urlscan.io logo urlscan.io
SecurityTrails logo

spotify.backtrace.io Open in urlscan Pro
52.2.190.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://spotify.backtrace.io/login.php
Submission Tags: phishtake
Submission: On January 25 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 52.2.190.21, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is spotify.backtrace.io.
TLS certificate: Issued by R3 on January 23rd 2021. Valid for: 3 months.
This is the only time spotify.backtrace.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.2.190.21 14618 (AMAZON-AES)
2 151.101.1.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 13.224.102.29 16509 (AMAZON-02)
3 13.224.102.122 16509 (AMAZON-02)
9 104.18.70.113 13335 (CLOUDFLAR...)
2 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.152.79.139 14618 (AMAZON-AES)
1 75.2.88.188 16509 (AMAZON-02)
5 104.16.53.111 13335 (CLOUDFLAR...)
29 10
2    52.2.190.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-190-21.compute-1.amazonaws.com
spotify.backtrace.io
2    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
cdn-js.global.ssl.fastly.net
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.102.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-29.zrh50.r.cloudfront.net
widget.intercom.io
3    13.224.102.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net
js.intercomcdn.com
9    104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    2a04:4e42:1b::393 (Ascension Island)

ASN54113 (FASTLY, US)
res.cloudinary.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.152.79.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-79-139.compute-1.amazonaws.com
saml.backtrace.io
1    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
5    104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)
backtrace.zendesk.com
Domain Requested by
8 static.zdassets.com cdn-js.global.ssl.fastly.net
static.zdassets.com
5 backtrace.zendesk.com static.zdassets.com
3 js.intercomcdn.com spotify.backtrace.io
widget.intercom.io
2 saml.backtrace.io cdn-js.global.ssl.fastly.net
2 fonts.gstatic.com fonts.googleapis.com
2 res.cloudinary.com spotify.backtrace.io
2 cdn-js.global.ssl.fastly.net spotify.backtrace.io
2 spotify.backtrace.io cdn-js.global.ssl.fastly.net
1 api-iam.intercom.io js.intercomcdn.com
1 ekr.zdassets.com static.zdassets.com
1 widget.intercom.io 1 redirects
1 fonts.googleapis.com cdn-js.global.ssl.fastly.net
29 12

This site contains no links.

Subject Issuer Validity Valid
spotify.backtrace.io
R3		 2021-01-23 -
2021-04-23		 3 months crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh
ssl911790.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-10-28 -
2021-05-06		 6 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.backtrace.io
R3		 2020-12-17 -
2021-03-17		 3 months crt.sh
*.intercom.com
Amazon		 2020-05-13 -
2021-06-13		 a year crt.sh
backtrace.zendesk.com
Cloudflare Inc ECC CA-3		 2020-07-22 -
2021-07-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://spotify.backtrace.io/login.php
Frame ID: 15258DD76BF41929FB50217AE4106EF1
Requests: 14 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c9e2f196.js
Frame ID: BBC2B8DF7E965D05A8EF189F2624CB30
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js
Frame ID: 915547F9106321208B30C02A2F23C628
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

29
Requests

100 %
HTTPS

27 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2588 kB
Transfer

11179 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://widget.intercom.io/widget/ye5pb0b9 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
spotify.backtrace.io/ 		508 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spotify.backtrace.io/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.2.190.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-190-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
53d14b07596460139c2de6df3b643445596709214dc3ac155273e031786cb9fe

