urlscan.io logo urlscan.io
SecurityTrails logo

accounts.bigbirdweb.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.bigbirdweb.com/
Effective URL: https://accounts.bigbirdweb.com/clientarea.php
Submission: On April 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.bigbirdweb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 23rd 2022. Valid for: a year.
This is the only time accounts.bigbirdweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
accounts.bigbirdweb.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
12 bigbirdweb.com
accounts.bigbirdweb.com
681 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 98
accounts.google.com — Cisco Umbrella Rank: 72
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
85 KB
1 gstatic.com
www.gstatic.com
34 KB
19 4
Domain Requested by
12 accounts.bigbirdweb.com 1 redirects accounts.bigbirdweb.com
3 accounts.google.com apis.google.com
accounts.bigbirdweb.com
www.gstatic.com
2 connect.facebook.net accounts.bigbirdweb.com
connect.facebook.net
2 apis.google.com accounts.bigbirdweb.com
apis.google.com
1 www.gstatic.com accounts.google.com
19 5

This site contains links to these domains. Also see Links.

Domain
www.bigbirdweb.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-23 -
2023-02-22		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://accounts.bigbirdweb.com/clientarea.php
Frame ID: 02FFF55A099F6CC915456F707EDDE91E
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E37E626176A4ADC7F2CEC45DF208318F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client Area - BigBirdWeb

Page URL History Show full URLs

  1. https://accounts.bigbirdweb.com/ HTTP 302
    https://accounts.bigbirdweb.com/clientarea.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

