spots.jdevcloud.com Open in urlscan Pro
2607:1b00:93b2:e42c::b0fb Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cyruslogistics.com:32000/mail/sp.html
Effective URL:
https://spots.jdevcloud.com/pora/39bde/
Submission: On November 22 via manual (November 22nd 2019, 3:30:36 am UTC) from AU

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 29 domains to perform 61 HTTP transactions. The main IP is 2607:1b00:93b2:e42c::b0fb, located in United States and belongs to CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US. The main domain is spots.jdevcloud.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 3rd 2019. Valid for: 2 years.

This is the only time spots.jdevcloud.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	112.199.115.153 112.199.115.153	9658 (ETPI-IDS-...) (ETPI-IDS-AS-AP Eastern Telecoms Phils.)
3 4	2607:1b00:93b... 2607:1b00:93b2:e42c::b0fb	54456 (CLOUDACCE...) (CLOUDACCESS-NETWORK - CloudAccess.net)
5	151.101.112.246 151.101.112.246	54113 (FASTLY) (FASTLY - Fastly)
1 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.224.196.127 13.224.196.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE - Google LLC)
7 10	3.122.69.45 3.122.69.45	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	3.248.26.129 3.248.26.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	35.186.224.30 35.186.224.30	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 4	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.85.99 147.75.85.99	54825 (PACKET) (PACKET - Packet Host)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
2	2a02:26f0:6c0... 2a02:26f0:6c00:18a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.33.111 147.75.33.111	54825 (PACKET) (PACKET - Packet Host)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	13.224.196.24 13.224.196.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.211.89.62 52.211.89.62	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.85.119 147.75.85.119	54825 (PACKET) (PACKET - Packet Host)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY - Fastly)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	52.51.120.75 52.51.120.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
61	32

1 112.199.115.153 (Makati City, Philippines)

ASN9658 (ETPI-IDS-AS-AP Eastern Telecoms Phils., Inc., PH)
PTR: 153.115.199.112.clbrz.inet.static.eastern-tele.com

cyruslogistics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:1b00:93b2:e42c::b0fb (United States) 3 redirects

ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US)

spots.jdevcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.112.246 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

www.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-127.fra2.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

sp-bootstrap.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.122.69.45 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-69-45.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.26.129 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-26-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.224.30 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 30.224.186.35.bc.googleusercontent.com

pixel-static.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.166 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net

4721227.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8872062.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-5

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:18a::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.43.115.95 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.111 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-12

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.24 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-24.fra2.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.89.62 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

spotify.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.119 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.120.75 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-120-75.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	myvisualiq.net 7 redirects vt.myvisualiq.net t.myvisualiq.net	9 KB
7	google-analytics.com 1 redirects www.google-analytics.com	51 KB
5	doubleclick.net 3 redirects 4721227.fls.doubleclick.net stats.g.doubleclick.net 8872062.fls.doubleclick.net	1 KB
5	scdn.co www.scdn.co	74 KB
4	jdevcloud.com 3 redirects spots.jdevcloud.com	8 KB
3	pinterest.com ct.pinterest.com	470 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	facebook.net connect.facebook.net	122 KB
3	facebook.com www.facebook.com	671 B
3	demdex.net 2 redirects dpm.demdex.net spotify.demdex.net	2 KB
3	fastly.net sp-bootstrap.global.ssl.fastly.net	200 KB
3	googletagmanager.com www.googletagmanager.com	127 KB
2	twitter.com analytics.twitter.com	484 B
2	snapchat.com tr.snapchat.com
2	t.co t.co	294 B
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	pinimg.com s.pinimg.com	17 KB
2	spotify.com pixel-static.spotify.com pixel.spotify.com	3 KB
2	rlcdn.com idsync.rlcdn.com	102 B
2	google.com 1 redirects www.google.com	772 B
1	sc-static.net sc-static.net	5 KB
1	google.de www.google.de	109 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	exelator.com loadus.exelator.com	124 B
1	bluekai.com tags.bluekai.com	749 B
1	tapad.com 1 redirects tapestry.tapad.com	463 B
1	gstatic.com www.gstatic.com	91 KB
1	cyruslogistics.com cyruslogistics.com	211 B
61	29

	Domain	Requested by
10	t.myvisualiq.net	7 redirects spots.jdevcloud.com
7	www.google-analytics.com	1 redirects spots.jdevcloud.com www.google-analytics.com www.googletagmanager.com
5	www.scdn.co	spots.jdevcloud.com
4	spots.jdevcloud.com	3 redirects
3	ct.pinterest.com	s.pinimg.com spots.jdevcloud.com
3	sb.scorecardresearch.com	1 redirects spots.jdevcloud.com www.googletagmanager.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.facebook.com	spots.jdevcloud.com
3	sp-bootstrap.global.ssl.fastly.net	spots.jdevcloud.com
3	www.googletagmanager.com	spots.jdevcloud.com www.googletagmanager.com
2	analytics.twitter.com	static.ads-twitter.com
2	tr.snapchat.com	www.googletagmanager.com
2	8872062.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.co	spots.jdevcloud.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	4721227.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dpm.demdex.net	2 redirects
2	idsync.rlcdn.com	spots.jdevcloud.com
2	www.google.com	1 redirects spots.jdevcloud.com
1	insight.adsrvr.org	js.adsrvr.org
1	vars.hotjar.com	static.hotjar.com
1	spotify.demdex.net	spots.jdevcloud.com
1	pixel.spotify.com	pixel-static.spotify.com
1	sc-static.net	cyruslogistics.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	spots.jdevcloud.com
1	stats.g.doubleclick.net	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	pixel-static.spotify.com	www.googletagmanager.com
1	loadus.exelator.com	spots.jdevcloud.com
1	tags.bluekai.com	spots.jdevcloud.com
1	tapestry.tapad.com	1 redirects
1	www.gstatic.com	www.google.com
1	vt.myvisualiq.net	spots.jdevcloud.com
1	cyruslogistics.com
61	37

This site contains no links.

