service-publishing-client.pubste4.plutostaging.tv Open in urlscan Pro
2600:9000:2156:e400:13:f493:f040:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://service-publishing-client.pubste4.plutostaging.tv/
Submission: On May 09 via automatic, source certstream-suspicious (May 9th 2022, 3:43:27 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2600:9000:2156:e400:13:f493:f040:93a1, located in United States and belongs to AMAZON-02, US. The main domain is service-publishing-client.pubste4.plutostaging.tv.
TLS certificate: Issued by Amazon on June 8th 2021. Valid for: a year.

This is the only time service-publishing-client.pubste4.plutostaging.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2600:9000:215... 2600:9000:2156:e400:13:f493:f040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
12	5

6 2600:9000:2156:e400:13:f493:f040:93a1 (United States)

ASN16509 (AMAZON-02, US)

service-publishing-client.pubste4.plutostaging.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	plutostaging.tv service-publishing-client.pubste4.plutostaging.tv	668 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 179 accounts.google.com — Cisco Umbrella Rank: 120	44 KB
1	gstatic.com www.gstatic.com	34 KB
12	3

	Domain	Requested by
6	service-publishing-client.pubste4.plutostaging.tv	service-publishing-client.pubste4.plutostaging.tv
3	accounts.google.com	apis.google.com service-publishing-client.pubste4.plutostaging.tv www.gstatic.com
2	apis.google.com	service-publishing-client.pubste4.plutostaging.tv apis.google.com
1	www.gstatic.com	accounts.google.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
service-publishing-client.pubste4.plutostaging.tv Amazon	`2021-06-08` - `2022-07-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://service-publishing-client.pubste4.plutostaging.tv/
Frame ID: 4297035AD97D52131328EF8BAB444C02
Requests: 9 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: D0325225EC7A4DF84B0F3890C800FDF3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pluto TV Publishing

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]*accounts\.google\.com/o/oauth2

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

807 kB
Transfer

1713 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
service-publishing-client.pubste4.plutostaging.tv/ 6 KB
3 KB 472ms
407ms Document
text/html 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 477b7031aa2930a6a96410498a47d22814aa194c0ee55d56653776225e9055d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 09 May 2022 03:43:23 GMT
ETag: W/"fb352a3dc73966d272cb19cb4b277b73"
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: LRoLNYIXlNWpqxdXfNoBrViU69TDLw1F1tQqzEbMfxR5unzVN5cMGw==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront

GET
H/1.1 200
OK 2.18aadc69.chunk.css
service-publishing-client.pubste4.plutostaging.tv/static/css/ 435 KB
199 KB 415ms
415ms Stylesheet
text/css 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/static/css/2.18aadc69.chunk.css
Requested by: Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80162697fbec6ef4ec2501f8c063ea7aba9ac185fbe0ff194fae5b7dbb41d289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 03:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"dcb099de1edcc6b03a57109af60b07e9"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: text/css; charset=utf-8
Via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: zsqx181lU_pjw1V9y8vY-AuFqRDutg1se2GCeCPCLz2oeOFIe60eFw==

GET
H/1.1 200
OK main.12a8c592.chunk.css
service-publishing-client.pubste4.plutostaging.tv/static/css/ 10 KB
2 KB 438ms
416ms Stylesheet
text/css 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/static/css/main.12a8c592.chunk.css
Requested by: Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12351baac076908162f068a7bc64bab394d995000c4d5814cc30f4749e8f44f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 03:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"0478cadb74024601a405ed18061ab1be"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: text/css; charset=utf-8
Via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: f0tIPtA6TpRJTh8K3lbabmuUY3KCuRjp5zKTxsWBzM6pEZOBgC8fZw==

GET
H/1.1 200
OK 2.929930a7.chunk.js Show response
service-publishing-client.pubste4.plutostaging.tv/static/js/ 595 KB
167 KB 432ms
410ms Script
application/javascript 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/static/js/2.929930a7.chunk.js
Requested by: Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74dfeba96be9308b998853287210d2090e7b9fd0f17273d97f9b43bbbe8f8df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 03:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"c2665d5ab937805bc5114487637cebe1"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: arTAgY3Fb1Vo757RzheXK7PP3aEAh13jqVBm1B1mbCcZtrkn3Xx-8g==

GET
H/1.1 200
OK main.80dc7e92.chunk.js Show response
service-publishing-client.pubste4.plutostaging.tv/static/js/ 113 KB
24 KB 630ms
607ms Script
application/javascript 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/static/js/main.80dc7e92.chunk.js
Requested by: Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c511ca1186632d3805c0b4798977a27456ce7ba4b2af4c834e82c2de002fa079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 03:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"c41377fcc206008b513cb1ca9c5eb239"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: Y1sSTjDhhmqIaKaElzc0AS_MROSyBVKDuAsdoxi7I8y7zA4jxOoEQQ==