857 kB
Transfer

2047 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.bigbirdweb.com/ HTTP 302
    https://accounts.bigbirdweb.com/clientarea.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request clientarea.php
accounts.bigbirdweb.com/
Redirect Chain
  • https://accounts.bigbirdweb.com/
  • https://accounts.bigbirdweb.com/clientarea.php
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b82fce370b8218b9a0cffbff7440c83a407a38915640744e52bb1235a7abd1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
700360992d9a90ec-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 23 Apr 2022 03:05:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgroUG7duNpWL4JKo1YGQ%2BOTIO4n%2FSCdhnAk0xyhRJrHL6DEpyVhvde0HF4dd09860xMbEPZDMguEVsVQfXFX%2BJwCnid%2FoF3AwkU1WU5fp0nufRoGG54mM4pUi6qa4k3%2B91W1Rv%2BR6rh%2F1M3QGdPTlUOi2UAsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70036095db4f90ec-FRA
content-type
text/html; charset=utf-8
date
Sat, 23 Apr 2022 03:05:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
clientarea.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fygp9v5j70OftRLzemQ2mKQtgiM0zjDyRsv7qVzkEz9J3to6H9KBM2OEnfY%2BjI7wlrdTGWKXgeE4lIz%2B0xqoykRwkw4G%2FIEHjiUr5Uh4hF8yt8eRVx1g4xfIlYIDUzGTBiobLK1M4cO1bQ3Ge9Vi9sAwMC0Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Nunito
accounts.bigbirdweb.com/fonts.google.com/specimen/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/fonts.google.com/specimen/Nunito?selection.family=Nunito
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Apr 2022 03:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu1H0ZMlqiozaVjQxm2mGgpmFKKTiTJxosWwfgH%2BTw4LJdqAefQtea%2FvfBc0Kuq8EuJNfzvyhc8PUMR5zokh4rDTkJ2WHEE57Aa3w9a8rejCN0XXVHp1rPaDBqvZRofP6voReqTImB7zGpMwdGB%2Bo7V6GKpEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
7003609cb8e79104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
swiftmodders.css
accounts.bigbirdweb.com/templates/swiftmodders/css/ 		360 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/templates/swiftmodders/css/swiftmodders.css?v=d7d5f9
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37e3e123e1c507c9f767a76e49c4e93bd23a181c5f1f191bef015b1a79e3710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Oct 2019 17:45:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ms0HjskxLJtyjH8uajW6b7LyNiayWBPiY3zWFrG15%2BU0vOeNzOtKar778nglSNsYCHPyr2pgYP1JzysvCt5Mbk%2FeY8JOyjHiISILhyJ%2B8LbefRxpLBzH2uxW3MYbhvuGJBwLklJ7ZE%2B3ppdUWBD6sDyT%2FnnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7003609cb8e99104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swiftmodders.min.js
accounts.bigbirdweb.com/templates/swiftmodders/js/ 		649 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/templates/swiftmodders/js/swiftmodders.min.js?v=343eee
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b039a1a863de9fd452d774fe36c16e7a668ad49a472664c57e41e563d22abd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Oct 2019 17:42:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPjpZZLo3riAdepEtX5SVmq1SuImuiiXbHBy7Q3oTNHn7O9Thb%2FHcE2qdiHxAmuMBIapNdaKZ7XQCIr1xhn94wDrijFzUsoLIVEt2HPJlmHjnSbBqVrAK79nPfjNmIQy4N3PNZEgkuCrEloPkyaL7t7kjEl2ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7003609cb8ea9104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fontawesome-all.min.css
accounts.bigbirdweb.com/assets/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 03 Oct 2019 17:47:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MakL%2FY6kQhjuTGFRjCGWnQXDOYlQdfQnAAnc9Zl4U4VjcQi8vEM7ohkWb2yGs1eEzwqwrSXNhiDtjfi5QlW%2BA1Zg22%2FmD1Kf%2Fi%2FgqZ1n8McDrwhCAtf%2FiEHNkbWp46ajyhPJQ2wDU0nvJZZ0BpMkSQrMt1xWmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7003609cb8eb9104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bigbirdweblogo.png
accounts.bigbirdweb.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.bigbirdweb.com/bigbirdweblogo.png
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f2cfaf3f35f954dc1b07139c233abdcfcf8740529f5f285b501762e750e104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
cf-cache-status
MISS
last-modified
Tue, 24 Jul 2018 17:19:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEa2cZpvEZhwbANQjNioSMp3NBaCJE%2BTBTfz5j2MRB%2F29Ld0MHlgMNNHPGIybQWjie7TVQFCyFaxt6BQBFAy58lx%2Bv8REUzRETMq8AKKthVnqd7gdsTKKTlgwnptijlFZvx2sXhulbS0VtryLdKVeulqH3yE1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
700360a1fce99104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20531
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=startGoogleApp
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9588ed30dad4cb4c84f3276c056985b66737eb9c250c2ee1599125a070dc35
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20367
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sat, 23 Apr 2022 03:05:26 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"8d4137467da1f46c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Apr 2022 03:05:26 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f22f1d2c14749cc1f5906d3e089fce2f47a873bb5db14ecdf4d3d84f3a22aa55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qx3+B2QpS9qwE65KULehpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
wG6Oxcr9T/a2NAxwWSxzCVL06sSDukDJGYri/DxLwccJWrHsu3zn9qLSrMVlb3Xxmyp7rA83vaogc0B1LjV9Pw==
x-fb-trip-id
917726464
x-fb-content-md5
c5a653abb971776e62a8bea2b2fa53b8
x-frame-options
DENY
date
Sat, 23 Apr 2022 03:05:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fcabcf05d778e9906957a658cf4d558e"
timing-allow-origin
*
expires
Sat, 23 Apr 2022 03:05:42 GMT
login-background.jpg
accounts.bigbirdweb.com/templates/swiftmodders/img/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.bigbirdweb.com/templates/swiftmodders/img/login-background.jpg
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/templates/swiftmodders/css/swiftmodders.css?v=d7d5f9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7e303003d8b6d29f8eb3cb121538cb423335a93051f340ab2b4480755d40af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/templates/swiftmodders/css/swiftmodders.css?v=d7d5f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Oct 2019 17:42:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1GUibSfgAfya2L1g6f9c3Ob73RSXHi1TTkUMh1tM3O6%2B6m8ptKn0GLX2GTCtqRkChhb6YFBEsMbenWBvhy4h6b7rRXRyCbdMuLkSRWnheNtNyNoJtIKKOsXGfkBXUgZi1G6a5i%2FJ6FjIZvwN04K3cq3plap1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
700360a30d9e9104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
153602
fa-solid-900.woff2
accounts.bigbirdweb.com/assets/webfonts/ 		81 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/assets/webfonts/fa-solid-900.woff2
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523

Request headers

Referer
https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Origin
https://accounts.bigbirdweb.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Oct 2019 17:47:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH4Ez6uUay10hSyYa%2F9VPTokyhOvRjGTmWK4KzWH65YXvV7LJ22rddV8%2BfAIgvqdVYyo83TzXjI%2FGZfUMqUHCFHtEp7skL%2B5jpCMcc%2F5f9neokiC5ce8TDEZwdM54iQNh%2FHaakmdlNRk%2F%2Bx4XS0%2Bh0ICFzg1ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
700360a30da09104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83144
fa-brands-400.woff2
accounts.bigbirdweb.com/assets/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/assets/webfonts/fa-brands-400.woff2
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f

Request headers

Referer
https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Origin
https://accounts.bigbirdweb.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Oct 2019 17:47:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jnmy4iEKJ4ObpSNJP%2FmDHyUQHNjfYhcaNPC1esmpBwakRmlHArmNIgw4jPpq9gwK8PTECrH0FH9cwuAa8qDntdQtsOyWw4NuZb%2Bx3XfiPgqKXKkchfh%2FQ12035Rl3VJjPPW4YX9fPSp0vU%2FIfL6iuTnHxxzsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
700360a30da19104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64224
fa-regular-400.woff2
accounts.bigbirdweb.com/assets/webfonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/assets/webfonts/fa-regular-400.woff2
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6f6d662daf5cff3101520eef81c254b0419ea17cb8c0ae21acd6ab74eb74b

Request headers

Referer
https://accounts.bigbirdweb.com/assets/css/fontawesome-all.min.css
Origin
https://accounts.bigbirdweb.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Oct 2019 17:47:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75pp0PLjohs3afBu11XN1TsSLj9Fw67dH5ZztGpnd0o3vvo%2FZUioOhb%2Bm8YhFieb%2F02XYXNC706oHCkJuetCKuMmtxwRLdpdEk8aEtDp%2F1P0XtSoUGbhjUpZSEK8hPyrSae6HJKSWVRz5yV51LI9sx2VpthTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
700360a33db69104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99900
index.php
accounts.bigbirdweb.com/ 		124 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.bigbirdweb.com/index.php?rp=/announcements/twitterfeed
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/templates/swiftmodders/js/swiftmodders.min.js?v=343eee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00193e34971e88f4c0ab13c7fc239ad5659397ad6c88161ef862afc011c6ffc

Request headers

Accept
*/*
Referer
https://accounts.bigbirdweb.com/clientarea.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Apr 2022 03:05:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoLinMxKD%2FeSRtwjpRSOjJMFSD1UpyjiTtxG2f5nxE4Jgc%2BYOhmLY%2FGAATsiicd%2Fvvnaa%2Bb2EKJL1mMv09CdORqKjb%2BX9OWoDNk%2BKWl%2F3PI77VE8H9XDNnTMekP%2FEuRxCFC6G3liy4EQSSns0bsMR45Vkrzu%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
700360a34dc99104-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=da8173fe76c272bb450781b5bb135387
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f390c2d0951177131aac2b706b2b658da6656efc55cf3e76f1627f6db515ecd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://accounts.bigbirdweb.com/
Origin
https://accounts.bigbirdweb.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
C3p1zRaREyXfa54X5F8hXQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84324
x-fb-rlafr
0
x-fb-debug
P61+3xiMbh9zh2ZPPIUVe3R8I1oGFSvu0N1YHX8VBhWhBkiADkQNzUYnF2J/+aE4L4gmmEuN/8aDA7gPwzw0jA==
x-fb-content-md5
906febda2192cf4ecda98751164ec370
x-frame-options
DENY
date
Sat, 23 Apr 2022 03:05:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f41126c0aff78a95bcb03e7910bc927c"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 23 Apr 2023 02:07:06 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=startGoogleApp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37467190711bd7b1d71a86d8eb68d6f3f0f908229e951644192ae83226e5053c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.bigbirdweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 20:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36550
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Apr 2023 20:06:19 GMT
iframe
accounts.google.com/o/oauth2/ Frame E37E 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c19592288d0aacbc33a93c7317f3e4feb96ca3337d52c865fd1748562fa37ee1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A9VnN1k8AXFmOBdxjDB92w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.bigbirdweb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A9VnN1k8AXFmOBdxjDB92w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Apr 2022 03:05:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame E37E 		2 KB
851 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: accounts.bigbirdweb.com
URL: https://accounts.bigbirdweb.com/clientarea.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8156a0f820d148d22507be31905461e9b284c5118c7350caeb9d0c258585752c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 23 Apr 2022 03:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.-s_6dVFi_10.es5.O/d=1/rs=AOaEmlGJ4oaPIzDHHh6RmqcR_SwnypxUzQ/ Frame E37E 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.-s_6dVFi_10.es5.O/d=1/rs=AOaEmlGJ4oaPIzDHHh6RmqcR_SwnypxUzQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bb0c8f37be181ba0012966b86e2c7772a1b3c4d85b290761830899a9600b556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 05:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33684
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 20:41:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 05:10:58 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame E37E 		50 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Faccounts.bigbirdweb.com&client_id=67581620674-256noucqghnktaium1ug79ll63kcd039.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.-s_6dVFi_10.es5.O/d=1/rs=AOaEmlGJ4oaPIzDHHh6RmqcR_SwnypxUzQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6sokfna1ZpKHCTo3XMIIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 03:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-6sokfna1ZpKHCTo3XMIIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Sat, 23 Apr 2022 03:05:26 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| csrfToken string| markdownGuide string| locale string| saved string| saving string| whmcsBaseUrl string| requiredText string| recaptchaSiteKey function| checkAll function| clickableSafeRedirect function| popupWindow function| addRenewalToCart function| selectChangeNavigate function| extraTicketAttachment function| getStats function| checkPort function| getticketsuggestions function| refreshCustomFields function| autoSubmitFormByContainer function| useDefaultWhois function| useCustomWhois function| editBillingAddress function| showNewCardInputFields function| hideNewCardInputFields function| getTicketSuggestions function| smoothScroll function| irtpSubmit function| openModal function| updateAjaxModal function| dialogSubmit function| dialogClose undefined| lastTicketMsg boolean| recaptchaLoadComplete function| $ function| jQuery object| jQuery1124011645994186881503 object| WHMCS function| _getSettings function| _beforeRequest object| intlTelInputUtils function| Cookies function| Tether function| SmoothScroll function| onLoginClick function| fbAsyncInit object| googleUser function| startGoogleApp function| onSignIn object| FB object| gapi object| ___jsl object| osapi

