diff --git a/backend/internal/repository/http_upstream.go b/backend/internal/repository/http_upstream.go
index 6e97e192..d90a1755 100644
--- a/backend/internal/repository/http_upstream.go
+++ b/backend/internal/repository/http_upstream.go
@@ -124,6 +124,15 @@ func NewHTTPUpstream(cfg *config.Config) service.HTTPUpstream {
 //   - 调用方必须关闭 resp.Body，否则会导致 inFlight 计数泄漏
 //   - inFlight > 0 的客户端不会被淘汰，确保活跃请求不被中断
 func (s *httpUpstreamService) Do(req *http.Request, proxyURL string, accountID int64, accountConcurrency int) (*http.Response, error) {
+	// Node.js TLS 代理：Anthropic + Google APIs（无 per-account 代理时）
+	if s.isNodeTLSProxyEnabled() && proxyURL == "" && req != nil && req.URL != nil && req.URL.Scheme == "https" {
+		host := req.URL.Hostname()
+		if host == "api.anthropic.com" ||
+			strings.HasSuffix(host, ".googleapis.com") {
+			return s.doViaNodeTLSProxy(req, proxyURL, accountID, accountConcurrency)
+		}
+	}
+
 	if err := s.validateRequestHost(req); err != nil {
 		return nil, err
 	}
@@ -175,10 +184,12 @@ func (s *httpUpstreamService) DoWithTLS(req *http.Request, proxyURL string, acco
 		return s.Do(req, proxyURL, accountID, accountConcurrency)
 	}
 
-	// 优先使用 Node.js TLS 代理模式（仅 Anthropic API 且无 per-account 代理）
-	// 如果账号配置了独立代理，走原有 uTLS 路径（保持代理 IP 不变）
-	if s.isNodeTLSProxyEnabled() && proxyURL == "" && req != nil && req.URL != nil && req.URL.Hostname() == "api.anthropic.com" {
-		return s.doViaNodeTLSProxy(req, proxyURL, accountID, accountConcurrency)
+	// 优先使用 Node.js TLS 代理模式（Anthropic + Google APIs，无 per-account 代理）
+	if s.isNodeTLSProxyEnabled() && proxyURL == "" && req != nil && req.URL != nil {
+		host := req.URL.Hostname()
+		if host == "api.anthropic.com" || strings.HasSuffix(host, ".googleapis.com") {
+			return s.doViaNodeTLSProxy(req, proxyURL, accountID, accountConcurrency)
+		}
 	}
 
 	// TLS 指纹已启用，记录调试日志