accounts.spotify.com Open in urlscan Pro
194.132.197.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://107.170.81.187:8080/public/top
Effective URL:
https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107...
Submission: On October 19 via manual (October 19th 2017, 6:19:27 pm UTC) from BR

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 194.132.197.198, located in Japan and belongs to SPOTIFY, SE. The main domain is accounts.spotify.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 16th 2017. Valid for: 3 years.

This is the only time accounts.spotify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	107.170.81.187 107.170.81.187	() ()
2	194.132.197.198 194.132.197.198	43650 (SPOTIFY) (SPOTIFY)
2	216.137.61.58 216.137.61.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	151.101.112.249 151.101.112.249	54113 (FASTLY) (FASTLY - Fastly)
11	5

2 107.170.81.187 (New York, United States) 2 redirects

ASN- ()

107.170.81.187	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.132.197.198 (Japan)

ASN43650 (SPOTIFY, SE)
PTR: lon3-weblb-wg3.lon3.spotify.com

accounts.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.137.61.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-58.fra2.r.cloudfront.net

d2d1dxiu3v1f2i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.249 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sp-bootstrap.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	google-analytics.com www.google-analytics.com	14 KB
2	fastly.net sp-bootstrap.global.ssl.fastly.net	131 KB
2	cloudfront.net d2d1dxiu3v1f2i.cloudfront.net	159 KB
2	spotify.com accounts.spotify.com	5 KB
0	google.com Failed www.google.com Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
11	6

	Domain	Requested by
3	www.google-analytics.com	d2d1dxiu3v1f2i.cloudfront.net
2	sp-bootstrap.global.ssl.fastly.net
2	d2d1dxiu3v1f2i.cloudfront.net	accounts.spotify.com
2	accounts.spotify.com
0	www.google.com Failed
0	stats.g.doubleclick.net Failed
11	6

This site contains links to these domains. Also see Links.

Domain
www.spotify.com

Subject Issuer	Validity	Valid
*.spotify.com DigiCert SHA2 Secure Server CA	`2017-05-16` - `2020-07-29`	3 years	crt.sh
*.cloudfront.net Symantec Class 3 Secure Server CA - G4	`2016-10-26` - `2017-12-17`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2017-10-10` - `2018-01-02`	3 months	crt.sh
a.ssl.fastly.net DigiCert SHA2 High Assurance Server CA	`2014-12-08` - `2018-02-06`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
Frame ID: 26996.1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://107.170.81.187:8080/public/top HTTP 302
http://107.170.81.187:8080/ HTTP 302
https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&red... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

11
Requests

82 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

308 kB
Transfer

843 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.spotify.com/de/signup/?forward_url=https%3A%2F%2Faccounts.spotify.com%2Fde%2Fauthorize%3Fclient_id%3D09793e3afafa4797bf853f2ad5db72f3%26response_type%3Dcode%26redirect_uri%3Dhttp%3A%252F%252F107.170.81.187%3A8080%252FSpotifyLoginCallback%252F%26scope%3Duser-read-recently-played%2520user-library-read%2520user-top-read%26state%3D34fFs29kd09%26show_dialog%3Dfalse
Title: Bei Spotify registrieren

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://107.170.81.187:8080/public/top HTTP 302
http://107.170.81.187:8080/ HTTP 302
https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
accounts.spotify.com/authorize/
Redirect Chain

http://107.170.81.187:8080/public/top
http://107.170.81.187:8080/
https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%2...

708 B
456 B

116ms
38ms

Document
text/html

194.132.197.198
SPOTIFY

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.132.197.198 , Japan, ASN43650 (SPOTIFY, SE),

Reverse DNS

lon3-weblb-wg3.lon3.spotify.com

Software

nginx /

Resource Hash

51f9c7e5a571c9967c2314c99a581e251e29489007182b66edf72929725264e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Strict-Transport-Security	max-age=31536000;
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: accounts.spotify.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 19 Oct 2017 18:19:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=edge
Pragma: no-cache
Server: nginx
X-Frame-Options: deny
Vary: Accept-Encoding Accept
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Set-Cookie: csrf_token=AQA4b3OjmrRX7CMjyKAWjauLPDquzbhzoPiziyWnVNFplPv9dl_zWlGxCaaHznPrplh6gBYa001DxKHMBQ;Version=1;Domain=accounts.spotify.com;Path=/;Secure
Keep-Alive: timeout=600
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;

Redirect headers

Location: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
Date: Thu, 19 Oct 2017 18:19:17 GMT
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked

GET
H/1.1 200
OK index.css
d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/ 268 KB
43 KB 136ms
7ms Stylesheet
text/css 216.137.61.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/index.css

Requested by

Host: accounts.spotify.com
URL: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.137.61.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-216-137-61-58.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b202235c2efed5e6e366bd3e013f796bdf6c5ce275d2d4fb708b36bb2aea3750

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Strict-Transport-Security	max-age=31536000;
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d2d1dxiu3v1f2i.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
Connection: keep-alive
Cache-Control: no-cache
Referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 19 Oct 2017 13:47:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Age: 16330
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Last-Modified: Thu, 19 Oct 2017 12:48:40 GMT
Server: nginx
X-Frame-Options: deny
ETag: W/"59e89f28-43125"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Amz-Cf-Id: MQHCkgaRV0ak_1Bsa0Vn6xF320hjOWRgqLoorVpRLQp7NQTfs_wouQ==
Expires: Sat, 18 Nov 2017 13:47:06 GMT

GET
H/1.1 200
OK index.js Show response
d2d1dxiu3v1f2i.cloudfront.net/a634d7d/js/ 394 KB
116 KB 138ms
9ms Script
application/javascript 216.137.61.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/js/index.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.137.61.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-216-137-61-58.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

71f38acc533a41f8aa677a65606613c0a6fcbbc2dc47c0b527dc59f58b5cf21e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Strict-Transport-Security	max-age=31536000;
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d2d1dxiu3v1f2i.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
Connection: keep-alive
Cache-Control: no-cache
Referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http://107.170.81.187:8080/SpotifyLoginCallback/&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 19 Oct 2017 13:47:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Age: 16329
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Last-Modified: Thu, 19 Oct 2017 12:48:47 GMT
Server: nginx
X-Frame-Options: deny
ETag: W/"59e89f2f-6273f"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=utf-8
Via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Amz-Cf-Id: 2zoUFWotlo-prFjzz27Ok9yY5kMVRcQhHdUvckii86HYHJAHtIDaow==
Expires: Sat, 18 Nov 2017 13:47:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d2d1dxiu3v1f2i.cloudfront.net
URL: https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/js/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
:scheme: https
:method: GET
Referer: https://accounts.spotify.com/authorize/?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Sep 2017 22:31:34 GMT
server: Golfe2
age: 4083
date: Thu, 19 Oct 2017 17:11:13 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 14089
expires: Thu, 19 Oct 2017 19:11:13 GMT

GET
H/1.1 200
OK itunes-badge.svg
accounts.spotify.com/images/ 12 KB
5 KB 43ms
43ms Image
image/svg+xml 194.132.197.198
SPOTIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.spotify.com/images/itunes-badge.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.132.197.198 , Japan, ASN43650 (SPOTIFY, SE),

Reverse DNS

lon3-weblb-wg3.lon3.spotify.com

Software

nginx /

Resource Hash

25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Strict-Transport-Security	max-age=31536000;
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: accounts.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
Cookie: csrf_token=AQA4b3OjmrRX7CMjyKAWjauLPDquzbhzoPiziyWnVNFplPv9dl_zWlGxCaaHznPrplh6gBYa001DxKHMBQ
Connection: keep-alive
Cache-Control: no-cache
Referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 19 Oct 2017 18:19:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Transfer-Encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=edge
Last-Modified: Thu, 19 Oct 2017 12:48:26 GMT
Server: nginx
ETag: W/"59e89f1a-3041"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Content-Security-Policy: default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Keep-Alive: timeout=600
Expires: Sat, 18 Nov 2017 18:19:16 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd549fde0242f32cac05b1f4b9f2abd3d8a585bb71c8a4cade6bbb09c792333

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 63 KB
63 KB 23ms
6ms Font
application/font-woff 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-book.woff2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28

Request headers

Pragma: no-cache
Origin: https://accounts.spotify.com
Accept-Encoding: gzip, deflate
Host: sp-bootstrap.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/index.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/index.css
Origin: https://accounts.spotify.com

Response headers

x-amz-version-id: uk_BB9oobL1KrkS6Nqt6_9wKZXILdN7q
Via: 1.1 varnish 1.1 varnish
ETag: "0c0dfc4df72c07c84b15651ab6f951a6"
Age: 2890632
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 64512
x-amz-id-2: 6P+452QnRxD+LnU6KzzI8D1Val83afLPmVc1jU9/pbLltYPPiWmMmPhKCgIoMxJeYka32+LoFok=
X-Served-By: cache-iad2134-IAD, cache-hhn1528-HHN
Last-Modified: Thu, 07 Sep 2017 19:31:01 GMT
Server: AmazonS3
X-Timer: S1508437157.933929,VS0,VE0
Date: Thu, 19 Oct 2017 18:19:16 GMT
Fastly-Debug-Digest: 1e48e690414fb41acaf479f8ec022c8678355971bd1b259c5215bb3aa16465b7
x-amz-request-id: 703767A603445268
Access-Control-Allow-Origin: *
Expires: Fri, 07 Sep 2018 19:30:57 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: application/font-woff
X-Cache-Hits: 1, 681

GET
H/1.1 200
OK circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 68 KB
68 KB 22ms
5ms Font
application/font-woff 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-bold.woff2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5

Request headers

Pragma: no-cache
Origin: https://accounts.spotify.com
Accept-Encoding: gzip, deflate
Host: sp-bootstrap.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/index.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: https://d2d1dxiu3v1f2i.cloudfront.net/a634d7d/css/index.css
Origin: https://accounts.spotify.com

Response headers

x-amz-version-id: lv2cUiXWh9.bj.nXkNtlic0Fy4DS6vib
Via: 1.1 varnish 1.1 varnish
ETag: "14bfce9501e5a5dc0adbe559dd630bc6"
Age: 2454843
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 69140
x-amz-id-2: rNce7dCOO32hyrQXyH2FCzeWwtDg5CSctxL2gbijGW288PoyKXDlSdaCgsAFUUFZr0jDnfiu6Ug=
X-Served-By: cache-iad2146-IAD, cache-hhn1545-HHN
Last-Modified: Thu, 07 Sep 2017 19:31:01 GMT
Server: AmazonS3
X-Timer: S1508437157.934302,VS0,VE0
Date: Thu, 19 Oct 2017 18:19:16 GMT
Fastly-Debug-Digest: 9eaa4fb4b21af57d2428d18c277b312a4c0b4e224db16e6545bdced312fecf1d
x-amz-request-id: 78244A3519109E01
Access-Control-Allow-Origin: *
Expires: Fri, 07 Sep 2018 19:30:57 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: application/font-woff
X-Cache-Hits: 1, 18417

GET
H2 200 collect
www.google-analytics.com/ 35 B
44 B 6ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j64&aip=1&a=1787087795&t=pageview&_s=1&dl=https%3A%2F%2Faccounts.spotify.com%2Fde%2Fauthorize%3Fclient_id%3D09793e3afafa4797bf853f2ad5db72f3%26response_type%3Dcode%26redirect_uri%3Dhttp%3A%252F%252F107.170.81.187%3A8080%252FSpotifyLoginCallback%252F%26scope%3Duser-read-recently-played%2520user-library-read%2520user-top-read%26state%3D34fFs29kd09%26show_dialog%3Dfalse&dp=%2Fauthorize&ul=en-us&de=UTF-8&dt=Autorisieren%20-%20Spotify&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=490217668&gjid=542581404&cid=2042453946.1508437157&tid=UA-5784146-31&_gid=1271768225.1508437157&z=747152586

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j64&aip=1&a=1787087795&t=pageview&_s=1&dl=https%3A%2F%2Faccounts.spotify.com%2Fde%2Fauthorize%3Fclient_id%3D09793e3afafa4797bf853f2ad5db72f3%26response_type%3Dcode%26redirect_uri%3Dhttp%3A%252F%252F107.170.81.187%3A8080%252FSpotifyLoginCallback%252F%26scope%3Duser-read-recently-played%2520user-library-read%2520user-top-read%26state%3D34fFs29kd09%26show_dialog%3Dfalse&dp=%2Fauthorize&ul=en-us&de=UTF-8&dt=Autorisieren%20-%20Spotify&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=490217668&gjid=542581404&cid=2042453946.1508437157&tid=UA-5784146-31&_gid=1271768225.1508437157&z=747152586
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
:scheme: https
:method: GET
Referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2017 10:16:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28978
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET collect
stats.g.doubleclick.net/r/ 0
0