3 Cookies

Domain/Path Name / Value
accounts.bigbirdweb.com/ Name: WHMCSrbysXYxMsN5z
Value: 133deae262771423c7c3c932c29316ea
.accounts.bigbirdweb.com/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=J3YBkTB5_KBhsanZBBjrSjvXyfQ0vOYV3I5k-7jQ7QV6tx6JXislf-QopSrfBSRFgu5ukh5KrVQ6NwZDfj0UIrzu4NgcN_NEn64-3PYyr2QWyZ28UoHOgyOVZPHF28n7Ih1ITvpcjW59ezupM3rN6BbeaNipQpBwkAiVEEymxNg

3 Console Messages

Source Level URL
Text
network error URL: https://accounts.bigbirdweb.com/fonts.google.com/specimen/Nunito?selection.family=Nunito
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bigbirdweb.com
accounts.google.com
apis.google.com
connect.facebook.net
www.gstatic.com
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200d
2a03:2880:f02d:100:face:b00c:0:3
2a06:98c1:3121::7
2b82fce370b8218b9a0cffbff7440c83a407a38915640744e52bb1235a7abd1b
2bb0c8f37be181ba0012966b86e2c7772a1b3c4d85b290761830899a9600b556
37467190711bd7b1d71a86d8eb68d6f3f0f908229e951644192ae83226e5053c
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
7fe6f6d662daf5cff3101520eef81c254b0419ea17cb8c0ae21acd6ab74eb74b
8156a0f820d148d22507be31905461e9b284c5118c7350caeb9d0c258585752c
8c9588ed30dad4cb4c84f3276c056985b66737eb9c250c2ee1599125a070dc35
96f2cfaf3f35f954dc1b07139c233abdcfcf8740529f5f285b501762e750e104
9e7e303003d8b6d29f8eb3cb121538cb423335a93051f340ab2b4480755d40af
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f
b039a1a863de9fd452d774fe36c16e7a668ad49a472664c57e41e563d22abd86
c19592288d0aacbc33a93c7317f3e4feb96ca3337d52c865fd1748562fa37ee1
d00193e34971e88f4c0ab13c7fc239ad5659397ad6c88161ef862afc011c6ffc
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
e37e3e123e1c507c9f767a76e49c4e93bd23a181c5f1f191bef015b1a79e3710
f22f1d2c14749cc1f5906d3e089fce2f47a873bb5db14ecdf4d3d84f3a22aa55
f390c2d0951177131aac2b706b2b658da6656efc55cf3e76f1627f6db515ecd0