Request headers

:method
GET
:authority
spotify.backtrace.io
:scheme
https
:path
/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 25 Jan 2021 07:01:15 GMT
content-type
text/html
content-encoding
gzip
main.css
cdn-js.global.ssl.fastly.net/8/_assets/ 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-js.global.ssl.fastly.net/8/_assets/main.css
Requested by
Host: spotify.backtrace.io
URL: https://spotify.backtrace.io/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
lighttpd/1.4.35 /
Resource Hash
5bbe5163d975092c1886bd7baabce060d0e4e8d6f167545f5043f7eecb36de20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://spotify.backtrace.io/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
48779
Via
1.1 varnish
X-Cache
HIT
Connection
keep-alive
Content-Length
4073
ETag
"3168786641"
X-Served-By
cache-ams21074-AMS
Last-Modified
Fri, 22 Jan 2021 18:09:19 GMT
Server
lighttpd/1.4.35
X-Timer
S1611558076.836995,VS0,VE1
X-Frame-Options
DENY
Date
Mon, 25 Jan 2021 07:01:15 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
1
main.js
cdn-js.global.ssl.fastly.net/8/_assets/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.global.ssl.fastly.net/8/_assets/main.js
Requested by
Host: spotify.backtrace.io
URL: https://spotify.backtrace.io/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
lighttpd/1.4.35 /
Resource Hash
2a0757ff0dcfb9f4946830aa73130717c2c6cf3ffd1d6844b0e80aa090fbda1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://spotify.backtrace.io
Referer
https://spotify.backtrace.io/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
48780
Via
1.1 varnish
X-Cache
HIT
Connection
keep-alive
Content-Length
1991173
ETag
"825401579"
X-Served-By
cache-ams21033-AMS
Last-Modified
Fri, 22 Jan 2021 18:09:20 GMT
Server
lighttpd/1.4.35
X-Timer
S1611558076.837503,VS0,VE2
X-Frame-Options
DENY
Date
Mon, 25 Jan 2021 07:01:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
1
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inconsolata|Roboto:300,400,500|Roboto+Mono
Requested by
Host: cdn-js.global.ssl.fastly.net
URL: https://cdn-js.global.ssl.fastly.net/8/_assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c740855b42e23af6b6ddcec49d8b06037a35e5ad5a9ae2744e25b0a929d76f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spotify.backtrace.io/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 07:01:16 GMT
server
ESF
date
Mon, 25 Jan 2021 07:01:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jan 2021 07:01:16 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/ye5pb0b9
  • https://js.intercomcdn.com/shim.latest.js
13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: spotify.backtrace.io
URL: https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65020e606799a2999845f0fd57db63abb3c0e4eb42a0da0b6dfd102262886fa5

Request headers

Referer
https://spotify.backtrace.io/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Jan 2021 06:59:38 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 17:29:15 GMT
server
AmazonS3
age
99
etag
"a279c4fadb54642b80e21aa1aeaf5a5f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
4812
x-amz-cf-id
uGm221vhj7apSEz_JOs9ZjYI26MZaE4ApoPSNBdkpS2xyXmlVczpqg==

Redirect headers

date
Fri, 22 Jan 2021 19:24:52 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
server
AmazonS3
age
214585
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
ZRH50-C1
content-length
0
x-amz-cf-id
JQ7jlvbWHO7XT3u2frIlSAdLnGyjKeptF3w8ZDDcXPOZgg797FsilA==
snippet.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Requested by
Host: cdn-js.global.ssl.fastly.net
URL: https://cdn-js.global.ssl.fastly.net/8/_assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spotify.backtrace.io/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:16 GMT
content-encoding
br
cf-cache-status
HIT
age
44
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
A4D8BC14C56D25DD
x-amz-id-2
k/m0HPmaYAg6JMi7PbrhPuGWXV1+D3ip5MRLQLftFvnPiX1rX9DxWIV+7RYlgLlj4VB4g+F6bVI=
last-modified
Tue, 10 Mar 2020 23:13:51 GMT
server
cloudflare
etag
W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id
07d9f1d8fe00004c25ca188000000001
cf-ray
61701f3b2eff4c25-AMS
svclayer
spotify.backtrace.io/api/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spotify.backtrace.io/api/svclayer
Requested by
Host: cdn-js.global.ssl.fastly.net
URL: https://cdn-js.global.ssl.fastly.net/8/_assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.2.190.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-190-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
08f4d4b88d7bad18026afa8802cf7ad97ad8658deeea67eb91a7a7ee1866d4e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; frame-src 'self' https://checkout.stripe.com;
X-Frame-Options DENY

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
Content-Type
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Coroner-Location
https://spotify.backtrace.io
X-Coroner-Token

Response headers

access-control-allow-origin
*
content-security-policy
frame-ancestors 'self'; frame-src 'self' https://checkout.stripe.com;
server
nginx
date
Mon, 25 Jan 2021 07:01:16 GMT
content-length
1171
x-frame-options
DENY
BTlogo_Horiz_Black.Orange.svg
res.cloudinary.com/backtrace/image/upload/c_scale,h_24/v1548975858/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/backtrace/image/upload/c_scale,h_24/v1548975858/BTlogo_Horiz_Black.Orange.svg
Requested by
Host: spotify.backtrace.io
URL: https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0316dd85e0caef57f14955da4c0c30e6ddcecf75cc56721db400482a6f6261a0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="BTlogo_Horiz_Black.Orange.svg"
server-timing
fastly;dur=1;start=2021-01-25T07:01:16.701Z;desc=hit,rtt;dur=5
vary
Accept-Encoding
content-length
2256
last-modified
Fri, 01 Feb 2019 17:25:20 GMT
server
Cloudinary
etag
W/"ff84d620aebfe0b3d19e9ea9e43d8a63"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
icon.png
res.cloudinary.com/backtrace/image/upload/c_scale,h_28/v1548975858/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/backtrace/image/upload/c_scale,h_28/v1548975858/icon.png
Requested by
Host: spotify.backtrace.io
URL: https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ff450afef132702b066e667686fb71c8ed6f787381deeab4d95e44f2025fd3a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2019 18:06:26 GMT
server
Cloudinary
etag
"dbc3f6d2c4d8ff72877bbd4630e04da9"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;start=2021-01-25T07:01:16.701Z;desc=hit,rtt;dur=5
accept-ranges
bytes
timing-allow-origin
*
content-length
3726
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inconsolata|Roboto:300,400,500|Roboto+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spotify.backtrace.io
Referer
https://fonts.googleapis.com/css?family=Inconsolata|Roboto:300,400,500|Roboto+Mono
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 19:56:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
212681
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 22 Jan 2022 19:56:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inconsolata|Roboto:300,400,500|Roboto+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spotify.backtrace.io
Referer
https://fonts.googleapis.com/css?family=Inconsolata|Roboto:300,400,500|Roboto+Mono
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 22:21:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
549596
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 18 Jan 2022 22:21:20 GMT
test
saml.backtrace.io/api/sso/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://saml.backtrace.io/api/sso/test?tenant=spotify.backtrace.io
Protocol
HTTP/1.1
Server
54.152.79.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-79-139.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-coroner-location,x-coroner-token
Origin
https://spotify.backtrace.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Powered-By
Express
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type,x-coroner-location,x-coroner-token
Content-Length
0
Date
Mon, 25 Jan 2021 07:01:17 GMT
Connection
keep-alive
test
saml.backtrace.io/api/sso/ 		60 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saml.backtrace.io/api/sso/test?tenant=spotify.backtrace.io
Requested by
Host: cdn-js.global.ssl.fastly.net
URL: https://cdn-js.global.ssl.fastly.net/8/_assets/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.79.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-79-139.compute-1.amazonaws.com
Software
/
Resource Hash
88173d046655a477f2205d68cce0ea2a4eb414a350cd22964306babace166ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
Content-Type
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Coroner-Location
https://spotify.backtrace.io
X-Coroner-Token

Response headers

Date
Mon, 25 Jan 2021 07:01:17 GMT
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
60
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
ETag
W/"3c-en+TasxLxVrineFpqJJArA8wz9Y"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Expires
0
5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
ekr.zdassets.com/compose/ 		923 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81aebf2219c2dccdc5d1b0b4adbb1325e6ed7a74761f952ccc5db3659a3e069
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
status
200 OK
strict-transport-security
max-age=0
cf-request-id
07d9f1da1b0000c771ce155000000001
x-request-id
fac8f4c2-250c-4811-8cb8-11df63b52e77
x-runtime
0.004221
server
cloudflare
etag
W/"c81aebf2219c2dccdc5d1b0b4adbb132"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
61701f3cfb34c771-AMS
frame-modern.c9e2f196.js
js.intercomcdn.com/ Frame BBC2 		244 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.c9e2f196.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ye5pb0b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01298178b5bf049f210df7a329725c4b6d067bb68f89fc32d923cc631ee2c30e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Jan 2021 05:29:18 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 17:23:23 GMT
server
AmazonS3
age
5520
etag
"8524d596ca7af9ff4931a4cbe5d7481f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
67502
x-amz-cf-id
j6w3ihTrTPL1iBF98UTnYw1ygliD16O6MmvuuMWbwQLZxSP7Zda1JA==
vendor-modern.09ac2fbd.js
js.intercomcdn.com/ Frame BBC2 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.09ac2fbd.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ye5pb0b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbb04e2c9dbc68a01814401fe4349e5d1c39528bcfa871d8526d5c2c75d3a07a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Jan 2021 06:16:48 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 10:11:08 GMT
server
AmazonS3
age
2670
etag
"14e08984884865ac18f9c12b08c853c3"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
38309
x-amz-cf-id
AYctVe_0vgZEz1woS1nNd4kvz8ARJJib74DAEzJF-KwYbSFVb82rnA==
ping
api-iam.intercom.io/messenger/web/ Frame BBC2 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c9e2f196.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a5a275e1ec369523ebfae866750937b3a536eb3ff5a2755eb08103cf5a668761
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
gzip
x-ami-version
ami-01bbcee2357c5b1cf
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
00051vhrsjpltjjtvvh0
x-runtime
0.320707
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"a5a275e1ec369523ebfae866750937b3"
x-ratelimit-remaining
19997
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://spotify.backtrace.io
x-intercom-version
8f07e1dcefa42c740562d3d861286f5a8d54f913
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1611558120
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
preload.6c0f96329dfe8c9a16e9.js
static.zdassets.com/web_widget/latest/ Frame 9155 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a16d204927bef5c153d4ec6057d898925a173a9e3a578bd753c480961f07f7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
270116
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
1F5D5F7FA57E3795
x-amz-id-2
IGEmJDFEIGJQ21l7DIEAVs3t7OyVR9UyEFprFfPRae+b0GqNm6Tq6Na08usEhzh5WGYXda9J8yU=
last-modified
Fri, 22 Jan 2021 01:38:14 GMT
server
cloudflare
etag
W/"10f8103193e442094518b0ed9faf36e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
1q7FgDXL3N.d.IDDrIaNzX2Q4rlKUz2a
cf-request-id
07d9f1db1c00004c25d32d6000000001
cf-ray
61701f3e9dbb4c25-AMS
expires
Sat, 22 Jan 2022 01:38:13 GMT
web_widget.b43d605c8bd3c2da5f21.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 9155 		501 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.b43d605c8bd3c2da5f21.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
61
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
902BA3865A14096E
x-amz-id-2
8WN+yd2QW/ke518ldkjYfHXCpSR5+4DlNFktdEP2Md/TrwYYkdToQWGCaftkJn0tN+cydIcS6Hw=
last-modified
Tue, 19 Jan 2021 23:41:14 GMT
server
cloudflare
etag
W/"69eb9ecd7b4785b9a75c65b0c0e472bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7xRrYBPAAvcPYIzTYvqG95fxH_SFu.y1
cf-request-id
07d9f1db1c00004c25ca1af000000001
cf-ray
61701f3e9dbd4c25-AMS
expires
Wed, 19 Jan 2022 23:41:13 GMT
web_widget.e6cd199f196ed4ee1a13.chunk.js
static.zdassets.com/web_widget/latest/lazy/ Frame 9155 		498 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/lazy/web_widget.e6cd199f196ed4ee1a13.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c02d90f0bd6c3626cdcbbcc9bb81276f77f43315ab84a25a34c86797188d45
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5876
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
E4DA2CF7AF1E33D6
x-amz-id-2
5ziZV2PA6LqQb3ipB9/nmz9q1rwRPZFB/T6Vci8XpuHBODARdf/vw56WunbOUR5eYrxa7RHDXF0=
last-modified
Sun, 17 Jan 2021 22:56:43 GMT
server
cloudflare
etag
W/"2c3f41b0907c5ef3e822da47110c2cf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
6.o4JiJiA6qz3N7ogI7_kHvXgfxSe7OF
cf-request-id
07d9f1db1c00004c25d2887000000001
cf-ray
61701f3e9dbe4c25-AMS
expires
Mon, 17 Jan 2022 22:56:42 GMT
web_widget.ba39259f8e4e36c5fc0a.chunk.js
static.zdassets.com/web_widget/latest/ Frame 9155 		335 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.ba39259f8e4e36c5fc0a.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62428142cee91c63efbdad960b302fea1616ba50a1b4e222ebbcbd4d3e8fe3e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
270116
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
D36F82EC38FBBD1B
x-amz-id-2
Vhh+1LQB3l9YIksqSarvn2qVvUhMzP4Q1RjRw17++fyukpZY2iMbtsMt0ShlH0rjshKiEzNKJnE=
last-modified
Fri, 22 Jan 2021 01:38:16 GMT
server
cloudflare
etag
W/"6471f488994882533d8f1cae24cc7a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
rZkGjHsKCTs2xVoXpbArd4rE1sNCqppT
cf-request-id
07d9f1db1c00004c25cfb51000000001
cf-ray
61701f3e9dbf4c25-AMS
expires
Sat, 22 Jan 2022 01:38:15 GMT
vendors~web_widget.ab97379118a5b2805f2a.chunk.js
static.zdassets.com/web_widget/latest/ Frame 9155 		516 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1140499
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
0C187F761C8026DE
x-amz-id-2
YEYewECPJPlI5DNbpWMczIv+XyhAjsSWBzwgXlGFnxX3+A8KYSjD5bDQd86ifA24vE9HQ2oEArU=
last-modified
Mon, 04 Jan 2021 00:38:50 GMT
server
cloudflare
etag
W/"d8b36c871889a179bfc603bc480db2d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
MQoH2PhH1gQXAgAyxB2Xf6doAtoit68t
cf-request-id
07d9f1db1c00004c25d2127000000001
cf-ray
61701f3e9dc04c25-AMS
expires
Tue, 04 Jan 2022 00:38:49 GMT
web_widget~messenger.2ef813a806a3fb817c2a.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 9155 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.2ef813a806a3fb817c2a.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
442561
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
AB3E4323AA777A4F
x-amz-id-2
m0Wxvfpfcru1HWsuQ3uD4XBpXZFai7Q3vclnS4TpQD7X4V8+t/hvxPVPNI9F92G63zJzlay5Yqk=
last-modified
Tue, 19 Jan 2021 23:41:14 GMT
server
cloudflare
etag
W/"772e4f1ca6313200071ee61fbcaf7dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
0c5A63QLlcuaeqSDRPbXzm921Lct0pGO
cf-request-id
07d9f1db1d00004c25d1a34000000001
cf-ray
61701f3e9dc24c25-AMS
expires
Wed, 19 Jan 2022 23:41:13 GMT
config
backtrace.zendesk.com/embeddable/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://backtrace.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=5a7cb263-cb2c-43dd-a1ca-216d4c4d1748
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9806d7df2056dc0641ad50b5a702f652060c04bebbb6cb7901b84f99dfbd68b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spotify.backtrace.io/login?referrer=bG9naW4ucGhw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-757486d8bd-jktdn
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
cf-request-id
07d9f1db8900000c5951807000000001
x-request-id
616fff950a3a1ea1-DEN
x-runtime
0.001362
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GC%2B9rJLH8QSm0Z5Riv8ZqOlNq%2B%2BVzEf1Whtr1ojbVMzzsieFJluq2TQp2%2FC%2FxH19WDVn51o3WbcrIBRjY%2FppkMPTXJ98YhmEiABF3GN8BnjJqs79InY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
61701f3f4f9d0c59-AMS
en-us-json.dfa77dc54ddc7bc33515.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame 9155 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us-json.dfa77dc54ddc7bc33515.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b1688111bcc37ff66c9d7519cc04cba03c69a93215e2de36b388dee07d33af
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
270115
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4231C95E1D63D9AD
x-amz-id-2
NjZHXjQ24bTVcSiAq4iIC8d+bLZn/WNoo+2y1IrReWb1q7Yb85MurzXIdj8X+Li290lY8yIPF/w=
last-modified
Fri, 22 Jan 2021 01:37:41 GMT
server
cloudflare
etag
W/"94123d435406f296a2e0736db17170c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
RWz6MiXu1VMKrOW_xvgnwh9PwVlfGvbD
cf-request-id
07d9f1dc3c00004c257f287000000001
cf-ray
61701f4059414c25-AMS
expires
Sat, 22 Jan 2022 01:37:40 GMT
embeddable_blip
backtrace.zendesk.com/ Frame 9155 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backtrace.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsib2Zmc2V0Ijp7Imhvcml6b250YWwiOiItMTAwMHB4In19fSwiYnVpZCI6ImYwMDkyYzQ1ODhjMjkwMWE3MGRlNTRmMTRkOTY4ZWFlIiwic3VpZCI6ImNjOTc5ZGUyYWMxMDFjMzgxNzEwMDlmZGQ5MWYxZTgzIiwidmVyc2lvbiI6IjRjMmYyMzRjMSIsInRpbWVzdGFtcCI6IjIwMjEtMDEtMjVUMDc6MDE6MTcuNDk4WiIsInVybCI6Imh0dHBzOi8vc3BvdGlmeS5iYWNrdHJhY2UuaW8vbG9naW4%2FcmVmZXJyZXI9Ykc5bmFXNHVjR2h3In0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b96n3WjI%2FMTfkCTSpjTF7OX3Y9GSDucAqU4l%2B95Z%2FZwhWewfljeGsYL3IT6k7bAVi%2FikGqDi8HvEwOvb%2BLlMdTlyrArRwrHHovABoyJJJxe%2BK00o9Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spotify.backtrace.io
cache-control
no-store, no-cache, must-revalidate
cf-ray
61701f4069b30c59-AMS
cf-request-id
07d9f1dc4200000c59f48af000000001
embeddable_blip
backtrace.zendesk.com/ Frame 9155 		0
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backtrace.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9zcG90aWZ5LmJhY2t0cmFjZS5pby9sb2dpbj9yZWZlcnJlcj1iRzluYVc0dWNHaHciLCJ0aW1lIjoyNjksImxvYWRUaW1lIjo1NS4xMTk5OTg3NTMwNzA4MywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkJhY2t0cmFjZSAtIENvbnNvbGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6ZmFsc2UsInZpZXdwb3J0TWV0YSI6IiIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiZjAwOTJjNDU4OGMyOTAxYTcwZGU1NGYxNGQ5NjhlYWUiLCJzdWlkIjoiY2M5NzlkZTJhYzEwMWMzODE3MTAwOWZkZDkxZjFlODMiLCJ2ZXJzaW9uIjoiNGMyZjIzNGMxIiwidGltZXN0YW1wIjoiMjAyMS0wMS0yNVQwNzowMToxNy42NDFaIiwidXJsIjoiaHR0cHM6Ly9zcG90aWZ5LmJhY2t0cmFjZS5pby9sb2dpbj9yZWZlcnJlcj1iRzluYVc0dWNHaHcifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:17 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bJWHXxc4T%2Bz6X1XG%2BArEY0ov16sJ16iDQny9Nkpt8zTJUhMsh%2B4lZGzTqP8YNunrVrTpAVJQnIBIxoG4UtW7N05DQfr%2FhfHT0BXDvw3cdUWV09yeAvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spotify.backtrace.io
cache-control
no-store, no-cache, must-revalidate
cf-ray
61701f414b720c59-AMS
cf-request-id
07d9f1dccf00000c590e822000000001
embeddable_blip
backtrace.zendesk.com/ Frame 9155 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backtrace.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQudXBkYXRlU2V0dGluZ3MiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6eyJvZmZzZXQiOnsiaG9yaXpvbnRhbCI6IjBweCIsInZlcnRpY2FsIjoiMHB4In19fX0sImJ1aWQiOiJmMDA5MmM0NTg4YzI5MDFhNzBkZTU0ZjE0ZDk2OGVhZSIsInN1aWQiOiJjYzk3OWRlMmFjMTAxYzM4MTcxMDA5ZmRkOTFmMWU4MyIsInZlcnNpb24iOiI0YzJmMjM0YzEiLCJ0aW1lc3RhbXAiOiIyMDIxLTAxLTI1VDA3OjAxOjE3LjkwNFoiLCJ1cmwiOiJodHRwczovL3Nwb3RpZnkuYmFja3RyYWNlLmlvL2xvZ2luP3JlZmVycmVyPWJHOW5hVzR1Y0dodyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ct6HWEZh3ZXlwjsAiVpOW0YaV6PqrnY7YKnNjrIqD%2F5oscLhYzyChxJNA75RmORc2NM%2BMdvAuWsx1rJJFukQGQ8zBzGY9MCJwIToLaMx8QORIWNwHmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spotify.backtrace.io
cache-control
no-store, no-cache, must-revalidate
cf-ray
61701f42ee3e0c59-AMS
cf-request-id
07d9f1ddd600000c592d14d000000001
embeddable_blip
backtrace.zendesk.com/ Frame 9155 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backtrace.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuc2hvdyIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6e319LCJidWlkIjoiZjAwOTJjNDU4OGMyOTAxYTcwZGU1NGYxNGQ5NjhlYWUiLCJzdWlkIjoiY2M5NzlkZTJhYzEwMWMzODE3MTAwOWZkZDkxZjFlODMiLCJ2ZXJzaW9uIjoiNGMyZjIzNGMxIiwidGltZXN0YW1wIjoiMjAyMS0wMS0yNVQwNzowMToxNy45MDVaIiwidXJsIjoiaHR0cHM6Ly9zcG90aWZ5LmJhY2t0cmFjZS5pby9sb2dpbj9yZWZlcnJlcj1iRzluYVc0dWNHaHcifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 07:01:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WPwtTNyLFZEU55ctOkKWKCOQP6onInbEBOIVNS81MHRR4M6pYvz9Oytb6G07dWc0XAyYxzOsTRrHrYZ1VTHcbCdtjTgTzvFMN9Jh3n8UlXTMBSgE09M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spotify.backtrace.io
cache-control
no-store, no-cache, must-revalidate
cf-ray
61701f42fe400c59-AMS
cf-request-id
07d9f1ddd600000c59eb815000000001

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| _BACKTRACE_CORONER_VERSION number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ object| __theme object| __core-js_shared__ object| core object| ZenDeskQ function| ZenDesk function| Intercom object| __backtrace_benchmark object| intercomSettings object| zESettings function| parcelRequire object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| zE function| zEmbed function| __intercomAssignLocation boolean| zEACLoaded function| $zopim

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
backtrace.zendesk.com
cdn-js.global.ssl.fastly.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
res.cloudinary.com
saml.backtrace.io
spotify.backtrace.io
static.zdassets.com
widget.intercom.io
104.16.53.111
104.18.70.113
13.224.102.122
13.224.102.29
151.101.1.194
2a00:1450:4001:801::2003
2a00:1450:4001:81a::200a
2a04:4e42:1b::393
52.2.190.21
54.152.79.139
75.2.88.188
01298178b5bf049f210df7a329725c4b6d067bb68f89fc32d923cc631ee2c30e
0316dd85e0caef57f14955da4c0c30e6ddcecf75cc56721db400482a6f6261a0
08f4d4b88d7bad18026afa8802cf7ad97ad8658deeea67eb91a7a7ee1866d4e0
2a0757ff0dcfb9f4946830aa73130717c2c6cf3ffd1d6844b0e80aa090fbda1e
32c02d90f0bd6c3626cdcbbcc9bb81276f77f43315ab84a25a34c86797188d45
4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5
53d14b07596460139c2de6df3b643445596709214dc3ac155273e031786cb9fe
5bbe5163d975092c1886bd7baabce060d0e4e8d6f167545f5043f7eecb36de20
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
62428142cee91c63efbdad960b302fea1616ba50a1b4e222ebbcbd4d3e8fe3e1
65020e606799a2999845f0fd57db63abb3c0e4eb42a0da0b6dfd102262886fa5
73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b
88173d046655a477f2205d68cce0ea2a4eb414a350cd22964306babace166ddf
96b1688111bcc37ff66c9d7519cc04cba03c69a93215e2de36b388dee07d33af
a5a275e1ec369523ebfae866750937b3a536eb3ff5a2755eb08103cf5a668761
ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999
c740855b42e23af6b6ddcec49d8b06037a35e5ad5a9ae2744e25b0a929d76f44
c81aebf2219c2dccdc5d1b0b4adbb1325e6ed7a74761f952ccc5db3659a3e069
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d7a16d204927bef5c153d4ec6057d898925a173a9e3a578bd753c480961f07f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9806d7df2056dc0641ad50b5a702f652060c04bebbb6cb7901b84f99dfbd68b
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
fbb04e2c9dbc68a01814401fe4349e5d1c39528bcfa871d8526d5c2c75d3a07a
ff450afef132702b066e667686fb71c8ed6f787381deeab4d95e44f2025fd3a4