Report - xtube.chat/0ZM38F.exe

Report Overview

Visited public
2025-01-16 14:43:07
Tags
URL
xtube.chat/0ZM38F.exe
Finishing URL
open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
IP / ASN
52.173.151.229
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Unsupported browser

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
grabify.world	unknown	2019-04-10	2020-03-11	2025-01-11	478 B	1.1 kB	104.21.80.1
grabify.link	181878	2015-07-05	2015-07-08	2025-01-10	6.3 kB	446 kB	104.26.9.202
open.spotifycdn.com	unknown	2019-09-11	2022-06-13	2025-01-13	2.7 kB	11 kB	199.232.210.251
www.googleoptimize.com	1604	2019-04-06	2019-07-16	2025-01-15	424 B	73 kB	142.250.74.142
encore.scdn.co	25928	2010-08-20	2020-07-15	2025-01-14	1.6 kB	462 kB	104.123.68.155
open.spotify.com	3062	2006-04-23	2012-06-04	2025-01-13	530 B	29 kB	151.101.67.42
xtube.chat	unknown	2024-04-05	2021-01-07	2025-01-06	736 B	1.8 kB	52.173.151.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-01-16 14:42:42	medium	Client IP	104.26.8.202	ET INFO Observed IP Tracking Domain (grabify .link in TLS SNI)
2025-01-16 14:42:45	high	Client IP	104.26.9.202	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	open.spotifycdn.com/cdn/js/gtm.ea4c34bc.js	ScriptElement	3.8 kB	2024-02-20	2025-03-27
Pretty URL open.spotifycdn.com/cdn/js/gtm.ea4c34bc.js IP 199.232.210.251 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-20 16:30 Last Seen2025-03-27 01:39 Times Seen128 Hash 18a9b45e607ff7c8cac78a03f28f1fd2 0e3c55cb449fa520c9effb86c70cce3ee7181636 ea4c34bcfa873512770373e95c276f45a17f67b97cefcf23eb5cd6fee4e44056 Loading...

	www.googleoptimize.com/optimize.js?id=GTM-W53X654	ScriptElement	200 kB	2025-01-16	2025-01-16
Pretty URL www.googleoptimize.com/optimize.js?id=GTM-W53X654 IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-16 14:43 Last Seen2025-01-16 14:43 Times Seen1 Hash 08dc6f3ddc943422372f9270bd270cc4 fff8ca98f7a57e2fdee2b2073a7edd828d3db0f7 64d69a4c707458329f34b182014523277e6e7db26debad0c2a17e412ab8358ef Loading...

	open.spotifycdn.com/cdn/build/error-page/error-page.31d6cfe0.js	ScriptElement	0 B	0001-01-01	2025-04-26
Pretty URL open.spotifycdn.com/cdn/build/error-page/error-page.31d6cfe0.js IP 199.232.210.251 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-04-26 01:37 Times Seen4535566 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	open.spotifycdn.com/cdn/js/retargeting-pixels.5ab9cdc0.js	ScriptElement	796 B	2024-02-20	2025-03-27
Pretty URL open.spotifycdn.com/cdn/js/retargeting-pixels.5ab9cdc0.js IP 199.232.210.251 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-20 16:30 Last Seen2025-03-27 01:39 Times Seen129 Hash ff5311cf5cad9014ae98233eb3a42d0f 91c5256bb38ee1e77f444ad515db40de1e940159 5ab9cdc0840de7312331d8638aa44b8db99092a05b7cff5f720de97c8f21f6c3 Loading...

HTTP Transactions (20)

URL IP Response Size

xtube.chat/0ZM38F.exe

52.173.151.229

302 Found

0 B

URL
xtube.chat/0ZM38F.exe
IP
52.173.151.229:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0ZM38F.exe HTTP/1.1
Host: xtube.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Jan 2025 14:42:42 GMT
Server: Apache
Location: https://grabify.world/0ZM38F.exe
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba

grabify.world/0ZM38F.exe

104.21.80.1

302 Found

143 B

URL
grabify.world/0ZM38F.exe
IP
104.21.80.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /0ZM38F.exe HTTP/1.1
Host: grabify.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 16 Jan 2025 14:42:42 GMT
content-type: text/html
content-length: 143
location: https://grabify.link/0ZM38F.exe
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0mRTRlcnfDKUlfBo94knAddcvQ%2FNl8vqT%2BvkdKypJOxHXMMbQxFQfUiUkdSkpLboNV%2FqcbMWU%2BQA%2BtGJsPUU%2FbOAlN0cF3c5ra7pOFfRcchh%2FqnqevrzVdiTenB1PEV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 902edfa58d38569c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=610&min_rtt=558&rtt_var=170&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1250&delivery_rate=6724458&cwnd=253&unsent_bytes=0&cid=af9d0479f8671d9e&ts=26&x=0"
X-Firefox-Spdy: h2

