spotify-konto-reaktivierung.cleverapps.io Open in urlscan Pro
185.42.117.192 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/DBDOCTOR.php
Effective URL:
https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Submission: On September 12 via manual (September 12th 2023, 2:21:29 am UTC) from LU — Scanned from FR

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 31 HTTP transactions. The main IP is 185.42.117.192, located in France and belongs to MAGICRETAIL, FR. The main domain is spotify-konto-reaktivierung.cleverapps.io.
TLS certificate: Issued by R3 on August 23rd 2023. Valid for: 3 months.

This is the only time spotify-konto-reaktivierung.cleverapps.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 16	185.42.117.192 185.42.117.192	43424 (MAGICRETAIL) (MAGICRETAIL)
1	146.75.118.248 146.75.118.248	54113 (FASTLY) (FASTLY)
1	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1 3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
3	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
31	13

16 185.42.117.192 (France) 1 redirects

ASN43424 (MAGICRETAIL, FR)

spotify-konto-reaktivierung.cleverapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.248 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

4721227.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

sp-bootstrap.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cleverapps.io 1 redirects spotify-konto-reaktivierung.cleverapps.io	170 KB
4	doubleclick.net 1 redirects 4721227.fls.doubleclick.net — Cisco Umbrella Rank: 23722 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 404	14 KB
3	fastly.net sp-bootstrap.global.ssl.fastly.net — Cisco Umbrella Rank: 416163	200 KB
2	google.fr 1 redirects adservice.google.fr — Cisco Umbrella Rank: 37731 www.google.fr — Cisco Umbrella Rank: 14881	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 122 www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 156	18 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 642	462 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	32 KB
1	scdn.co www.scdn.co — Cisco Umbrella Rank: 52432	4 KB
31	10

	Domain	Requested by
16	spotify-konto-reaktivierung.cleverapps.io	1 redirects spotify-konto-reaktivierung.cleverapps.io
3	bat.bing.com	4721227.fls.doubleclick.net bat.bing.com
3	sp-bootstrap.global.ssl.fastly.net	spotify-konto-reaktivierung.cleverapps.io
3	4721227.fls.doubleclick.net	1 redirects spotify-konto-reaktivierung.cleverapps.io adservice.google.com
1	www.google.fr	4721227.fls.doubleclick.net
1	www.google.com	4721227.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	4721227.fls.doubleclick.net
1	insight.adsrvr.org	4721227.fls.doubleclick.net
1	adservice.google.fr	1 redirects
1	adservice.google.com	4721227.fls.doubleclick.net
1	connect.facebook.net	spotify-konto-reaktivierung.cleverapps.io
1	www.scdn.co	spotify-konto-reaktivierung.cleverapps.io
31	13

This site contains links to these domains. Also see Links.

Domain
www.spotify.com

Subject Issuer	Validity	Valid
*.cleverapps.io R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh
*.scdn.co GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-07` - `2024-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-05` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Frame ID: 3362B4D95E492DE3D2FAF61FFA4E1D15
Requests: 21 HTTP requests in this frame

Frame: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/activityi(2).html
Frame ID: 59B18212A899306C34875B850DC1F2BA
Requests: 1 HTTP requests in this frame

Frame: https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html
Frame ID: CC5984C70F5D3DE52E4A4D7C418BD747
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html
Frame ID: DECBB70ABD679B68652983C3708FDB90
Requests: 1 HTTP requests in this frame

Frame: https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html
Frame ID: 9537E04E5278F802E69560A6FEB9292B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manage My Account

Page URL History Show full URLs

https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/DBDOCTOR.php HTTP 302
https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

442 kB
Transfer

1115 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.spotify.com/int/logout/
Title: Log Out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/DBDOCTOR.php HTTP 302
https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://4721227.fls.doubleclick.net/activityi;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html HTTP 302
https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

Request Chain 23

https://adservice.google.fr/ddm/fls/i/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html HTTP 302
https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

31 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request summary.php Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/
Redirect Chain

https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/DBDOCTOR.php
https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php

26 KB
7 KB

78ms
77ms

Document
text/html

185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0389df1e2df00d618572609a7232e097a7e9963baf46c749bac9781a7063d5f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Content-Length: 7121
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Sep 2023 02:21:24 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Sozu-Id: 01HA3K30YJ6427VQ2W4HQ7W14D
Vary: Accept-Encoding

Redirect headers

Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Sep 2023 02:21:24 GMT
Location: summary.php
Server: Apache
Sozu-Id: 01HA3K30YJ6427VQ2W4HQ7W14D

GET
H/1.1 200
OK sp-analytics-a3e2493d01.js Show response
www.scdn.co/build/js/ 8 KB
4 KB 724ms
205ms Script
application/javascript 146.75.118.248
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/js/sp-analytics-a3e2493d01.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.248 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:25 GMT
Content-Encoding: gzip
Age: 570287
x-amz-meta-goog-reserved-file-mtime: 1533804724
X-Cache: HIT, MISS
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2934
X-Served-By: cache-chi-klot8100105-CHI, cache-fra-eddf8230023-FRA
Last-Modified: Thu, 09 Aug 2018 08:55:55 GMT
ETag: "3b8ea9b9fed8d12d22fd1c7b7c4367b8"
x-goog-generation: 1533804955085745
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 7969
x-amz-checksum-crc32c: n4QGTQ==
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 55, 0

GET
H2 200 1483047915331997 Show response
connect.facebook.net/signals/config/ 109 KB
32 KB 596ms
85ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1483047915331997?v=2.8.12&r=stable

Requested by

Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

643560985cf3b9a6fe37ad7dceeec802a0ba06e0005a024e0621894401e7cc6b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Sep 2023 02:21:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31501
x-xss-protection: 0
pragma: public
x-fb-debug: 8iQrrqDQBHuKJZzClvY4ephgxSgCIVk9nedIhpVrFnP3XojIPopaFcCrvG74sMY5qVn6Ca+acG3ik6XrAnVREA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK spotify-543b91ee3c.css
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 326 KB
52 KB 150ms
146ms Stylesheet
text/css 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/spotify-543b91ee3c.css
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: a79a0f1bacae7225ef96dd5c50a58a342fb5feba7b6c0293ce2a56a29f6b24c1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:03 GMT
Server: Apache
ETag: "517a2-602f77d55bb95-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Sozu-Id: 01HA3K31A3G3SVCM98ZQ02CEQP
Accept-Ranges: bytes
Content-Length: 52888

GET
H/1.1 200
OK account-4445741da9.css
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 111 KB
21 KB 242ms
65ms Stylesheet
text/css 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/account-4445741da9.css
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 271b738ea03c0a47b2bf4d08eae8ddcd83de610b7b680e16523be08234522c28

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:03:56 GMT
Server: Apache
ETag: "1ba2b-602f77cf61f42-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Sozu-Id: 01HA3K31CA1ZBHS8MTAQT434VR
Accept-Ranges: bytes
Content-Length: 20692

GET
H/1.1 200
OK embedded-checkout-7f51b6350a.css
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 16 KB
5 KB 313ms
66ms Stylesheet
text/css 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/embedded-checkout-7f51b6350a.css
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: b51a12e6f6aba4d92f45d4b4ac003fa0285821f26b77b4f8c3af5ac774a10dbb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:03:58 GMT
Server: Apache
ETag: "3f82-602f77d14152d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Sozu-Id: 01HA3K31FJQYQ7HMFRQG8F8X5T
Accept-Ranges: bytes
Content-Length: 4735

GET
H/1.1 200
OK jquery.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 84 KB
30 KB 362ms
87ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "15144-602f77d2e8094-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31GG69SFY2SCD2A7CXJ5
Accept-Ranges: bytes
Content-Length: 30002

GET
H/1.1 200
OK jquery.maskedinput.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 10 KB
3 KB 352ms
77ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.maskedinput.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: b63e5bcbf53f3f1ab4bcf0845a900fab7b25981693e753d73cfd2784a8046446

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "2805-602f77d332ba6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31GDM9W9M1AW9AHSCJX3
Accept-Ranges: bytes
Content-Length: 2618

GET
H/1.1 200
OK jquery.validate.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 45 KB
12 KB 358ms
83ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.validate.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: d030f6633a5d0efd3f76fcf5ec98a0468c76770e618a401ffe5ddc7f6ccc844b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:01 GMT
Server: Apache
ETag: "b4bb-602f77d395f56-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31GTKMH25X6XAJYX4EVW
Accept-Ranges: bytes
Content-Length: 12317

GET
H/1.1 200
OK jquery.additional-methods.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 22 KB
6 KB 381ms
92ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.additional-methods.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 72d04d4e4fec062d1c4ef989026f021267b61ffa1d0350855a7007e81f49bba6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "56ed-602f77d27d674-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31H4XQEXPCGDNTQJ8E2N
Accept-Ranges: bytes
Content-Length: 5586

GET
H/1.1 200
OK jquery.v-form.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 7 KB
2 KB 413ms
98ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.v-form.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4e5b8d16044077193472b2bad96dabf3f322452461b533f469846de23b94995f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "1bc7-602f77d332ba6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31MD657JHQHCPMFEZYE4
Accept-Ranges: bytes
Content-Length: 1768

GET
H/1.1 200
OK jquery.CardValidator.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 6 KB
2 KB 471ms
124ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.CardValidator.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8802adf5641c1056fcf4feeeabb83be1b1e3724d9b460cecc791dfdd6422bc3b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "18df-602f77d28aeab-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31HABVCEJMX2YCHA6EBS
Accept-Ranges: bytes
Content-Length: 2082

GET
H/1.1 200
OK jquery.mask.js Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 18 KB
5 KB 471ms
117ms Script
application/javascript 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/jquery.mask.js
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 15:04:00 GMT
Server: Apache
ETag: "47fe-602f77d2e650f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Sozu-Id: 01HA3K31GDM9W9M1AW9AHSCJX3
Accept-Ranges: bytes
Content-Length: 4948

GET
H/1.1 200
OK activityi(2).html Show response
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ Frame 59B1 526 B
719 B 347ms
72ms Document
text/html 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/activityi(2).html
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 368050e24650d085ae45ff96cb255eafd8196154f484969f0492ceaab7d9d9c5

Request headers

Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 417
Content-Type: text/html
Date: Tue, 12 Sep 2023 02:21:24 GMT
ETag: "20e-602f77cf8c45d-gzip"
Last-Modified: Tue, 15 Aug 2023 15:03:57 GMT
Server: Apache
Sozu-Id: 01HA3K31HABVCEJMX2YCHA6EBS
Vary: Accept-Encoding

GET
H2

200

activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscript... Show response
4721227.fls.doubleclick.net/ Frame CC59
Redirect Chain

https://4721227.fls.doubleclick.net/activityi;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscri...
https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%...

548 B
471 B

160ms
158ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html?

Requested by

Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

cae8fc7dc44df2ee73413a8a64fd1555a934e64511ec0152d907b6518597375d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spotify-konto-reaktivierung.cleverapps.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 02:21:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 02:21:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c6c010b56541288cf75fa5e8773311aadac4e60add1a00351da2664fcad6cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 404
Not Found icon-provider-9b3624f0bb.png
spotify-konto-reaktivierung.cleverapps.io/build/i/sprite/ 196 B
196 B 147ms
97ms Image
text/html 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/build/i/sprite/icon-provider-9b3624f0bb.png
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/account-4445741da9.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/account-4445741da9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Server: Apache
Sozu-Id: 01HA3K31H4XQEXPCGDNTQJ8E2N
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sprites_cc_logos.png
spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/ 24 KB
24 KB 146ms
117ms Image
image/png 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/sprites_cc_logos.png
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Last-Modified: Tue, 15 Aug 2023 15:04:03 GMT
Server: Apache
ETag: "5e74-602f77d5399b6"
Content-Type: image/png
Sozu-Id: 01HA3K31GTKMH25X6XAJYX4EVW
Accept-Ranges: bytes
Content-Length: 24180

GET
H/1.1 200
OK circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 68 KB
68 KB 268ms
80ms Font
font/woff2 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-bold.woff2
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/spotify-543b91ee3c.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5

Request headers

Referer: https://spotify-konto-reaktivierung.cleverapps.io/
Origin: https://spotify-konto-reaktivierung.cleverapps.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Age: 1240501
x-amz-meta-goog-reserved-file-mtime: 1504812661
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 69140
X-Served-By: cache-chi-klot8100108-CHI, cache-par-lfpg1960023-PAR
Last-Modified: Mon, 21 Mar 2022 12:56:03 GMT
ETag: "14bfce9501e5a5dc0adbe559dd630bc6"
x-goog-generation: 1647867363593511
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
x-goog-stored-content-length: 69140
x-amz-checksum-crc32c: CbAmWw==
Accept-Ranges: bytes
X-Cache-Hits: 1290, 1

GET
H/1.1 200
OK circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 63 KB
64 KB 269ms
81ms Font
font/woff2 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-book.woff2
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/spotify-543b91ee3c.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28

Request headers

Referer: https://spotify-konto-reaktivierung.cleverapps.io/
Origin: https://spotify-konto-reaktivierung.cleverapps.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Age: 3350073
x-amz-meta-goog-reserved-file-mtime: 1504812661
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 64512
X-Served-By: cache-chi-kigq8000135-CHI, cache-par-lfpg1960080-PAR
Last-Modified: Mon, 21 Mar 2022 12:56:03 GMT
ETag: "0c0dfc4df72c07c84b15651ab6f951a6"
x-goog-generation: 1647867363540028
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
x-goog-stored-content-length: 64512
x-amz-checksum-crc32c: nYWZpQ==
Accept-Ranges: bytes
X-Cache-Hits: 1483, 1

GET
H/1.1 200
OK circular-black.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 68 KB
68 KB 269ms
70ms Font
font/woff2 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-black.woff2
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/files/spotify-543b91ee3c.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 769dae020149617e3d70328c3e1557fa3ca53fa128a9743ab389b2bfcb5327f1

Request headers

Referer: https://spotify-konto-reaktivierung.cleverapps.io/
Origin: https://spotify-konto-reaktivierung.cleverapps.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Age: 3527044
x-amz-meta-goog-reserved-file-mtime: 1504812660
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 69188
X-Served-By: cache-chi-klot8100080-CHI, cache-par-lfpg1960055-PAR
Last-Modified: Mon, 21 Mar 2022 12:56:03 GMT
ETag: "9e0ddf791ff8bdc860603330b6b1c88e"
x-goog-generation: 1647867363538571
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
x-goog-stored-content-length: 69188
x-amz-checksum-crc32c: 6B6YNQ==
Accept-Ranges: bytes
X-Cache-Hits: 587, 1

GET
DATA 200
OK truncated
/ 307 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d1980bad3269b042d78ea6481238ff045172cefc3f437966159a207c858739b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 404
Not Found vv.gif
spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/ 196 B
196 B 95ms
95ms Image
text/html 185.42.117.192
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/vv.gif
Requested by: Host: spotify-konto-reaktivierung.cleverapps.io
URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.42.117.192 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/summary.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:21:24 GMT
Server: Apache
Sozu-Id: 01HA3K31QKJQ1H23Z8W5BN1WBR
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520an... Show response
adservice.google.com/ddm/fls/i/ Frame DECB 547 B
671 B 601ms
108ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

Requested by

Host: 4721227.fls.doubleclick.net
URL: https://4721227.fls.doubleclick.net/activityi;dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

08bcb12ccb9a5d8407410a793be7405c067d40dabf8fc8ba702d58c2f869a705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4721227.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 02:21:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520an... Show response
4721227.fls.doubleclick.net/ddm/fls/r/ Frame 9537
Redirect Chain

https://adservice.google.fr/ddm/fls/i/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%25...
https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%...

1 KB
615 B

135ms
134ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

2669928b688c0a034d65e3008078a4034ecdc4441d7ea0e343269a7187bed59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 590
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 02:21:26 GMT
expires: Tue, 12 Sep 2023 02:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 02:21:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 9537 70 B
462 B 278ms
112ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=3ysyqec&ct=0:2azffrr&fmt=3
Requested by: Host: 4721227.fls.doubleclick.net
URL: https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 02:21:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 9537 49 KB
18 KB 473ms
142ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 4721227.fls.doubleclick.net
URL: https://4721227.fls.doubleclick.net/ddm/fls/r/dc_pre=CNuS3suBpIEDFboOogMdx1gBCw;src=4721227;type=uidfq0;cat=spoti0;ord=5160187481151;gtm=G1u;u2=undefined;~oref=file%3A%2F%2F%2FC%3A%2FAppServ%2Fwww%2FOVO%2520v2.7%2FSpotify%2FSubscription%2520and%2520payment%2520-%2520Spotify.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18494
x-xss-protection: 0
server: cafe
etag: 5879359867132392387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 02:21:26 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/938675917/ Frame 9537 4 KB
2 KB 627ms
100ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/938675917/?random=1694485286897&cv=9&fst=1694485286897&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4721227.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNuS3suBpIEDFboOogMdx1gBCw%3Bsrc%3D4721227%3Btype%3Duidfq0%3Bcat%3Dspoti0%3Bord%3D5160187481151%3Bgtm%3DG1u%3Bu2%3Dundefined%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FAppServ%252Fwww%252FOVO%252520v2.7%252FSpotify%252FSubscription%252520and%252520payment%252520-%252520Spotify.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

62cc11f5b5407f6720af12617418dc3872195406a67e1e939a667a23b9d01906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 02:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1574
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 9537 44 KB
13 KB 586ms
75ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 12 Sep 2023 02:21:27 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B67A7EB42CBE4639A3EF5E6547EE7D90 Ref B: PAR02EDGE1016 Ref C: 2023-09-12T02:21:27Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 204 5489004.js Show response
bat.bing.com/p/action/ Frame 9537 0
117 B 78ms
78ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5489004.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 12 Sep 2023 02:21:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FAF15D807744E18AE405BFC9BE84F8A Ref B: PAR02EDGE1016 Ref C: 2023-09-12T02:21:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 9537 0
286 B 152ms
151ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5489004&Ver=2&mid=3c49f059-9ef7-46fc-8f64-fee8c5ad8596&sid=13e42030511311ee95dfa11dff1bd99e&vid=13e45f60511311eeb2d39f9333fbfe6c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fadservice.google.com%2F&r=&lt=1443&evt=pageLoad&ifm=1&sv=1&rn=377435

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 02:21:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F549CB552AEB44988F55261AB0811EBD Ref B: PAR02EDGE1016 Ref C: 2023-09-12T02:21:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/938675917/ Frame 9537 42 B
455 B 586ms
80ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/938675917/?random=1694485286897&cv=9&fst=1694484000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2F4721227.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNuS3suBpIEDFboOogMdx1gBCw%3Bsrc%3D4721227%3Btype%3Duidfq0%3Bcat%3Dspoti0%3Bord%3D5160187481151%3Bgtm%3DG1u%3Bu2%3Dundefined%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FAppServ%252Fwww%252FOVO%252520v2.7%252FSpotify%252FSubscription%252520and%252520payment%252520-%252520Spotify.html&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=2723738122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 02:21:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/938675917/ Frame 9537 42 B
455 B 584ms
108ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/938675917/?random=1694485286897&cv=9&fst=1694484000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2F4721227.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNuS3suBpIEDFboOogMdx1gBCw%3Bsrc%3D4721227%3Btype%3Duidfq0%3Bcat%3Dspoti0%3Bord%3D5160187481151%3Bgtm%3DG1u%3Bu2%3Dundefined%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FAppServ%252Fwww%252FOVO%252520v2.7%252FSpotify%252FSubscription%252520and%252520payment%252520-%252520Spotify.html&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=2723738122&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://4721227.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 02:21:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
spotify-konto-reaktivierung.cleverapps.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6rqoltbi75q7cup125o1nkfkq7
.doubleclick.net/	1970-01-21 00:03:01	Name: IDE Value: AHWqTUnf1boKNQYHuH4AFBchE_E2J-nmMtxM9ddBX2Tca-IMPCmCpn-nlC47B7X8MHA
.adsrvr.org/	1970-01-20 23:28:27	Name: TDID Value: 7f1c4fbe-ea2a-463b-8520-fa1434c6a6ad
.adsrvr.org/	1970-01-20 23:28:27	Name: TDCPM Value: CAEYBTgBQgQiAggB
.bing.com/	1970-01-21 00:03:01	Name: MUID Value: 02973FA155986A061B762C2B54DF6BB0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://spotify-konto-reaktivierung.cleverapps.io/build/i/sprite/icon-provider-9b3624f0bb.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://spotify-konto-reaktivierung.cleverapps.io/dech-ww/Issued/89a7b/vv.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4721227.fls.doubleclick.net
adservice.google.com
adservice.google.fr
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
insight.adsrvr.org
sp-bootstrap.global.ssl.fastly.net
spotify-konto-reaktivierung.cleverapps.io
www.google.com
www.google.fr
www.googleadservices.com
www.scdn.co
142.250.181.226
142.250.184.195
142.250.185.132
142.250.186.66
146.75.118.248
151.101.129.194
157.240.251.9
172.217.16.130
185.42.117.192
204.79.197.200
216.58.212.162
216.58.212.166
35.71.131.137
0389df1e2df00d618572609a7232e097a7e9963baf46c749bac9781a7063d5f1
08bcb12ccb9a5d8407410a793be7405c067d40dabf8fc8ba702d58c2f869a705
0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5
16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28
2669928b688c0a034d65e3008078a4034ecdc4441d7ea0e343269a7187bed59c
271b738ea03c0a47b2bf4d08eae8ddcd83de610b7b680e16523be08234522c28
27c6c010b56541288cf75fa5e8773311aadac4e60add1a00351da2664fcad6cf
368050e24650d085ae45ff96cb255eafd8196154f484969f0492ceaab7d9d9c5
4e5b8d16044077193472b2bad96dabf3f322452461b533f469846de23b94995f
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432
62cc11f5b5407f6720af12617418dc3872195406a67e1e939a667a23b9d01906
643560985cf3b9a6fe37ad7dceeec802a0ba06e0005a024e0621894401e7cc6b
6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4
72d04d4e4fec062d1c4ef989026f021267b61ffa1d0350855a7007e81f49bba6
769dae020149617e3d70328c3e1557fa3ca53fa128a9743ab389b2bfcb5327f1
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8802adf5641c1056fcf4feeeabb83be1b1e3724d9b460cecc791dfdd6422bc3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9d1980bad3269b042d78ea6481238ff045172cefc3f437966159a207c858739b
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a
a79a0f1bacae7225ef96dd5c50a58a342fb5feba7b6c0293ce2a56a29f6b24c1
b51a12e6f6aba4d92f45d4b4ac003fa0285821f26b77b4f8c3af5ac774a10dbb
b63e5bcbf53f3f1ab4bcf0845a900fab7b25981693e753d73cfd2784a8046446
cae8fc7dc44df2ee73413a8a64fd1555a934e64511ec0152d907b6518597375d
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
d030f6633a5d0efd3f76fcf5ec98a0468c76770e618a401ffe5ddc7f6ccc844b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

spotify-konto-reaktivierung.cleverapps.io Open in urlscan Pro 185.42.117.192 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

13 IPs

3 Countries

442 kBTransfer

1115 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

spotify-konto-reaktivierung.cleverapps.io Open in urlscan Pro
185.42.117.192 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

442 kB
Transfer

1115 kB
Size

5
Cookies

31 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!