GET
H/1.1 200
OK PlutoTVlogo.b2d794b1.png
service-publishing-client.pubste4.plutostaging.tv/static/media/ 273 KB
273 KB 414ms
413ms Image
image/png 2600:9000:2156:e400:13:f493:f040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://service-publishing-client.pubste4.plutostaging.tv/static/media/PlutoTVlogo.b2d794b1.png
Requested by: Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/static/css/main.12a8c592.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:13:f493:f040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 521475438e0fc6c8faebce28c904679b9bfa60d90ced9bc353e5bffdb1b31024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/static/css/main.12a8c592.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 03:43:24 GMT
Via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
Last-Modified: Fri, 06 May 2022 22:36:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "fe3432814bfc9d4b0f2d8963bc9e3125"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279213
X-Amz-Cf-Id: cKR8ltVFAtLUVBBDLPFmP8lTJ6i5W5EX2QW70x14WttcZyNJqc0QIw==

GET
DATA 200
OK truncated
/ 60 KB
60 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28b30160af44428608dcf502197a7639f7516f3a467988939880ebcade836487

Request headers

Referer
Origin: https://service-publishing-client.pubste4.plutostaging.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 api.js Show response
apis.google.com/js/ 14 KB
6 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/static/js/2.929930a7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5541
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 09 May 2022 03:43:23 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d9fb14b7bd505434"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 03:43:23 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 108 KB
36 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37467190711bd7b1d71a86d8eb68d6f3f0f908229e951644192ae83226e5053c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service-publishing-client.pubste4.plutostaging.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36550
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 09:09:15 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame D032 280 B
1 KB 61ms
38ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e27b1a350026a08f7f47c5a2b50f4e4e635eb2026fa81ab77f0e03f318edf564

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kA1Nic29eomCWFt8rwolMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://service-publishing-client.pubste4.plutostaging.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kA1Nic29eomCWFt8rwolMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 03:43:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame D032 2 KB
851 B 40ms
23ms Other
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: service-publishing-client.pubste4.plutostaging.tv
URL: https://service-publishing-client.pubste4.plutostaging.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f31d3f32700afef63a5a2af47766740c001ac7be7327cd1e9f74248b89a36551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 09 May 2022 03:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.rwYmwlMqRts.es5.O/d=1/rs=AOaEmlFf580X7aFK5Za9ofQphgxaNmJt2w/ Frame D032 97 KB
34 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.rwYmwlMqRts.es5.O/d=1/rs=AOaEmlFf580X7aFK5Za9ofQphgxaNmJt2w/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846d1fa65fe4df00c42638cb5c340f76a16ccbc4266124badb510caa55b34a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 20:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33749
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 03:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 20:53:51 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame D032 49 B
95 B 36ms
36ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fservice-publishing-client.pubste4.plutostaging.tv&client_id=385681930280-t542cbp385soh20gtfluaia2kjca9dtt.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.rwYmwlMqRts.es5.O/d=1/rs=AOaEmlFf580X7aFK5Za9ofQphgxaNmJt2w/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fKpphBq9K6yt/gJk5JS17A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 03:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-fKpphBq9K6yt/gJk5JS17A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires: Mon, 09 May 2022 03:43:23 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.service-publishing-client.pubste4.plutostaging.tv/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 07:17:59	Name: NID Value: 511=luT7UKUhSgvuNOWi3eAaBYX0-L6fJZOarSDKiJ7l62vkfRGOLkHWtgBr0Iy3TgP7XZQSE-Z9q1CmuYIf2HkNsgiRNepvP8Wp8pvDjyxCSKw9E42xiDLp3Fg7oXeuqG_PfepwIr0csCSMMQ2o9wSNxSPSzYTP-lUwQMexYELKjTY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
service-publishing-client.pubste4.plutostaging.tv
www.gstatic.com
2600:9000:2156:e400:13:f493:f040:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200d
12351baac076908162f068a7bc64bab394d995000c4d5814cc30f4749e8f44f4
28b30160af44428608dcf502197a7639f7516f3a467988939880ebcade836487
37467190711bd7b1d71a86d8eb68d6f3f0f908229e951644192ae83226e5053c
477b7031aa2930a6a96410498a47d22814aa194c0ee55d56653776225e9055d4
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
521475438e0fc6c8faebce28c904679b9bfa60d90ced9bc353e5bffdb1b31024
74dfeba96be9308b998853287210d2090e7b9fd0f17273d97f9b43bbbe8f8df1
80162697fbec6ef4ec2501f8c063ea7aba9ac185fbe0ff194fae5b7dbb41d289
846d1fa65fe4df00c42638cb5c340f76a16ccbc4266124badb510caa55b34a65
a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb
c511ca1186632d3805c0b4798977a27456ce7ba4b2af4c834e82c2de002fa079
e27b1a350026a08f7f47c5a2b50f4e4e635eb2026fa81ab77f0e03f318edf564
f31d3f32700afef63a5a2af47766740c001ac7be7327cd1e9f74248b89a36551

service-publishing-client.pubste4.plutostaging.tv Open in urlscan Pro 2600:9000:2156:e400:13:f493:f040:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

807 kBTransfer

1713 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

service-publishing-client.pubste4.plutostaging.tv Open in urlscan Pro
2600:9000:2156:e400:13:f493:f040:93a1 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

807 kB
Transfer

1713 kB
Size

2
Cookies

12 HTTP transactions
1 data transactions