xtube.chat/

52.173.151.229

200 OK

1.1 kB

URL
xtube.chat/
IP
52.173.151.229:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (1104), with CRLF line terminators
Size
1.1 kB (1136 bytes)
Hash
613f70461832fdb0f92ebaa227cff15a
9621cbaca77a2ef31f15d5dc6343210195325524
3607a1cddddf93bb5829ee44bb40a611b4ff5024d3959f06e44b7d2164cfa4b0

HTTP Headers

GET / HTTP/1.1
Host: xtube.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1136
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Jan 2025 14:42:44 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba

grabify.link/0ZM38F.exe

104.26.9.202

301 Moved Permanently

167 B

URL
grabify.link/0ZM38F.exe
IP
104.26.9.202:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

NIDS	Severity	Alert
suricata	high	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016

HTTP Headers

GET /0ZM38F.exe HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 16 Jan 2025 14:42:45 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 16 Jan 2025 15:42:45 GMT
Location: https://grabify.link/0ZM38F.exe
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7NK2arHtb2ejo%2FJcT30vh2iJNMMVRCq%2F96ivQA6FTfT49nMS9GPCq5Lb95z3AsuWzVUQtZH3tOpISZWs6MOORiwbuCzqmKI8FIxgkuOuV0RdaJsvOig2Byi5%2F0VHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 902edfb87d03b4fd-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=451&min_rtt=451&rtt_var=225&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=395&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

grabify.link/js/ads.js

104.26.8.202

200 OK

19 B

URL
grabify.link/js/ads.js
IP
104.26.8.202:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
14380b81da6c1f82d54ddad07bdca87c
a72b216e23ce2fd0c275f0c66381255e2b34c1be
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkF1QjFad3BlWE9nV09UbUh3d1MrcVE9PSIsInZhbHVlIjoia3VFeG92VXh6VXpOZko5elBQdHY2akNEam9TQ3FseEFjOEpDcGtIekVaL3Vrd1pXWUVwWnpqSWJqOXhqUElCK0VFbGo5cFI4RGYxWk9CWC9BY3FvNEM1NmRmSjBUdHp2ZVhLNVB1eU51SS9Oai9rOFhhemx6SXdnTzdWQ3JxZ1oiLCJtYWMiOiIxZDAyMzlhMDAxYjZiOWMwYWIxMzhlYWRkYTZkYTYwYTY5MGU2ZjNlNmYyYTU0MzQyNjQ2NTgxZTUxNzM2ODExIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Ii8wZVNrVVQvcXh0NXJlcysxM0syclE9PSIsInZhbHVlIjoiU3pzR2FDeGkvelNLeUhPUkZHMElHNjdCZDF3QnVwalhyRjlJMmN6anVpZTdaaWh5YlJKaHhBdVN5N1lTVVhEd3MwUnU2b3p0RnBMb2FvajZTRTRUN3hiaU5HR3YyQTNXMUprZS9nMVFvQTR0VkVRSEdTc09aSXVGd3BtM3ppd3MiLCJtYWMiOiJiOTAzNzkzYzA5MjdkYjhlZDJkNzFmMzUwOTZjNzkwNTBhMjBlMmM1MTM4YmZiYjYxMDM1NThmZmRlOTVlYWIwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 16 Jan 2025 14:42:46 GMT
content-type: application/javascript
content-length: 19
cf-bgj: minify
cf-polished: origSize=22
etag: "16-60f850cd8071e"
last-modified: Mon, 22 Jan 2024 08:59:40 GMT
cf-cache-status: HIT
age: 3514
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6fNZ3hSmS9pRFij%2Fecwoie2wO5m%2FOIRayky95nrLDvH7gJAF73YegIhalWLTCgKuulq8PghcwG6MfNLItEG6YY5ghDZvW3PGB2gZbAwnppJm%2BLWJjUpkC%2F7NoUaMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 902edfbdaed8b4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3322&min_rtt=3208&rtt_var=1431&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4169&recv_bytes=2554&delivery_rate=154790&cwnd=12000&unsent_bytes=0&cid=67108c6d34740c51&ts=164&x=1", cfExtPri, cfHdrFlush;dur=0

grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2

104.26.8.202

200 OK

58 kB

URL
grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
IP
104.26.8.202:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
58 kB (58268 bytes)
Hash
47a42dfe94175dbeaad5832fa98cfdb4
7d20fb855faa779e7379e02e7b7581c22d558370
8377483db7faa21c1bcafb7e1ae51cee687fb696beff0a056e9935f159ef2014