GET
H2 200 collect
www.google-analytics.com/ 35 B
44 B 7ms
6ms Image
image/gif 2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j64&aip=1&a=1787087795&t=pageview&_s=2&dl=https%3A%2F%2Faccounts.spotify.com%2Fde%2Fauthorize%3Fclient_id%3D09793e3afafa4797bf853f2ad5db72f3%26response_type%3Dcode%26redirect_uri%3Dhttp%3A%252F%252F107.170.81.187%3A8080%252FSpotifyLoginCallback%252F%26scope%3Duser-read-recently-played%2520user-library-read%2520user-top-read%26state%3D34fFs29kd09%26show_dialog%3Dfalse&dp=%2Fauthorize&ul=en-us&de=UTF-8&dt=Autorisieren%20-%20Spotify&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=&gjid=&cid=2042453946.1508437157&tid=UA-5784146-31&_gid=1271768225.1508437157&z=127750353

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j64&aip=1&a=1787087795&t=pageview&_s=2&dl=https%3A%2F%2Faccounts.spotify.com%2Fde%2Fauthorize%3Fclient_id%3D09793e3afafa4797bf853f2ad5db72f3%26response_type%3Dcode%26redirect_uri%3Dhttp%3A%252F%252F107.170.81.187%3A8080%252FSpotifyLoginCallback%252F%26scope%3Duser-read-recently-played%2520user-library-read%2520user-top-read%26state%3D34fFs29kd09%26show_dialog%3Dfalse&dp=%2Fauthorize&ul=en-us&de=UTF-8&dt=Autorisieren%20-%20Spotify&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=&gjid=&cid=2042453946.1508437157&tid=UA-5784146-31&_gid=1271768225.1508437157&z=127750353
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
:scheme: https
:method: GET
Referer: https://accounts.spotify.com/de/authorize?client_id=09793e3afafa4797bf853f2ad5db72f3&response_type=code&redirect_uri=http:%2F%2F107.170.81.187:8080%2FSpotifyLoginCallback%2F&scope=user-read-recently-played%20user-library-read%20user-top-read&state=34fFs29kd09&show_dialog=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2017 10:16:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28978
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.com/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j64&tid=UA-5784146-31&cid=2042453946.1508437157&jid=490217668&gjid=542581404&_gid=1271768225.1508437157&_u=YGBAgAAB~&z=1443273944

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=2042453946.1508437157&jid=490217668&_v=j64&z=1443273944

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spotify.com/	1970-01-18 11:00:37	Name: _gat Value: 1
.spotify.com/	1970-01-18 11:02:03	Name: _gid Value: GA1.2.1271768225.1508437157
.spotify.com/	1970-01-19 04:31:49	Name: _ga Value: GA1.2.2042453946.1508437157
.accounts.spotify.com/	1970-01-01 00:00:00	Name: csrf_token Value: AQA4b3OjmrRX7CMjyKAWjauLPDquzbhzoPiziyWnVNFplPv9dl_zWlGxCaaHznPrplh6gBYa001DxKHMBQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
Strict-Transport-Security	max-age=31536000;
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://www.google-analytics.com; img-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://i.imgur.com https://d2mv8tnci56s9d.cloudfront.net https://aci.scdn.co https://graph.facebook.com https://fbcdn-profile-a.akamaihd.net https://scontent.xx.fbcdn.net https://www.google-analytics.com https://stats.g.doubleclick.net data: d2d1dxiu3v1f2i.cloudfront.net; font-src 'self' https://d2d1dxiu3v1f2i.cloudfront.net https://sp-bootstrap.global.ssl.fastly.net; style-src 'self' 'unsafe-inline' https://d2d1dxiu3v1f2i.cloudfront.net; frame-src 'self' https://www.spotify.com https://app.adjust.com https://itunes.apple.com itms-apps:;
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.spotify.com
d2d1dxiu3v1f2i.cloudfront.net
sp-bootstrap.global.ssl.fastly.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
stats.g.doubleclick.net
www.google.com
107.170.81.187
151.101.112.249
194.132.197.198
216.137.61.58
2a00:1450:4001:819::200e
0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5
16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
51f9c7e5a571c9967c2314c99a581e251e29489007182b66edf72929725264e1
71f38acc533a41f8aa677a65606613c0a6fcbbc2dc47c0b527dc59f58b5cf21e
7cd549fde0242f32cac05b1f4b9f2abd3d8a585bb71c8a4cade6bbb09c792333
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b202235c2efed5e6e366bd3e013f796bdf6c5ce275d2d4fb708b36bb2aea3750
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e

accounts.spotify.com Open in urlscan Pro 194.132.197.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

308 kBTransfer

843 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

accounts.spotify.com Open in urlscan Pro
194.132.197.198 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

308 kB
Transfer

843 kB
Size

4
Cookies

11 HTTP transactions
1 data transactions