Subject Issuer	Validity	Valid
*.jdevcloud.com RapidSSL RSA CA 2018	`2019-10-03` - `2021-10-02`	2 years	crt.sh
*.scdn.co DigiCert SHA2 Secure Server CA	`2018-06-26` - `2020-08-14`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.myvisualiq.net Amazon	`2019-11-14` - `2020-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-02` - `2020-01-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
t.myvisualiq.net COMODO RSA Domain Validation Secure Server CA	`2017-07-05` - `2020-07-28`	3 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.spotify.com DigiCert SHA2 Secure Server CA	`2017-05-16` - `2020-07-29`	3 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://spots.jdevcloud.com/pora/39bde/
Frame ID: 4B0A2BFA48B3A1B374ED544759D87348
Requests: 55 HTTP requests in this frame

Frame: https://4721227.fls.doubleclick.net/activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F
Frame ID: FA4A9AE742AFDF190245DD20885ACDB0
Requests: 1 HTTP requests in this frame

Frame: https://8872062.fls.doubleclick.net/activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F
Frame ID: BD77317CE1E613B0ECCB7FA8B4833884
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: 507703E6783D7718A801FDBAACDCB82F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: 3AD564D36D15D1134D7BE9E9F4D0179F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 639724024D62253EE29AFC3082855AE1
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7avchlk&ref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&upid=abcf6bj&upv=1.1.0
Frame ID: 11E397893D374FDA999711CC54BE8A91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cyruslogistics.com:32000/mail/sp.html Page URL
https://spots.jdevcloud.com/pora HTTP 301
https://spots.jdevcloud.com/pora/ HTTP 302
https://spots.jdevcloud.com/pora/39bde HTTP 301
https://spots.jdevcloud.com/pora/39bde/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

98 %
HTTPS

29 %
IPv6

29
Domains

37
Subdomains

32
IPs

8
Countries

783 kB
Transfer

2459 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cyruslogistics.com:32000/mail/sp.html Page URL
https://spots.jdevcloud.com/pora HTTP 301
https://spots.jdevcloud.com/pora/ HTTP 302
https://spots.jdevcloud.com/pora/39bde HTTP 301
https://spots.jdevcloud.com/pora/39bde/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_69a67f91-0cd8-11ea-a006-82d9c231943b

Request Chain 16

https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
https://idsync.rlcdn.com/420356.gif?partner_uid=eab827fa-30f1-4e19-a134-504abf8d11d1

Request Chain 17

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://tags.bluekai.com/site/21398?id=eab827fa-30f1-4e19-a134-504abf8d11d1

Request Chain 18

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-5e82a1fa-2046-419c-ba87-faddae210d9d&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=0-5e82a1fa-2046-419c-ba87-faddae210d9d&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=67388775078407888733383965221933381150

Request Chain 19

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-cb2cb524-b87d-4beb-a4bc-0f22807ac8b9

Request Chain 20

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1901136573502950%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-96783887-fec1-4da0-8f0c-95426269a1ea

Request Chain 26

https://4721227.fls.doubleclick.net/activityi;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F HTTP 302
https://4721227.fls.doubleclick.net/activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F

Request Chain 32

https://sb.scorecardresearch.com/b?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html

Request Chain 33

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=7268830&t=pageview&_s=1&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&dr=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html&ul=en-us&de=UTF-8&dt=Log%20in%20-%20Spotify&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEArQ~&jid=537369325&gjid=1930160734&cid=38988934.1574393421&tid=UA-5784146-31&_gid=1830155164.1574393421&_r=1&gtm=2wgav97BJJ&cd1=us&cd9=0&cd30=0&cd48=2019-11-22T04%3A30%3A21.324%2B01%3A00&z=1503720301 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_gid=1830155164.1574393421&gjid=1930160734&_v=j79&z=1503720301 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301&slf_rd=1&random=3852789706

Request Chain 40

https://8872062.fls.doubleclick.net/activityi;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F HTTP 302
https://8872062.fls.doubleclick.net/activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK sp.html Show response
cyruslogistics.com/mail/ 77 B
211 B 572ms
233ms Document
text/html 112.199.115.153
ETPI-IDS-AS-AP Ea...

General

Check archive.org

Show headers Download Go to

Full URL: http://cyruslogistics.com:32000/mail/sp.html
Protocol: HTTP/1.1
Server: 112.199.115.153 Makati City, Philippines, ASN9658 (ETPI-IDS-AS-AP Eastern Telecoms Phils., Inc., PH),
Reverse DNS: 153.115.199.112.clbrz.inet.static.eastern-tele.com
Software: /
Resource Hash: 3dee1da12107600ed051f682fe923b098e1d23b8b9ab163508c1416ed57fefbe

Request headers

Host: cyruslogistics.com:32000
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Connection: close
Content-type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H/1.1

200
OK

Primary Request / Show response
spots.jdevcloud.com/pora/39bde/
Redirect Chain

https://spots.jdevcloud.com/pora
https://spots.jdevcloud.com/pora/
https://spots.jdevcloud.com/pora/39bde
https://spots.jdevcloud.com/pora/39bde/

18 KB
8 KB

118ms
117ms

Document
text/html

2607:1b00:93b2:e42c::b0fb
CloudAccess.net

General

Check archive.org

Show headers Download Go to

Full URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:1b00:93b2:e42c::b0fb , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f89bc1cd36f55eb91154153aabf408ab21df90b4ac7c7eca400b15bf0c36ceb0

Request headers

Host: spots.jdevcloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://cyruslogistics.com:32000/mail/sp.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: http://cyruslogistics.com:32000/mail/sp.html

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Server: Apache
Last-Modified: Fri, 22 Nov 2019 03:30:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7405
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Server: Apache
Location: https://spots.jdevcloud.com/pora/39bde/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 240
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK reboot-ab91e4561d.css
www.scdn.co/build/css/ 213 KB
36 KB 19ms
5ms Stylesheet
text/css 151.101.112.246
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/css/reboot-ab91e4561d.css
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.246 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: de1dc925c2035a5d064f096ca41b20d6e16d0e8208da9af9b027f19e93408d75

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Content-Encoding: gzip
Age: 6117644
x-amz-meta-goog-reserved-file-mtime: 1520368985
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 36609
X-Served-By: cache-ord1736-ORD, cache-hhn4027-HHN
Last-Modified: Tue, 06 Mar 2018 20:45:21 GMT
ETag: "ab91e4561d00ccff3b3a8ba209749c37"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK spweb-site-ad03e0c37d.min.js Show response
www.scdn.co/build/js/ 102 KB
29 KB 20ms
6ms Script
application/javascript 151.101.112.246
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/js/spweb-site-ad03e0c37d.min.js
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.246 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 8f5c53710cc9dda258a5a4cb8999d87ccce8e3e90e8dacf31af1f9d594c41905

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Content-Encoding: gzip
Age: 7560126
x-amz-meta-goog-reserved-file-mtime: 1516803313
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29237
X-Served-By: cache-ord1746-ORD, cache-hhn4065-HHN
Last-Modified: Wed, 24 Jan 2018 14:27:03 GMT
ETag: "96f99a1433faacc83d1956d17c02971b"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK signup-660fa65035.js Show response
www.scdn.co/build/js/ 10 KB
4 KB 20ms
6ms Script
application/javascript 151.101.112.246
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/js/signup-660fa65035.js
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.246 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c18fb55d359b238a284734390b79a16aa10cf167f0a7db24e9acc533897358b3

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Content-Encoding: gzip
Age: 16462148
x-amz-meta-goog-reserved-file-mtime: 1519748426
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3588
X-Served-By: cache-ord1736-ORD, cache-hhn4081-HHN
Last-Modified: Tue, 27 Feb 2018 16:24:04 GMT
ETag: "f8ca1517d0425170d6a27b984d14f628"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 797 B
581 B 17ms
17ms Script
text/javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

7aafcec943571b9b12ffd6b9a48f93ceb5134f59a78b0b6211e7417b797630bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 488
x-xss-protection: 1; mode=block
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H/1.1 200
OK bon-32c3a6a7e1.js Show response
www.scdn.co/build/js/ 1 KB
1 KB 19ms
6ms Script
application/javascript 151.101.112.246
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/js/bon-32c3a6a7e1.js
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.246 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: f11d7d6ed5c317cc6a3b7d5fd4a39074d85755b62e8c4b89ad14f17543228f58

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Content-Encoding: gzip
Age: 8686850
x-amz-meta-goog-reserved-file-mtime: 1533804724
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 617
X-Served-By: cache-ord1735-ORD, cache-hhn4075-HHN
Last-Modified: Thu, 09 Aug 2018 08:55:54 GMT
ETag: "89a28682365454f62428cee509e5b7aa"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK vt-150.js Show response
vt.myvisualiq.net/2/afTxMmlGwCNRJiC5Bd75ug%3D%3D/ 14 KB
4 KB 28ms
6ms Script
application/x-javascript 13.224.196.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vt.myvisualiq.net/2/afTxMmlGwCNRJiC5Bd75ug%3D%3D/vt-150.js
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-127.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 284407629dac49f18f897e14a35001ad2534f9d062bac9b558143fc5bb0adbe5

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 16:23:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Mar 2019 08:40:24 GMT
Server: AmazonS3
Age: 40003
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: 09g_kp9zjNwcLFO2cLDuAoLa6Vur8xJO
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: moBvTT2QztwoOrjQ6btKHM29YYle0wpyiIKl-jHyKcgNLGr97Z1jVQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3404
date: Fri, 22 Nov 2019 02:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 22 Nov 2019 04:33:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
62 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3325eefa511436f5081cbe06a10bcdcf5b999d1aee24b610e3329996f0f3b304

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 63259
x-xss-protection: 0
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 111 KB
30 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P9JKJ53&cid=38988934.1574393421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8db26c1292c22b425000e5978e7ad09b9f1d839b1b092bb59444b2c4ba9f8ea9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 31050
x-xss-protection: 0
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H/1.1 200
OK spotify-logo-lockup-197@2x.png
www.scdn.co/i/_global/logos/ 3 KB
3 KB 5ms
5ms Image
image/png 151.101.112.246
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scdn.co/i/_global/logos/spotify-logo-lockup-197@2x.png
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.246 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c1d40dc457dc2eb81826e58c058dadae190afbba6d38951d2cdad8b7b01b33eb

Request headers

Referer: https://www.scdn.co/build/css/reboot-ab91e4561d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Last-Modified: Wed, 14 Jun 2017 18:20:36 GMT
Age: 76927890
x-amz-meta-goog-reserved-file-mtime: 1497464208
ETag: "9311f307ce202b82324f7d546949387f"
X-Cache: HIT, HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Cache-Hits: 11083, 1347
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2765
X-Served-By: cache-ord1741-ORD, cache-hhn4027-HHN

GET
H/1.1 200
OK circular-black.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 68 KB
68 KB 26ms
6ms Font
application/font-woff 151.101.13.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-black.woff2
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 769dae020149617e3d70328c3e1557fa3ca53fa128a9743ab389b2bfcb5327f1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.scdn.co/build/css/reboot-ab91e4561d.css
Origin: https://spots.jdevcloud.com

Response headers

x-amz-version-id: ImURLHkVbXxkceyHHtoW.EnP.GcA2ieG
Via: 1.1 varnish, 1.1 varnish
Age: 1594210
X-Cache: HIT, HIT
Date: Fri, 22 Nov 2019 03:30:21 GMT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 69188
x-amz-id-2: bBPajrfVIAhRcBto3xVIhnPrcy1so8IL+y80l8lYtFNDtygeKh6psB19LluilRVrB62BPcnX0cA=
X-Served-By: cache-iad2132-IAD, cache-fra19169-FRA
Last-Modified: Thu, 07 Sep 2017 19:31:00 GMT
Server: AmazonS3
X-Timer: S1574393421.307555,VS0,VE1
ETag: "9e0ddf791ff8bdc860603330b6b1c88e"
x-amz-request-id: 3964859EF083C7D1
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: application/font-woff
Expires: Fri, 07 Sep 2018 19:30:57 GMT

GET
H/1.1 200
OK circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 63 KB
64 KB 24ms
6ms Font
application/font-woff 151.101.13.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-book.woff2
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.scdn.co/build/css/reboot-ab91e4561d.css
Origin: https://spots.jdevcloud.com

Response headers

x-amz-version-id: uk_BB9oobL1KrkS6Nqt6_9wKZXILdN7q
Via: 1.1 varnish, 1.1 varnish
Age: 7484625
X-Cache: HIT, HIT
Date: Fri, 22 Nov 2019 03:30:21 GMT
X-Cache-Hits: 1, 5
Connection: keep-alive
Content-Length: 64512
x-amz-id-2: 3jR1mPE0M9rCT4X8hmPQ2jE834TVzCdh4yt/mqTjWfFWkxXBYKy6CikmRIgmh9SeHYJjqs4Xgik=
X-Served-By: cache-iad2139-IAD, cache-fra19151-FRA
Last-Modified: Thu, 07 Sep 2017 19:31:01 GMT
Server: AmazonS3
X-Timer: S1574393421.308597,VS0,VE0
ETag: "0c0dfc4df72c07c84b15651ab6f951a6"
x-amz-request-id: 77DC6A5520FD9186
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: application/font-woff
Expires: Fri, 07 Sep 2018 19:30:57 GMT

GET
H/1.1 200
OK circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 68 KB
68 KB 23ms
6ms Font
application/font-woff 151.101.13.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-bold.woff2
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.scdn.co/build/css/reboot-ab91e4561d.css
Origin: https://spots.jdevcloud.com

Response headers

x-amz-version-id: lv2cUiXWh9.bj.nXkNtlic0Fy4DS6vib
Via: 1.1 varnish, 1.1 varnish
Age: 1573037
X-Cache: HIT, HIT
Date: Fri, 22 Nov 2019 03:30:21 GMT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 69140
x-amz-id-2: eVHDdiukLCaeBZ5Q3FZoPo+LubUNB1IF80TsgIBBVqyGEf+BPHKgZMSS3gUPNguT2TSuX9HumW0=
X-Served-By: cache-iad2123-IAD, cache-fra19138-FRA
Last-Modified: Thu, 07 Sep 2017 19:31:01 GMT
Server: AmazonS3
X-Timer: S1574393421.309474,VS0,VE1
ETag: "14bfce9501e5a5dc0adbe559dd630bc6"
x-amz-request-id: 56FB38A61EB329B6
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: application/font-woff
Expires: Fri, 07 Sep 2018 19:30:57 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 254 KB
91 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 04:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Nov 2019 05:06:47 GMT
server: sffe
age: 83026
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92852
x-xss-protection: 0
expires: Fri, 20 Nov 2020 04:26:35 GMT

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_69a67f91-0cd8-11ea-a006-82d9c231943b

43 B
300 B

6ms
6ms

Image
image/gif

3.122.69.45
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_69a67f91-0cd8-11ea-a006-82d9c231943b
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.69.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-122-69-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Fri, 22 Nov 2019 03:30:21 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
location: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_69a67f91-0cd8-11ea-a006-82d9c231943b
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 302
alt-svc: clear
content-length: 0

GET
H2

204

420356.gif
idsync.rlcdn.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID}
https://t.myvisualiq.net/ul_cb/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID}
https://idsync.rlcdn.com/420356.gif?partner_uid=eab827fa-30f1-4e19-a134-504abf8d11d1

0
62 B

125ms
113ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420356.gif?partner_uid=eab827fa-30f1-4e19-a134-504abf8d11d1
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
date: Fri, 22 Nov 2019 03:30:21 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Location: https://idsync.rlcdn.com/420356.gif?partner_uid=eab827fa-30f1-4e19-a134-504abf8d11d1
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

21398
tags.bluekai.com/site/
Redirect Chain

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://tags.bluekai.com/site/21398?id=eab827fa-30f1-4e19-a134-504abf8d11d1

62 B
749 B

202ms
191ms

Image
image/gif

104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/21398?id=eab827fa-30f1-4e19-a134-504abf8d11d1
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 3283
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

Location: https://tags.bluekai.com/site/21398?id=eab827fa-30f1-4e19-a134-504abf8d11d1
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-5e82a1fa-2046-419c-ba87-faddae210d9d&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=0-5e82a1fa-2046-419c-ba87-faddae210d9d&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_...
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=67388775078407888733383965221933381150

43 B
300 B

6ms
6ms

Image
image/gif

3.122.69.45
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=67388775078407888733383965221933381150
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.69.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-122-69-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: suwJ4NPqRQE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=67388775078407888733383965221933381150
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
loadus.exelator.com/load/
Redirect Chain

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-cb2cb524-b87d-4beb-a4bc-0f22807ac8b9

124 B
124 B

64ms
12ms

Image
application/x-javascript

147.75.102.200
Packet Host

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=1260&buid=0-cb2cb524-b87d-4beb-a4bc-0f22807ac8b9
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: nginx/1.14.0 / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 200
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

Location: https://loadus.exelator.com/load/?p=204&g=1260&buid=0-cb2cb524-b87d-4beb-a4bc-0f22807ac8b9
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1901136573502950%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-96783887-fec1-4da0-8f0c-95426269a1ea

44 B
359 B

17ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-96783887-fec1-4da0-8f0c-95426269a1ea

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Fri, 22 Nov 2019 03:30:21 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-96783887-fec1-4da0-8f0c-95426269a1ea
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0KW7E1R008&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3056aac6dcbb8445157d3068f795af828db2954e971d785fd5a1d2888092fdb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 38353
x-xss-protection: 0
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1003 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 02:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3549
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Fri, 22 Nov 2019 03:31:12 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1202
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 22 Nov 2019 04:10:19 GMT

GET
H2 200 sync.min.js Show response
pixel-static.spotify.com/ 6 KB
2 KB 29ms
16ms Script
application/javascript 35.186.224.30
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel-static.spotify.com/sync.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.224.30 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

30.224.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

71dd399cbf7bd5f649195174b009fbf040770dfd966a84b727e984eea227d3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Sep 2019 15:47:09 GMT
server: envoy
strict-transport-security: max-age=31536000
content-type: application/javascript
status: 200
alt-svc: clear
x-envoy-upstream-service-time: 1
accept-ranges: bytes
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
27 KB 17ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: OJdUoydl5RfYuAhuYhvoOSjI0S/BDTQJWGmRcd6PWzz6lO8+sbhaWDhZRz8eNEDPClQTC7TDp5VUvmpn/W14bA==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 03:30:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%...
4721227.fls.doubleclick.net/ Frame FA4A
Redirect Chain

https://4721227.fls.doubleclick.net/activityi;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpor...
https://4721227.fls.doubleclick.net/activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https...

0
0

23ms
21ms

Document
text/html

172.217.23.166
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://4721227.fls.doubleclick.net/activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4721227.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 03:30:21 GMT
expires: Fri, 22 Nov 2019 03:30:21 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 962
x-xss-protection: 0
set-cookie: IDE=AHWqTUlIO__JImIpBAyNCe9rd-mca1W6gTtngI__llVXHye9r8Vz0fwzbzhHcLMO; expires=Wed, 16-Dec-2020 03:30:21 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 03:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4721227.fls.doubleclick.net/activityi;dc_pre=CLrx98Tw_OUCFQOC3goddOUEig;src=4721227;type=uidfq0;cat=spoti0;ord=7307886760549;gtm=2wgav9;auiddc=1215471262.1574393421;u2=undefined;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 22-Nov-2019 03:45:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 hotjar-444446.js Show response
static.hotjar.com/c/ 9 KB
3 KB 38ms
12ms Script
application/javascript 147.75.85.99
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-444446.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.85.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-5

Software

openresty /

Resource Hash

8ee9a439ebc51876923f76e628cfa2a9de77e8ae0f65ed6ad343d55dcd5695cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 26
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2455
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/3391d80cdcd0e0bca82566cf0ea910e3
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.074
accept-ranges: bytes
section-io-id: 644961ff1a481c584e22dc758dc3c64f

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 6ms
5ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
age: 69401
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19130-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1574393421.349453,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
732 B 161ms
138ms Script
application/javascript 2a02:26f0:6c00:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18a::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "1e214e15ac165378f0589400974edd54"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=7200
x-fallback: 146d4cc8-2.16.187.36
accept-ranges: bytes
content-length: 565

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 22ms
7ms Script
application/x-javascript 13.225.83.200
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.83.200 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3facb0fb4999f0b5d8116ce812c1d68d07b17782afb8cc480ae472ea6c5094fe

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Tue, 19 Nov 2019 21:19:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Nov 2019 21:15:10 GMT
Server: AmazonS3
Age: 22245
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: 6PZUPFIXfqTsxZboK8VN0l0wwpONnyXom7H5QuYVrDovy4t2l0zAOw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8872062

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b53e02bdb8081d96ba71eb3771f7583e4f228020b5636eed9517d2f90510be69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27663
x-xss-protection: 0
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.co...
https://sb.scorecardresearch.com/b2?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.c...

0
248 B

6ms
6ms

Image
text/plain

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=15654041&ns__t=1574393421335&ns_c=UTF-8&c8=Log%20in%20-%20Spotify&c7=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&c9=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html
Pragma: no-cache
Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=7268830&t=pageview&_s=1&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&dr=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.h...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_gid=1830155164.1574393421&gjid=1930160734&_v=j79&z=1503720301
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301&slf_rd=1&random=3852789706

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301&slf_rd=1&random=3852789706

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=38988934.1574393421&jid=537369325&_v=j79&z=1503720301&slf_rd=1&random=3852789706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 40 KB
10 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.13

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 10323
x-xss-protection: 0
pragma: public
x-fb-debug: axtv4Pb95ZqPE0hyUZ/c3L2wT0czwYZiq6etTQbi09HRgNQ0h8DyHZK/xGwGmLq1x7b78LKjfEbRbNLuYCABYg==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 03:30:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1483047915331997 Show response
connect.facebook.net/signals/config/ 349 KB
85 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1483047915331997?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

967f80df9327f821f7ee197b9e5a8d14f8b91ed5cfabcb2ad210770c3c6d52a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 87095
x-xss-protection: 0
pragma: public
x-fb-debug: 0pLXUsyKwgQL4kwmI/2xgt3hRfoeH3wbHlTsAg6r5okSGuHS9+0ixRe5dJv8uf+sD+52U85FTc6/BmqdSwNI8w==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 03:30:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.0dd33ed8c1ff42127b92.js Show response
script.hotjar.com/ 399 KB
70 KB 41ms
12ms Script
application/javascript 147.75.33.111
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.0dd33ed8c1ff42127b92.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-444446.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.111 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-12
Software: /
Resource Hash: 8d5b47f328c302946d1db9e927a5927e1900c04b83e3996c7d148af723d3751d

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:20 GMT
content-encoding: br
last-modified: Thu, 21 Nov 2019 09:24:48 GMT
access-control-allow-origin: *
etag: "d9246a3f3be23a1e99bca90ab0e14509"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.028
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 0fec2ec267076e59cf2c93c0fb5417e0
content-length: 70933

POST
H2 200 collect
www.google-analytics.com/g/ 35 B
132 B 13ms
12ms Other
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/g/collect?v=2&tid=G-0KW7E1R008&gtm=2oeav9&_p=7268830&sr=1600x1200&ul=en-us&cid=38988934.1574393421&_s=1&en=page_view&_fv=1&_ss=1&ep.country=us&ep.pagePath=spots.jdevcloud.com%2F39bde%2F&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&dr=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html&dt=Log%20in%20-%20Spotify&sid=1574393421&sct=1&seg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KW7E1R008&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
Origin: https://spots.jdevcloud.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://spots.jdevcloud.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
124 B 126ms
126ms Image
image/gif 104.244.42.197
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz9p8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 22 Nov 2019 03:30:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f953223c642effe7f34c04128ede5375
x-transaction: 00c28c5600494c24
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 118ms
118ms Image
image/gif 104.244.42.197
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvi9b&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Fri, 22 Nov 2019 03:30:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f953223c642effe7f34c04128ede5375
x-transaction: 00d4aaac005559f5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F
8872062.fls.doubleclick.net/ Frame BD77
Redirect Chain

https://8872062.fls.doubleclick.net/activityi;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?
https://8872062.fls.doubleclick.net/activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fs...

0
0

16ms
15ms

Document
text/html

172.217.23.166
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8872062.fls.doubleclick.net/activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KW7E1R008&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8872062.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 03:30:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 397
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 22-Nov-2019 03:45:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 03:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8872062.fls.doubleclick.net/activityi;dc_pre=CLyC_cTw_OUCFYQ74Aod8DAJig;src=8872062;type=invmedia;cat=spoti00;ord=9833840731122;gtm=2oeav9;auiddc=1215471262.1574393421;~oref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
5 KB 21ms
6ms Script
application/javascript 13.224.196.24
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cyruslogistics.com
URL: http://cyruslogistics.com:32000/mail/sp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 23:04:15 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 23:04:13 GMT
server: AmazonS3
age: 15966
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: j3unX_ebzRiMuDsvAlwg6CXZbLu95g-RvlgQCIAi4dkBaVvx2m_dHw==
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)

GET
H2 200 sync Show response
pixel.spotify.com/v2/ 408 B
531 B 17ms
16ms XHR
application/json 35.186.224.30
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.spotify.com/v2/sync?ce=1&pp=

Requested by

Host: pixel-static.spotify.com
URL: https://pixel-static.spotify.com/sync.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.224.30 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

30.224.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

36277d49fede2853199496726e8040484097d6705c9d2774bcf7a5908aa10ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/
Origin: https://spots.jdevcloud.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
status: 200
date: Fri, 22 Nov 2019 03:30:21 GMT
vary: origin
content-type: application/json
access-control-allow-origin: https://spots.jdevcloud.com
cache-control: private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: clear
content-length: 260
via: HTTP/2 edgeproxy, 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1483047915331997&ev=PageView&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&rl=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html&if=false&ts=1574393421461&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.2.1574393421460.1290534903&it=1574393421414&coo=false&tm=1&rqm=GET

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Fri, 22 Nov 2019 03:30:21 GMT

GET
H/1.1 200
OK event
spotify.demdex.net/ 42 B
610 B 121ms
29ms Image
image/gif 52.211.89.62
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spotify.demdex.net/event?d_cid=257894%25017f72b3b6-fbbc-49a8-830c-93cf135ac6f4&d_sid=10455245&pp=

Requested by

Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v054-0f117e49c.edge-irl1.demdex.com 5.63.0.20191112162344 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: U0OJhl9RRlE=
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,113
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 466206.gif
idsync.rlcdn.com/ 0
40 B 113ms
113ms Image
text/plain 35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/466206.gif?partner_uid=7f72b3b6-fbbc-49a8-830c-93cf135ac6f4&pp=
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
date: Fri, 22 Nov 2019 03:30:21 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK impression_pixel
t.myvisualiq.net/ 43 B
300 B 6ms
6ms Image
image/gif 3.122.69.45
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/impression_pixel?et=i&ago=212&ao=796&chnl=-19&vndr=1437&sz=6778&sp_adid=7f72b3b6-fbbc-49a8-830c-93cf135ac6f4&u=Eid_&pt=i
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.69.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-122-69-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame 5077 0
0 38ms
12ms Document
text/html 147.75.85.119
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-444446.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.85.119 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
date: Fri, 22 Nov 2019 03:30:21 GMT
content-type: text/html
content-length: 808
cache-control: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Nov 2019 13:04:25 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.027
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 0b825643a24ab3e5fde9d13e256b354c

GET
H2 200 i
tr.snapchat.com/cm/ Frame 3AD5 0
0 34ms
19ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 22 Nov 2019 03:30:21 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 6397 0
0 25ms
25ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 291
pragma: no-cache
cache-control: no-cache
origin: https://spots.jdevcloud.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
Origin: https://spots.jdevcloud.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 22 Nov 2019 03:30:21 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3HyREAIAgEsIqYcWVFLMcDq6B4zS8RrqNMynGj8FzIXL+uRA+HbWuZaJ06lBVZHgV6DMgyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 main.532239b0.js Show response
s.pinimg.com/ct/lib/ 45 KB
16 KB 130ms
129ms Script
application/javascript 2a02:26f0:6c00:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18a::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "42f2d9232667759ed210155c5be8d336"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=1209600
x-fallback: 146d4de1-2.16.187.36
accept-ranges: bytes
content-length: 16262

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
302 B 59ms
29ms XHR
image/gif 151.101.12.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613216299153&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1574393421663
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/
Origin: https://spots.jdevcloud.com

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: https://spots.jdevcloud.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-pinterest-rid: 5664935982435134
x-envoy-upstream-service-time: 0
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
81 B 62ms
35ms Image
image/gif 151.101.12.84
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613216299153&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F%22%2C%22ref%22%3A%22http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1574393421666
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-cdn: fastly
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 5916864548096350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
87 B 60ms
34ms Image
image/gif 151.101.12.84
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613216299153&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F%22%2C%22ref%22%3A%22http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1574393421667
Requested by: Host: spots.jdevcloud.com
URL: https://spots.jdevcloud.com/pora/39bde/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-cdn: fastly
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 0961296529549358
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/15654041/ 0
400 B 7ms
6ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/15654041/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 03:30:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Mon, 25 Nov 2019 03:30:21 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
217 B 127ms
127ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz9p8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 22 Nov 2019 03:30:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f74e55fa854f9d1638a5d9915dbd181b
x-transaction: 00688a0000684fbb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
267 B 126ms
126ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvi9b&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 22 Nov 2019 03:30:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f74e55fa854f9d1638a5d9915dbd181b
x-transaction: 00dd9c97007c9507
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 11E3 0
0 28ms
27ms Document
text/html 52.51.120.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=7avchlk&ref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&upid=abcf6bj&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.120.75 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-120-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=7avchlk&ref=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&upid=abcf6bj&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://spots.jdevcloud.com/pora/39bde/
accept-encoding: gzip, deflate, br
cookie: TDID=6fc65661-8829-42eb-a60d-a0457ae8d97a; TDCPM=CAEYBTgBQgQiAggB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://spots.jdevcloud.com/pora/39bde/

Response headers

status: 200
date: Fri, 22 Nov 2019 03:30:21 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 collect
www.google-analytics.com/g/ 35 B
111 B 13ms
12ms Other
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/g/collect?v=2&tid=G-0KW7E1R008&gtm=2oeav9&_p=7268830&sr=1600x1200&ul=en-us&cid=2116411747.1574393422&_s=2&en=scroll&_fv=1&_nsi=1&_ss=1&ep.country=us&ep.pagePath=spots.jdevcloud.com%2F39bde%2F&epn.percent_scrolled=90&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&dr=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html&dt=Log%20in%20-%20Spotify&sid=1574393421&sct=1&seg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KW7E1R008&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
Origin: https://spots.jdevcloud.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://spots.jdevcloud.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1483047915331997&ev=Microdata&dl=https%3A%2F%2Fspots.jdevcloud.com%2Fpora%2F39bde%2F&rl=http%3A%2F%2Fcyruslogistics.com%3A32000%2Fmail%2Fsp.html&if=false&ts=1574393421963&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20in%20%20-%20Spotify%22%2C%22meta%3Adescription%22%3A%22Spotify%20is%20a%20digital%20music%20service%20that%20gives%20you%20access%20to%20millions%20of%20songs.%22%2C%22meta%3Akeywords%22%3A%22Spotify%2C%20music%2C%20online%2C%20listen%2C%20streaming%2C%20play%2C%20digital%2C%20album%2C%20artist%2C%20playlist%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Music%20for%20everyone.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.spotify.com%2Fus%2Fsignup%2F%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.scdn.co%2Fi%2F_global%2Fopen-graph-default.png%22%2C%22og%3Adescription%22%3A%22Spotify%20is%20all%20the%20music%20you%E2%80%99ll%20ever%20need.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.13&r=stable&ec=1&o=30&fbp=fb.2.1574393421460.1290534903&it=1574393421414&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spots.jdevcloud.com/pora/39bde/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:30:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Fri, 22 Nov 2019 03:30:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snapchat.com/	1970-01-19 14:41:29	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3HyREAIAgEsIqYcWVFLMcDq6B4zS8RrqNMynGj8FzIXL+uRA+HbWuZaJ06lBVZHgV6DMgyAAAA
.spots.jdevcloud.com/	1970-01-19 13:52:31	Name: _hjid Value: 7d4b26d3-8999-4c12-a13f-0af0fc000c21
spots.jdevcloud.com/	1970-01-19 14:49:40	Name: _scid Value: b6e61772-8295-4880-b848-c01b069f8494
.doubleclick.net/	1970-01-19 05:19:54	Name: test_cookie Value: CheckForPermission
.spots.jdevcloud.com/	1970-01-19 07:29:29	Name: _fbp Value: fb.2.1574393421460.1290534903

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4721227.fls.doubleclick.net
8872062.fls.doubleclick.net
analytics.twitter.com
connect.facebook.net
ct.pinterest.com
cyruslogistics.com
dpm.demdex.net
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
loadus.exelator.com
pixel-static.spotify.com
pixel.spotify.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
sp-bootstrap.global.ssl.fastly.net
spotify.demdex.net
spots.jdevcloud.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.myvisualiq.net
tags.bluekai.com
tapestry.tapad.com
tr.snapchat.com
vars.hotjar.com
vt.myvisualiq.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.scdn.co
104.111.241.32
104.244.42.197
104.244.42.3
112.199.115.153
13.224.196.127
13.224.196.24
13.225.83.200
147.75.102.200
147.75.33.111
147.75.85.119
147.75.85.99
151.101.112.246
151.101.12.157
151.101.12.84
151.101.13.194
172.217.23.166
23.43.115.95
2607:1b00:93b2:e42c::b0fb
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:400c:c08::9a
2a02:26f0:6c00:18a::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.69.45
3.248.26.129
35.186.224.30
35.186.226.184
35.190.72.21
35.227.248.159
52.211.89.62
52.51.120.75
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28
284407629dac49f18f897e14a35001ad2534f9d062bac9b558143fc5bb0adbe5
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3325eefa511436f5081cbe06a10bcdcf5b999d1aee24b610e3329996f0f3b304
36277d49fede2853199496726e8040484097d6705c9d2774bcf7a5908aa10ba5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
3dee1da12107600ed051f682fe923b098e1d23b8b9ab163508c1416ed57fefbe
3facb0fb4999f0b5d8116ce812c1d68d07b17782afb8cc480ae472ea6c5094fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
71dd399cbf7bd5f649195174b009fbf040770dfd966a84b727e984eea227d3d8
764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f
769dae020149617e3d70328c3e1557fa3ca53fa128a9743ab389b2bfcb5327f1
7aafcec943571b9b12ffd6b9a48f93ceb5134f59a78b0b6211e7417b797630bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d5b47f328c302946d1db9e927a5927e1900c04b83e3996c7d148af723d3751d
8db26c1292c22b425000e5978e7ad09b9f1d839b1b092bb59444b2c4ba9f8ea9
8ee9a439ebc51876923f76e628cfa2a9de77e8ae0f65ed6ad343d55dcd5695cf
8f5c53710cc9dda258a5a4cb8999d87ccce8e3e90e8dacf31af1f9d594c41905
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
967f80df9327f821f7ee197b9e5a8d14f8b91ed5cfabcb2ad210770c3c6d52a2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b53e02bdb8081d96ba71eb3771f7583e4f228020b5636eed9517d2f90510be69
c18fb55d359b238a284734390b79a16aa10cf167f0a7db24e9acc533897358b3
c1d40dc457dc2eb81826e58c058dadae190afbba6d38951d2cdad8b7b01b33eb
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de1dc925c2035a5d064f096ca41b20d6e16d0e8208da9af9b027f19e93408d75
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd
f11d7d6ed5c317cc6a3b7d5fd4a39074d85755b62e8c4b89ad14f17543228f58
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f3056aac6dcbb8445157d3068f795af828db2954e971d785fd5a1d2888092fdb
f89bc1cd36f55eb91154153aabf408ab21df90b4ac7c7eca400b15bf0c36ceb0

spots.jdevcloud.com Open in urlscan Pro 2607:1b00:93b2:e42c::b0fb Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

29 %IPv6

29 Domains

37 Subdomains

32 IPs

8 Countries

783 kBTransfer

2459 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spots.jdevcloud.com Open in urlscan Pro
2607:1b00:93b2:e42c::b0fb Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

29 %
IPv6

29
Domains

37
Subdomains

32
IPs

8
Countries

783 kB
Transfer

2459 kB
Size

5
Cookies

61 HTTP transactions
0 data transactions