HTTP Headers

GET /js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkF1QjFad3BlWE9nV09UbUh3d1MrcVE9PSIsInZhbHVlIjoia3VFeG92VXh6VXpOZko5elBQdHY2akNEam9TQ3FseEFjOEpDcGtIekVaL3Vrd1pXWUVwWnpqSWJqOXhqUElCK0VFbGo5cFI4RGYxWk9CWC9BY3FvNEM1NmRmSjBUdHp2ZVhLNVB1eU51SS9Oai9rOFhhemx6SXdnTzdWQ3JxZ1oiLCJtYWMiOiIxZDAyMzlhMDAxYjZiOWMwYWIxMzhlYWRkYTZkYTYwYTY5MGU2ZjNlNmYyYTU0MzQyNjQ2NTgxZTUxNzM2ODExIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Ii8wZVNrVVQvcXh0NXJlcysxM0syclE9PSIsInZhbHVlIjoiU3pzR2FDeGkvelNLeUhPUkZHMElHNjdCZDF3QnVwalhyRjlJMmN6anVpZTdaaWh5YlJKaHhBdVN5N1lTVVhEd3MwUnU2b3p0RnBMb2FvajZTRTRUN3hiaU5HR3YyQTNXMUprZS9nMVFvQTR0VkVRSEdTc09aSXVGd3BtM3ppd3MiLCJtYWMiOiJiOTAzNzkzYzA5MjdkYjhlZDJkNzFmMzUwOTZjNzkwNTBhMjBlMmM1MTM4YmZiYjYxMDM1NThmZmRlOTVlYWIwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 16 Jan 2025 14:42:47 GMT
content-type: application/javascript
last-modified: Wed, 08 Jan 2025 03:49:49 GMT
etag: "2ab39-62b29c0db0a93-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5nG7aaJcl6uKe3I1wHneLZikMURF6GvN%2FcvypX0MWyBML3gdneP%2FVSlAScpP7fw0tLWxwvozH86aymMphCk1kobQCO27ez2KTwNHESyqRBTBiOlICuIbkAlxTXBFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 902edfbdaee1b4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5537&min_rtt=3208&rtt_var=5503&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4941&recv_bytes=2598&delivery_rate=4676&cwnd=12000&unsent_bytes=0&cid=67108c6d34740c51&ts=1089&x=1", cfExtPri, cfHdrFlush;dur=0

grabify.link/cdn-cgi/rum?

104.26.8.202

204 No Content

0 B

URL POST HTTP/3
grabify.link/cdn-cgi/rum?
IP
104.26.8.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/0ZM38F.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint85:BB:F3:9D:C8:DF:36:D2:77:CA:F3:5E:5F:EE:8B:67:A2:86:62:91
ValidityMon, 30 Dec 2024 02:34:42 GMT - Sun, 30 Mar 2025 03:34:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1325
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkF1QjFad3BlWE9nV09UbUh3d1MrcVE9PSIsInZhbHVlIjoia3VFeG92VXh6VXpOZko5elBQdHY2akNEam9TQ3FseEFjOEpDcGtIekVaL3Vrd1pXWUVwWnpqSWJqOXhqUElCK0VFbGo5cFI4RGYxWk9CWC9BY3FvNEM1NmRmSjBUdHp2ZVhLNVB1eU51SS9Oai9rOFhhemx6SXdnTzdWQ3JxZ1oiLCJtYWMiOiIxZDAyMzlhMDAxYjZiOWMwYWIxMzhlYWRkYTZkYTYwYTY5MGU2ZjNlNmYyYTU0MzQyNjQ2NTgxZTUxNzM2ODExIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Ii8wZVNrVVQvcXh0NXJlcysxM0syclE9PSIsInZhbHVlIjoiU3pzR2FDeGkvelNLeUhPUkZHMElHNjdCZDF3QnVwalhyRjlJMmN6anVpZTdaaWh5YlJKaHhBdVN5N1lTVVhEd3MwUnU2b3p0RnBMb2FvajZTRTRUN3hiaU5HR3YyQTNXMUprZS9nMVFvQTR0VkVRSEdTc09aSXVGd3BtM3ppd3MiLCJtYWMiOiJiOTAzNzkzYzA5MjdkYjhlZDJkNzFmMzUwOTZjNzkwNTBhMjBlMmM1MTM4YmZiYjYxMDM1NThmZmRlOTVlYWIwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 16 Jan 2025 14:42:48 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 902edfcbda02b4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff

grabify.link/cdn-cgi/rum?

104.26.8.202

204 No Content

0 B

URL POST HTTP/3
grabify.link/cdn-cgi/rum?
IP
104.26.8.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/0ZM38F.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint85:BB:F3:9D:C8:DF:36:D2:77:CA:F3:5E:5F:EE:8B:67:A2:86:62:91
ValidityMon, 30 Dec 2024 02:34:42 GMT - Sun, 30 Mar 2025 03:34:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 824
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IitkMm1TYkpsYWc4cnpNMkhTVDV4MlE9PSIsInZhbHVlIjoiUFJPSStWQVNuTTcySEdiWE5vMGs4R0M0SW9nWlBFbVFjN3FvR3d1VzJNUnNQM1lnUFFLeFpYejlFVk1zSmtjVFRFSDRkZVJSaitHSmxwSWVJR3RjNjFSL2xmcWg2N2lrejdIZDR1WjBCK0dqVXFhKzFhaTl6Q2NGT0Q3M1ZqSmwiLCJtYWMiOiI4M2UyNGY5ZWQ5M2JmZDIzYzg1ZGVjNjZmNDE5NWY1OTAyNmY5NGQzMmNiODM1MWU2MzNiYzY1NWY0ZTg2ZGRmIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IjNjd1l2bzFNdS85VHNjVnROSzFWSVE9PSIsInZhbHVlIjoiMXEwVyszY3M0NTFkZnpDeit4YWVOY21OTDVVZ21CM1NJaEQ4TVNpLzRTTzRuQVJBM3VJSFZudjJFVW0veVFzbDU5eDczOUptYmdxeXBEdC9aQWNrTnREajJjMFJYSWpSWjF5Q0VDUmFkWW44aWRrMlVJTnJaWldFT0xCanBidWYiLCJtYWMiOiI1MGI4NzQyMWU2ZjBhNmYzZWFhZTY5NzhlNTliYWZjZmU3NTFhNTg2OTJlOTlkMWQwYTlhYzg4YjI0N2FmYmIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Thu, 16 Jan 2025 14:42:49 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 902edfd31b19b4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff

open.spotifycdn.com/cdn/js/gtm.ea4c34bc.js

199.232.210.251

200 OK

1.3 kB

URL GET HTTP/2
open.spotifycdn.com/cdn/js/gtm.ea4c34bc.js
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
JavaScript source, ASCII text
Size
1.3 kB (1256 bytes)
Hash
18a9b45e607ff7c8cac78a03f28f1fd2
0e3c55cb449fa520c9effb86c70cce3ee7181636
ea4c34bcfa873512770373e95c276f45a17f67b97cefcf23eb5cd6fee4e44056

HTTP Headers

GET /cdn/js/gtm.ea4c34bc.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 06 Jan 2025 13:08:49 GMT
etag: "c4b461cd5fe5981b51f03de3309dea61"
x-goog-generation: 1736168928972761
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1256
content-type: text/javascript
content-encoding: gzip
x-amz-checksum-crc32c: JZbxRQ==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
age: 221037
timing-allow-origin: *
x-served-by: cache-chi-kigq8000131-CHI, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 9697, 8095
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1256
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/images/error-page-logo.24aca703.svg

199.232.210.251

200 OK

1.2 kB

URL GET HTTP/2
open.spotifycdn.com/cdn/images/error-page-logo.24aca703.svg
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1219 bytes)
Hash
fda23a7fe7b78e2fed7ddbc78a8a9667
e2a94f52df100a6f73c6311bedbdd7c5795b7a7b
24aca703e057fb6e607c57258fd5a2bbe16119dff22f06e1aa7cb53d2e7db63c

HTTP Headers

GET /cdn/images/error-page-logo.24aca703.svg HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 Dec 2024 14:53:55 GMT
etag: "76a20f6902fcfd8eef9fcf2615c9b79d"
x-goog-generation: 1735570434952060
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1219
content-type: image/svg+xml
content-encoding: gzip
x-amz-checksum-crc32c: a3XHZg==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
age: 220570
timing-allow-origin: *
x-served-by: cache-chi-klot8100106-CHI, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 33649, 230
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1219
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/error-page/error-page.31d6cfe0.js

199.232.210.251

200 OK

32 B

URL GET HTTP/2
open.spotifycdn.com/cdn/build/error-page/error-page.31d6cfe0.js
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
gzip compressed data, was "tmpdjhghnob", last modified: Tue Dec 24 04:36:56 2024, max compression
Size
32 B (32 bytes)
Hash
bec09ccc8f810bd1e2d1cec060ea18b1
ca6a333193f8153beb644a45aa2bc571ff93eac6
8958632f1306d107d5e86e67bf414ce52449279854f716302a05442cd4baa521

HTTP Headers

GET /cdn/build/error-page/error-page.31d6cfe0.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 24 Dec 2024 04:36:57 GMT
etag: "bec09ccc8f810bd1e2d1cec060ea18b1"
x-goog-generation: 1735015017560622
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 32
content-type: text/javascript
content-encoding: gzip
x-amz-checksum-crc32c: leofwA==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
age: 822398
timing-allow-origin: *
x-served-by: cache-chi-kigq8000053-CHI, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 24093, 207
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/error-page/error-page.167c5854.css

199.232.210.251

200 OK

3.0 kB

URL GET HTTP/2
open.spotifycdn.com/cdn/build/error-page/error-page.167c5854.css
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
ASCII text, with very long lines (15975), with no line terminators
Size
3.0 kB (3042 bytes)
Hash
d12957aa59fef8bae54c02d73773c087
a0ebe744cf68bb8635afc64fe4f2d5b549a3f04e
6eb4052ed58ed9c8a634193ea25d20f84d06bfa9de3d2f2f10cf84b222279559

HTTP Headers

GET /cdn/build/error-page/error-page.167c5854.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 23 Dec 2024 19:37:40 GMT
etag: "719fcafbb803f249d9cbd4cbffbf9ea9"
x-goog-generation: 1734982660421220
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3042
content-type: text/css
content-encoding: gzip
x-amz-checksum-crc32c: qxJ+2Q==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
age: 819064
timing-allow-origin: *
x-served-by: cache-chi-klot8100037-CHI, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 25188, 200
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3042
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/js/retargeting-pixels.5ab9cdc0.js

199.232.210.251

200 OK

364 B

URL GET HTTP/2
open.spotifycdn.com/cdn/js/retargeting-pixels.5ab9cdc0.js
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
JavaScript source, ASCII text
Size
364 B (364 bytes)
Hash
ff5311cf5cad9014ae98233eb3a42d0f
91c5256bb38ee1e77f444ad515db40de1e940159
5ab9cdc0840de7312331d8638aa44b8db99092a05b7cff5f720de97c8f21f6c3

HTTP Headers

GET /cdn/js/retargeting-pixels.5ab9cdc0.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 30 Dec 2024 15:58:10 GMT
etag: "88a36d0f7f76476ecd31d27ab93c7c65"
x-goog-generation: 1735574290184008
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 364
content-type: text/javascript
content-encoding: gzip
x-amz-checksum-crc32c: vx5VLA==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
age: 1425532
timing-allow-origin: *
x-served-by: cache-chi-kigq8000062-CHI, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 501, 7258
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 364
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=GTM-W53X654

142.250.74.142

200 OK

72 kB

URL GET HTTP/2
www.googleoptimize.com/optimize.js?id=GTM-W53X654
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBB:2E:7E:AD:26:E1:69:CA:59:9D:25:40:5F:20:4A:82:34:E8:D2:04
ValidityMon, 09 Dec 2024 08:36:18 GMT - Mon, 03 Mar 2025 08:36:17 GMT

File type
JavaScript source, ASCII text, with very long lines (2319)
Size
72 kB (71667 bytes)
Hash
08dc6f3ddc943422372f9270bd270cc4
fff8ca98f7a57e2fdee2b2073a7edd828d3db0f7
64d69a4c707458329f34b182014523277e6e7db26debad0c2a17e412ab8358ef

HTTP Headers

GET /optimize.js?id=GTM-W53X654 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Jan 2025 14:42:49 GMT
expires: Thu, 16 Jan 2025 14:42:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 16 Jan 2025 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1169:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1169:0"}],}
server: Google Tag Manager
content-length: 71667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

encore.scdn.co/fonts/SpotifyMixUI-Bold-4264b799009b1db5c491778b1bc8e5b7.woff2

104.123.68.155

200 OK

41 kB

URL GET HTTP/2
encore.scdn.co/fonts/SpotifyMixUI-Bold-4264b799009b1db5c491778b1bc8e5b7.woff2
IP
104.123.68.155:443
ASN
#20940 Akamai International B.V.

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerDigiCert Inc
Subject*.scdn.co
Fingerprint59:68:CA:B5:E4:00:55:D3:00:E5:D0:2D:F4:47:DA:17:11:E4:E4:B3
ValidityTue, 09 Jul 2024 00:00:00 GMT - Sat, 09 Aug 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 41412, version 1.6553
Size
41 kB (41320 bytes)
Hash
4264b799009b1db5c491778b1bc8e5b7
7baaf2a83c8fd71eaff63f5c075d56cb7c6b1e53
4252606cf3c6b177ae87bf37e83c73db1895a99d44b9c6965309cd343124c9ba

HTTP Headers

GET /fonts/SpotifyMixUI-Bold-4264b799009b1db5c491778b1bc8e5b7.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 20 May 2024 10:12:25 GMT
etag: "61b62cce587e38f4dee4c6c17bcd5a0e"
content-type: font/woff
content-encoding: gzip
x-amz-checksum-crc32c: yXssgQ==
accept-ranges: bytes
content-length: 41320
expires: Thu, 16 Jan 2025 14:42:50 GMT
date: Thu, 16 Jan 2025 14:42:50 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-headers: range
access-control-allow-methods: GET
X-Firefox-Spdy: h2

encore.scdn.co/fonts/SpotifyMixUI-Regular-cc3b1de388efa4cbca6c75cebc24585e.woff2

104.123.68.155

200 OK

36 kB

URL GET HTTP/2
encore.scdn.co/fonts/SpotifyMixUI-Regular-cc3b1de388efa4cbca6c75cebc24585e.woff2
IP
104.123.68.155:443
ASN
#20940 Akamai International B.V.

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerDigiCert Inc
Subject*.scdn.co
Fingerprint59:68:CA:B5:E4:00:55:D3:00:E5:D0:2D:F4:47:DA:17:11:E4:E4:B3
ValidityTue, 09 Jul 2024 00:00:00 GMT - Sat, 09 Aug 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35596, version 1.6553
Size
36 kB (35561 bytes)
Hash
cc3b1de388efa4cbca6c75cebc24585e
12745b74ea5ebee6e7ad5803110e688076c91f99
91623228bbcef3805f91d3df656132fcf95b5572bf345039eedc91a136b7ed09

HTTP Headers

GET /fonts/SpotifyMixUI-Regular-cc3b1de388efa4cbca6c75cebc24585e.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 20 May 2024 10:12:27 GMT
etag: "b7f76367a4827918777a80c836e579c6"
content-type: font/woff
content-encoding: gzip
x-amz-checksum-crc32c: lJoHOA==
accept-ranges: bytes
content-length: 35561
expires: Thu, 16 Jan 2025 14:42:50 GMT
date: Thu, 16 Jan 2025 14:42:50 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-headers: range
access-control-allow-methods: GET
X-Firefox-Spdy: h2

grabify.link/api/js

104.26.8.202

200 OK

382 kB

URL
grabify.link/api/js
IP
104.26.8.202:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
382 kB (381902 bytes)
Hash
b36bd517e6bd757dea0fe824a0b11d31
7e86838ac0103a610de5fddb426c2f1ebeb01e42
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3

HTTP Headers

POST /api/js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
User-Agents: MUg2SklRbDBhVkVaanVjeHM5V2pweHVhMXpIeGlqR0g3ekxKa3A0dQ==
X-CSRF-TOKEN: 1H6JIQl0aVEZjucxs9Wjpxua1zHxijGH7zLJkp4u
Content-Length: 3369
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkF1QjFad3BlWE9nV09UbUh3d1MrcVE9PSIsInZhbHVlIjoia3VFeG92VXh6VXpOZko5elBQdHY2akNEam9TQ3FseEFjOEpDcGtIekVaL3Vrd1pXWUVwWnpqSWJqOXhqUElCK0VFbGo5cFI4RGYxWk9CWC9BY3FvNEM1NmRmSjBUdHp2ZVhLNVB1eU51SS9Oai9rOFhhemx6SXdnTzdWQ3JxZ1oiLCJtYWMiOiIxZDAyMzlhMDAxYjZiOWMwYWIxMzhlYWRkYTZkYTYwYTY5MGU2ZjNlNmYyYTU0MzQyNjQ2NTgxZTUxNzM2ODExIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Ii8wZVNrVVQvcXh0NXJlcysxM0syclE9PSIsInZhbHVlIjoiU3pzR2FDeGkvelNLeUhPUkZHMElHNjdCZDF3QnVwalhyRjlJMmN6anVpZTdaaWh5YlJKaHhBdVN5N1lTVVhEd3MwUnU2b3p0RnBMb2FvajZTRTRUN3hiaU5HR3YyQTNXMUprZS9nMVFvQTR0VkVRSEdTc09aSXVGd3BtM3ppd3MiLCJtYWMiOiJiOTAzNzkzYzA5MjdkYjhlZDJkNzFmMzUwOTZjNzkwNTBhMjBlMmM1MTM4YmZiYjYxMDM1NThmZmRlOTVlYWIwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 16 Jan 2025 14:42:48 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 10
x-ratelimit-remaining: 7
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IitkMm1TYkpsYWc4cnpNMkhTVDV4MlE9PSIsInZhbHVlIjoiUFJPSStWQVNuTTcySEdiWE5vMGs4R0M0SW9nWlBFbVFjN3FvR3d1VzJNUnNQM1lnUFFLeFpYejlFVk1zSmtjVFRFSDRkZVJSaitHSmxwSWVJR3RjNjFSL2xmcWg2N2lrejdIZDR1WjBCK0dqVXFhKzFhaTl6Q2NGT0Q3M1ZqSmwiLCJtYWMiOiI4M2UyNGY5ZWQ5M2JmZDIzYzg1ZGVjNjZmNDE5NWY1OTAyNmY5NGQzMmNiODM1MWU2MzNiYzY1NWY0ZTg2ZGRmIiwidGFnIjoiIn0%3D; expires=Thu, 16 Jan 2025 19:42:48 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6IjNjd1l2bzFNdS85VHNjVnROSzFWSVE9PSIsInZhbHVlIjoiMXEwVyszY3M0NTFkZnpDeit4YWVOY21OTDVVZ21CM1NJaEQ4TVNpLzRTTzRuQVJBM3VJSFZudjJFVW0veVFzbDU5eDczOUptYmdxeXBEdC9aQWNrTnREajJjMFJYSWpSWjF5Q0VDUmFkWW44aWRrMlVJTnJaWldFT0xCanBidWYiLCJtYWMiOiI1MGI4NzQyMWU2ZjBhNmYzZWFhZTY5NzhlNTliYWZjZmU3NTFhNTg2OTJlOTlkMWQwYTlhYzg4YjI0N2FmYmIzIiwidGFnIjoiIn0%3D; expires=Thu, 16 Jan 2025 19:42:48 GMT; Max-Age=18000; path=/; secure; httponly
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePtqjF%2Bh%2FGL1p6dIwMfPkcoCr%2Bl8i3scMq3vtefxTvFBOtPlapnCs%2BArHk91fK9D791TJTPTRM0q94lQeG2fjm%2B2YumkXL9MP4fWONQDAwBxIIN8sByVwHHW20orqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 902edfcd1b74b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2698&min_rtt=1086&rtt_var=1934&sent=79&recv=28&lost=0&retrans=0&sent_bytes=72147&recv_bytes=11277&delivery_rate=5924&cwnd=16800&unsent_bytes=0&cid=67108c6d34740c51&ts=2937&x=1", cfExtPri, cfHdrFlush;dur=0

open.spotifycdn.com/cdn/images/favicon16.1c487bff.png

199.232.210.251

200 OK

491 B

URL GET HTTP/3
open.spotifycdn.com/cdn/images/favicon16.1c487bff.png
IP
199.232.210.251:443
ASN
#54113 FASTLY

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerGlobalSign nv-sa
Subject*.spotifycdn.com
Fingerprint02:B7:8E:36:03:0C:9A:1F:12:D1:68:DA:06:9F:FB:F0:B7:78:BB:9F
ValidityTue, 09 Apr 2024 11:45:12 GMT - Sun, 11 May 2025 11:45:11 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
491 B (491 bytes)
Hash
47309f383eb16b0647712ee1500f2741
7b5e622dc000eed9cf1c8e31cb9b5343b428161c
1c487bff77b3d19fd37544c1e65ee9ffba08bd3030a1ac0586d9c51d5186937e

HTTP Headers

GET /cdn/images/favicon16.1c487bff.png HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 491
last-modified: Wed, 20 Nov 2024 18:10:03 GMT
etag: "47309f383eb16b0647712ee1500f2741"
x-goog-generation: 1732126203520411
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 491
content-type: image/png
x-amz-checksum-crc32c: mZG5kQ==
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:50 GMT
age: 4910732
timing-allow-origin: *
x-served-by: cache-chi-kigq8000027-CHI, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 14495, 25343
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA

151.101.67.42

403 Forbidden

27 kB

URL User Request GET HTTP/2
open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
IP
151.101.67.42:443
ASN
#54113 FASTLY

Certificate
IssuerCertainly
Subjectopen.spotify.com
FingerprintD6:A2:A1:9D:CF:E1:0D:AF:35:27:F3:E1:F8:D6:C4:84:DC:56:89:3F
ValidityFri, 27 Dec 2024 23:22:43 GMT - Sun, 26 Jan 2025 23:22:42 GMT

File type

Size
27 kB (26816 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: envoy
x-content-type-options: nosniff
x-envoy-upstream-service-time: 383
content-security-policy: script-src 'self' 'unsafe-eval' blob: open.spotifycdn.com open-exp.spotifycdn.com open-review.spotifycdn.com open-exp-review.spotifycdn.com quicksilver.scdn.co www.google-analytics.com www.googletagmanager.com static.ads-twitter.com analytics.twitter.com s.pinimg.com sc-static.net https://www.google.com/recaptcha/ cdn.ravenjs.com connect.facebook.net www.gstatic.com sb.scorecardresearch.com pixel-static.spotify.com cdn.cookielaw.org geolocation.onetrust.com www.googleoptimize.com www.fastly-insights.com static.hotjar.com script.hotjar.com https://www.googleadservices.com/pagead/conversion_async.js https://www.googleadservices.com/pagead/conversion/ https://analytics.tiktok.com/i18n/pixel/sdk.js https://analytics.tiktok.com/i18n/pixel/identify.js https://analytics.tiktok.com/i18n/pixel/config.js https://www.redditstatic.com/ads/pixel.js https://t.contentsquare.net/uxa/22f14577e19f3.js https://get.microsoft.com/badge/ms-store-badge.bundled.js 'sha256-WfsTi7oVogdF9vq5d14s2birjvCglqWF842fyHhzoNw=' 'sha256-KRzjHxCdT8icNaDOqPBdY0AlKiIh5F8r4bnbe1PQwss=' 'sha256-Z5wh7XXSBR1+mTxLSPFhywCZJt77+uP1GikAgPIsu2s='; frame-ancestors 'self' https://adgen-dev.spotify.com/account/*/ad/*/details https://adgen-dev.spotify.com/preview/* https://local.spotify.net/account/*/ad/*/details https://local.spotify.net/preview/*;
via: HTTP/1.1 fringe, HTTP/2 edgeproxy, 1.1 google, 1.1 varnish, 1.1 varnish
content-type: text/html; charset=utf-8
set-cookie: sp_t=8f964205d6902c1ae4dfb19c8aedbe9e; path=/; expires=Fri, 16 Jan 2026 14:42:48 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fplaylist%2F6IOzadVFC9bNCaFjpVGFNv%3Fsp_cid%3D8f964205d6902c1ae4dfb19c8aedbe9e%26device%3Ddesktop%26si%3DrC5by6fBRYSQRhBfqPcLcA; path=/; expires=Fri, 17 Jan 2025 14:42:48 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: gzip
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Thu, 16 Jan 2025 14:42:49 GMT
x-served-by: cache-hel1410022-HEL, cache-hel1410022-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1737038569.944256,VS0,VE447
vary: Accept-Encoding,Accept-Encoding
X-Firefox-Spdy: h2

encore.scdn.co/fonts/SpotifyMixUITitleVariable-8769ccfde3379b7ebcadd9529b49d0cc.woff2

104.123.68.155

200 OK

383 kB

URL GET HTTP/2
encore.scdn.co/fonts/SpotifyMixUITitleVariable-8769ccfde3379b7ebcadd9529b49d0cc.woff2
IP
104.123.68.155:443
ASN
#20940 Akamai International B.V.

Requested by
https://open.spotify.com/playlist/6IOzadVFC9bNCaFjpVGFNv?si=rC5by6fBRYSQRhBfqPcLcA
Certificate
IssuerDigiCert Inc
Subject*.scdn.co
Fingerprint59:68:CA:B5:E4:00:55:D3:00:E5:D0:2D:F4:47:DA:17:11:E4:E4:B3
ValidityTue, 09 Jul 2024 00:00:00 GMT - Sat, 09 Aug 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 383268, version 1.6553
Size
383 kB (383268 bytes)
Hash
8769ccfde3379b7ebcadd9529b49d0cc
f0ccc08ceaab40e27a9200ab755beff24b9d5810
406312aa9e36de68c1c1975221e22ccd619a390f5fe9665ce64eff29ae32ba4c

HTTP Headers

GET /fonts/SpotifyMixUITitleVariable-8769ccfde3379b7ebcadd9529b49d0cc.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 20 May 2024 10:12:30 GMT
etag: "8c2f2b5166c31039f2bc1c69a40e99ac"
content-type: font/woff
content-encoding: gzip
x-amz-checksum-crc32c: oB8zEA==
accept-ranges: bytes
content-length: 381882
expires: Thu, 16 Jan 2025 14:42:50 GMT
date: Thu, 16 Jan 2025 14:42:50 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-headers: range
access-control-allow-methods: GET
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN