbdc5dfbb42e44f0b21b82de395e54352d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4nhE4ThQLBjXC4_WkCQSQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4nhE4ThQLBjXC4_WkCQSQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin
cross-origin-resource-policy: same-site
date: Wed, 25 Jan 2023 20:50:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-auto-login: realm=com.google&args=continue%3Dhttps://sites.google.com/view/qweytrrty
x-content-type-options: nosniff
x-frame-options: DENY
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/v3/signin/_/AccountsSignInUi/ 0
499 B 67ms
66ms Other
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/v3/signin/_/AccountsSignInUi/cspreport

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&followup=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfBN95bNziiZsRAlDlr0u3Ab9bbWnDGIylVDOr9v2_tdz5cIxGZdOymfDrasAqaFK2YQ8bX6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'report-sample' 'nonce-2jfebNFo-13PRlmLF30XeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&followup=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfBN95bNziiZsRAlDlr0u3Ab9bbWnDGIylVDOr9v2_tdz5cIxGZdOymfDrasAqaFK2YQ8bX6Q
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 25 Jan 2023 20:50:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'report-sample' 'nonce-2jfebNFo-13PRlmLF30XeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_74x24dp.png
ssl.gstatic.com/images/branding/googlelogo/2x/ 3 KB
4 KB 96ms
20ms Image
image/png 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28b6edd1e2bebc00c9d9f9aaf6bf2b37dfab3ebb600f7eeedc8eb30915d793ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 11:49:02 GMT
x-content-type-options: nosniff
age: 205261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3240
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jan 2024 11:49:02 GMT

GET
H3 200 bscframe Show response
accounts.google.com/_/ Frame 8CEF 15 B
68 B 238ms
238ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/bscframe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin
cross-origin-resource-policy: same-site
date: Wed, 25 Jan 2023 20:50:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 CheckConnection Show response
accounts.youtube.com/accounts/ Frame 7074 29 KB
12 KB 135ms
66ms Document
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.youtube.com/accounts/CheckConnection?pmpo=https://accounts.google.com&v=-23758342&timestamp=1674679803124

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d444bd11c5d878ad66c7b0603494b9889d2b1050344f4274f6402959a5678e89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://accounts.google.com script-src 'report-sample' 'nonce-C7zJDdIlAcvZTDXZWf8myw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://accounts.google.com
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://accounts.google.com script-src 'report-sample' 'nonce-C7zJDdIlAcvZTDXZWf8myw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 20:50:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://accounts.google.com
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a88c103245471928655f8cc20e9e87b3b6eb7607d47df736b7f296891dac66d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 404 cspreport
accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/ Frame 7074 2 KB
2 KB 20ms
19ms Other
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/cspreport
Requested by: Host: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?dsh=S1376115403%3A1674679801908676&continue=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&followup=https%3A%2F%2Fsites.google.com%2Fview%2Fqweytrrty&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfBN95bNziiZsRAlDlr0u3Ab9bbWnDGIylVDOr9v2_tdz5cIxGZdOymfDrasAqaFK2YQ8bX6Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d5f986569d61220db701c5d5b5865b8e71c080e34dd96cb8c3102e31fe7bdb77

Request headers

Referer: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https://accounts.google.com&v=-23758342&timestamp=1674679803124
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 25 Jan 2023 20:50:03 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1613
content-type: text/html; charset=UTF-8

POST cspreport
accounts.google.com/v3/signin/_/AccountsSignInUi/ Frame 046D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/_/AccountsSignInUi/cspreport

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| botguard

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.google.com/	1970-01-20 18:47:19	Name: __Host-GAPS Value: 1:3m-DQFJ568vcyGkIzDJePR0WbUpscQ:piz8JF88K7fBunli
			.google.com/	1970-01-20 13:34:51	Name: NID Value: 511=ZHCfVC-JVo853wYibE2mleRYbRz7guE9XztDzrxE8tsycTFsu9VYc-SMKjtwXZR5Vo-d6BWkX_SJhWBp4XTW4PLwLeE0MfAjooHIV4mATE9HOr2ys_tdQxsuIvvblqY1C4aIFtlDYdHo51lEY56eKJ1l5I8JUiiqlJAMfCSegqw

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.youtube.com/_/AccountsDomainCookiesCheckConnectionHttp/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4nhE4ThQLBjXC4_WkCQSQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
accounts.youtube.com
ssl.gstatic.com
accounts.google.com
2a00:1450:4001:812::200d
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2003
28b6edd1e2bebc00c9d9f9aaf6bf2b37dfab3ebb600f7eeedc8eb30915d793ec
6618edfe0e10a173fdcba1e3c6de6fbdc5dfbb42e44f0b21b82de395e54352d6
a88c103245471928655f8cc20e9e87b3b6eb7607d47df736b7f296891dac66d2
c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e
d444bd11c5d878ad66c7b0603494b9889d2b1050344f4274f6402959a5678e89
d5f986569d61220db701c5d5b5865b8e71c080e34dd96cb8c3102e31fe7bdb77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

accounts.google.com Open in urlscan Pro 2a00:1450:4001:812::200d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

86 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

81 kBTransfer

186 kBSize

2 Cookies

2 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

5 Console Messages

Security Headers

Indicators

accounts.google.com Open in urlscan Pro
2a00:1450:4001:812::200d Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

81 kB
Transfer

186 kB
Size

2
Cookies

7 HTTP transactions
1 data transactions