signin.pjrk242.com Open in urlscan Pro
65.61.73.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://signin.pjrk242.com/
Submission: On March 26 via automatic, source certstream-suspicious (March 26th 2023, 6:47:55 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 65.61.73.123, located in Hillsboro, United States and belongs to RRV-NET, US. The main domain is signin.pjrk242.com.
TLS certificate: Issued by R3 on March 26th 2023. Valid for: 3 months.

This is the only time signin.pjrk242.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	65.61.73.123 65.61.73.123	21730 (RRV-NET) (RRV-NET)
3	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2011	15169 (GOOGLE) (GOOGLE)
12	5

4 65.61.73.123 (Hillsboro, United States)

ASN21730 (RRV-NET, US)
PTR: 65-61-73-123.ip.rrv.net

signin.pjrk242.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.pjrk242.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	pjrk242.com signin.pjrk242.com media.pjrk242.com	9 KB
3	gstatic.com fonts.gstatic.com	57 KB
3	google.com accounts.google.com — Cisco Umbrella Rank: 72	116 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 583
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
12	5

	Domain	Requested by
3	fonts.gstatic.com	fonts.googleapis.com
3	accounts.google.com	signin.pjrk242.com accounts.google.com
3	media.pjrk242.com	signin.pjrk242.com
1	csp.withgoogle.com	signin.pjrk242.com
1	fonts.googleapis.com	media.pjrk242.com
1	signin.pjrk242.com
12	6

This site contains no links.

Subject Issuer	Validity	Valid
signin.pjrk242.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
media.pjrk242.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://signin.pjrk242.com/
Frame ID: 6A68CE80392E9647A17E0A8813A45A52
Requests: 9 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=filled_blue&text=signin_with&size=large&logo_alignment=left&width=280&client_id=462640390347-n3pdg23fek4k8tuhei4c5g1en4ffcuss.apps.googleusercontent.com&iframe_id=gsi_267824_550316&as=RTTKeqzE%2FILeM%2FBnnjCwhA&hl=en-US
Frame ID: 2F8B1C77F4AEDF2A7A5ED81C234B8147
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PjrK242 » Sign in

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

12
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

183 kB
Transfer

397 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
signin.pjrk242.com/ 3 KB
2 KB 425ms
132ms Document
text/html 65.61.73.123
RRV-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.pjrk242.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.61.73.123 Hillsboro, United States, ASN21730 (RRV-NET, US),

Reverse DNS

65-61-73-123.ip.rrv.net

Software

Apache /

Resource Hash

f1834b9cced1b4d15f654a2978b7f3b06bb942a857a08b807699635d0ae9188d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk1XL8G_j4xrgJiZXewAAAAA' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, immutable
Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 1012
Content-Security-Policy: default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk1XL8G_j4xrgJiZXewAAAAA' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Content-Security-Policy-Report-Only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/
Content-Type: text/html; charset=UTF-8
Cross-Origin-Opener-Policy: same-origin-allow-popups
Date: Sun, 26 Mar 2023 06:47:47 GMT
Keep-Alive: timeout=5, max=100
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none

GET
H/1.1 200
OK styles.css
media.pjrk242.com/styles/ 6 KB
3 KB 432ms
131ms Stylesheet
text/css 65.61.73.123
RRV-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.pjrk242.com/styles/styles.css

Requested by

Host: signin.pjrk242.com
URL: https://signin.pjrk242.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.61.73.123 Hillsboro, United States, ASN21730 (RRV-NET, US),

Reverse DNS

65-61-73-123.ip.rrv.net

Software

Apache /

Resource Hash

f8b247ef9f41d10c619610f5de66153add287dc3cb2b6c3003f7e14f755ec85c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk9Nn3cR_bDR6sva0nQAAAA8' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signin.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 06:47:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk9Nn3cR_bDR6sva0nQAAAA8' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy-Report-Only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/
Connection: Keep-Alive
Content-Length: 1644
Referrer-Policy: strict-origin
Last-Modified: Mon, 10 Oct 2022 03:22:53 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Content-Language: en-US
Cache-Control: max-age=0, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK login.css
media.pjrk242.com/styles/ 2 KB
2 KB 441ms
132ms Stylesheet
text/css 65.61.73.123
RRV-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.pjrk242.com/styles/login.css

Requested by

Host: signin.pjrk242.com
URL: https://signin.pjrk242.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.61.73.123 Hillsboro, United States, ASN21730 (RRV-NET, US),

Reverse DNS

65-61-73-123.ip.rrv.net

Software

Apache /

Resource Hash

c686669993422ddffbd2fb6018d80331929426ef992fcf7b9357266eef0d2653

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk4c-ebANLkLYsFqV6wAAAAE' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signin.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 06:47:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk4c-ebANLkLYsFqV6wAAAAE' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy-Report-Only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/
Connection: Keep-Alive
Content-Length: 836
Referrer-Policy: strict-origin
Last-Modified: Thu, 29 Sep 2022 06:15:18 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Content-Language: en-US
Cache-Control: max-age=0, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK signin.js Show response
media.pjrk242.com/scripts/ 971 B
2 KB 434ms
131ms Script
text/javascript 65.61.73.123
RRV-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.pjrk242.com/scripts/signin.js

Requested by

Host: signin.pjrk242.com
URL: https://signin.pjrk242.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.61.73.123 Hillsboro, United States, ASN21730 (RRV-NET, US),

Reverse DNS

65-61-73-123.ip.rrv.net

Software

Apache /

Resource Hash

bd49031c2ddc0ea97aff458a84813335ca23efb936c354d247dfc39ffe643f6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk-S7uXylprCGmI27LgAAAAk' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signin.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 06:47:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk-S7uXylprCGmI27LgAAAAk' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy-Report-Only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/
Connection: Keep-Alive
Content-Length: 371
Referrer-Policy: strict-origin
Last-Modified: Thu, 29 Sep 2022 06:03:31 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-origin-allow-popups
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Content-Language: en-US
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 73ms
32ms Script
application/javascript 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: signin.pjrk242.com
URL: https://signin.pjrk242.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d032973013d60e5f3ce7d915ef88bb5cb00da9b7c103f466a6c9a1e95dbcace

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-auFD8RGFZnelOw261pjP3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signin.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 06:47:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-auFD8RGFZnelOw261pjP3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 26 Mar 2023 06:47:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 49ms
20ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Merriweather&family=Orbitron&display=swap

Requested by

Host: media.pjrk242.com
URL: https://media.pjrk242.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d27861646b546bd2b50fcd661b85e0422a4b71b0a1c61bd3337925a865fb7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 06:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 06:47:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Mar 2023 06:47:47 GMT

GET
H2 200 yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWgz.woff2
fonts.gstatic.com/s/orbitron/v29/ 6 KB
7 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/orbitron/v29/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWgz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Merriweather&family=Orbitron&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86c1fb414f63ee99909ce9a87d1f37a084cfb034b3a9a62dfbbcecb25a0a68f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://signin.pjrk242.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 12:24:15 GMT
x-content-type-options: nosniff
age: 411812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6204
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:53:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 12:24:15 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Merriweather&family=Orbitron&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://signin.pjrk242.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 425406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 65ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-f422RnN3ZvPO8h8ZVlUR0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signin.pjrk242.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 06:47:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-f422RnN3ZvPO8h8ZVlUR0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 26 Mar 2023 06:47:47 GMT

GET
H2 200 button Show response
accounts.google.com/gsi/ Frame 2F8B 107 KB
38 KB 89ms
88ms Document
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=filled_blue&text=signin_with&size=large&logo_alignment=left&width=280&client_id=462640390347-n3pdg23fek4k8tuhei4c5g1en4ffcuss.apps.googleusercontent.com&iframe_id=gsi_267824_550316&as=RTTKeqzE%2FILeM%2FBnnjCwhA&hl=en-US

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c02a374e5576ca6fabdc85988f6446087ffc25c09049185fc9bea01e4133dfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0VmgZcYREi5H2xsHMvtw6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.pjrk242.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0VmgZcYREi5H2xsHMvtw6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 06:47:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 2F8B 0
0 67ms
20ms Other
text/html 2a00:1450:4001:829::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: signin.pjrk242.com
URL: https://signin.pjrk242.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accounts.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 2F8B 51 KB
27 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 08:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 08:53:16 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://signin.pjrk242.com/ Message: [Report Only] Refused to load the script 'https://media.pjrk242.com/scripts/signin.js' because it violates the following Content Security Policy directive: "script-src https://accounts.google.com/gsi/client". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://accounts.google.com/gsi/client(Line 286) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style". Either the 'unsafe-inline' keyword, a hash ('sha256-lmto2U1o7YINyHPg9TOCjIt+o5pSFNU/T2oLxDPF+uw='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://accounts.google.com/gsi/client(Line 100) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style". Either the 'unsafe-inline' keyword, a hash ('sha256-mGh7ZQI8JMOCxHUgh6skANx5HsMr9wkj6yfOgmlKtPU='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src media.pjrk242.com; style-src media.pjrk242.com https://fonts.googleapis.com https://accounts.google.com/gsi/style; script-src 'unsafe-inline' https: 'nonce-ZB_qk1XL8G_j4xrgJiZXewAAAAA' 'strict-dynamic'; connect-src https://accounts.google.com/gsi/; font-src *; object-src 'none'; child-src 'self'; frame-src https://accounts.google.com/gsi/; frame-ancestors 'none'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
csp.withgoogle.com
fonts.googleapis.com
fonts.gstatic.com
media.pjrk242.com
signin.pjrk242.com
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2011
2a00:1450:4001:831::200d
65.61.73.123
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
5d032973013d60e5f3ce7d915ef88bb5cb00da9b7c103f466a6c9a1e95dbcace
7d27861646b546bd2b50fcd661b85e0422a4b71b0a1c61bd3337925a865fb7a3
86c1fb414f63ee99909ce9a87d1f37a084cfb034b3a9a62dfbbcecb25a0a68f4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9c02a374e5576ca6fabdc85988f6446087ffc25c09049185fc9bea01e4133dfd
bd49031c2ddc0ea97aff458a84813335ca23efb936c354d247dfc39ffe643f6f
c686669993422ddffbd2fb6018d80331929426ef992fcf7b9357266eef0d2653
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
f1834b9cced1b4d15f654a2978b7f3b06bb942a857a08b807699635d0ae9188d
f8b247ef9f41d10c619610f5de66153add287dc3cb2b6c3003f7e14f755ec85c

signin.pjrk242.com Open in urlscan Pro 65.61.73.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

183 kBTransfer

397 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

signin.pjrk242.com Open in urlscan Pro
65.61.73.123 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

183 kB
Transfer

397 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions