![](/screenshots/b8bef898-8804-4dfe-bb12-51e612b4327e.png)
open.spotify.com
Open in
urlscan Pro
2600:1901:1:c36::
Public Scan
Effective URL: https://open.spotify.com/album/5zdyJ1tIuyuSW8o67GnglS
Submission: On May 04 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 3rd 2021. Valid for: a year.
This is the only time open.spotify.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 85.13.139.171 85.13.139.171 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
1 | 2600:1901:1:c... 2600:1901:1:c36:: | 15169 (GOOGLE) (GOOGLE) | |
9 | 2a04:4e42:62:... 2a04:4e42:62::760 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:400d:804::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
19 | 6 |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd19328.kasserver.com
www.incontrol.theweightrock.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
scdn.co
open.scdn.co |
1 MB |
4 |
google.com
www.google.com |
16 KB |
3 |
gstatic.com
www.gstatic.com |
287 KB |
1 |
googleoptimize.com
www.googleoptimize.com |
36 KB |
1 |
spotify.com
open.spotify.com |
16 KB |
1 |
theweightrock.com
1 redirects
www.incontrol.theweightrock.com |
120 B |
19 | 6 |
Domain | Requested by | |
---|---|---|
9 | open.scdn.co |
open.spotify.com
|
4 | www.google.com |
open.spotify.com
www.gstatic.com www.google.com |
3 | www.gstatic.com |
www.google.com
|
1 | www.googleoptimize.com |
open.spotify.com
|
1 | open.spotify.com | |
1 | www.incontrol.theweightrock.com | 1 redirects |
19 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-05-03 - 2022-05-03 |
a year | crt.sh |
*.scdn.co DigiCert SHA2 Secure Server CA |
2020-08-05 - 2021-09-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://open.spotify.com/album/5zdyJ1tIuyuSW8o67GnglS
Frame ID: 7B3CBB9CDCC82E267306003FFE8B3143
Requests: 14 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfCVLAUAAAAALFwwRnnCJ12DalriUGbj8FW_J39&co=aHR0cHM6Ly9vcGVuLnNwb3RpZnkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=ik1tp1593xii
Frame ID: F0BD43C872E77D29BF7621DDE9404EEF
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/b8bef898-8804-4dfe-bb12-51e612b4327e.png)
Page URL History Show full URLs
-
https://www.incontrol.theweightrock.com/
HTTP 307
https://open.spotify.com/album/5zdyJ1tIuyuSW8o67GnglS Page URL
Detected technologies
![](/vendor/wappa/icons/Envoy.png)
Detected patterns
- headers server /^envoy$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.incontrol.theweightrock.com/
HTTP 307
https://open.spotify.com/album/5zdyJ1tIuyuSW8o67GnglS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
5zdyJ1tIuyuSW8o67GnglS
open.spotify.com/album/ Redirect Chain
|
77 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CircularSpUIv3T-Book.3466e0ec.woff2
open.scdn.co/cdn/fonts/ |
67 KB 68 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CircularSpUIv3T-Bold.8d0a45cc.woff2
open.scdn.co/cdn/fonts/ |
71 KB 72 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CircularSpUIv3T-Light.afd9ab26.woff2
open.scdn.co/cdn/fonts/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spoticon_regular_2.d319d911.woff2
open.scdn.co/cdn/fonts/ |
56 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web-player.242c0a07.css
open.scdn.co/cdn/build/web-player/ |
254 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor~web-player.842ae714.css
open.scdn.co/cdn/build/web-player/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.googleoptimize.com/ |
92 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.ad58f302.js
open.scdn.co/cdn/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
api.js
www.google.com/recaptcha/ |
884 B 608 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web-player.5022ea02.js
open.scdn.co/cdn/build/web-player/ |
1 MB 369 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor~web-player.285a6f8b.js
open.scdn.co/cdn/build/web-player/ |
3 MB 848 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ |
335 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
anchor
www.google.com/recaptcha/api2/ Frame F0BD |
19 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
09f59863-8f6d-401b-a355-c00fa77c6d3c
https://open.spotify.com/ |
47 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame F0BD |
51 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame F0BD |
335 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js
www.google.com/js/bg/ Frame F0BD |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
webworker.js
www.google.com/recaptcha/api2/ Frame F0BD |
102 B 133 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunkopen object| recaptcha function| setImmediate function| clearImmediate object| __SENTRY__ function| Mousetrap object| platform function| OverlayScrollbars object| google_tag_manager object| dataLayer object| google_optimize function| ownKeys function| _objectSpread function| _defineProperty function| gtag object| closure_lm_7859743 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.spotify.com/ | Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Falbum%2F5zdyJ1tIuyuSW8o67GnglS |
|
.spotify.com/ | Name: sp_t Value: a0b2b07558515460e777026cb199a5ea |
|
open.spotify.com/album | Name: loglevel Value: WARN |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' 'unsafe-eval' blob: open.scdn.co open-review.scdn.co quicksilver.scdn.co www.google-analytics.com www.googletagmanager.com static.ads-twitter.com analytics.twitter.com s.pinimg.com sc-static.net https://www.google.com/recaptcha/ cdn.ravenjs.com connect.facebook.net www.gstatic.com sb.scorecardresearch.com pixel-static.spotify.com https://s3.amazonaws.com/ki.js/51746/b0R.js turbo.qualaroo.com optimize.google.com cdn.cookielaw.org geolocation.onetrust.com www.googleoptimize.com www.fastly-insights.com static.hotjar.com script.hotjar.com https://www.googleadservices.com/pagead/conversion_async.js https://www.googleadservices.com/pagead/conversion/938675917/ 'sha256-WfsTi7oVogdF9vq5d14s2birjvCglqWF842fyHhzoNw=' 'sha256-KRzjHxCdT8icNaDOqPBdY0AlKiIh5F8r4bnbe1PQwss='; frame-ancestors 'self'; |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
open.scdn.co
open.spotify.com
www.google.com
www.googleoptimize.com
www.gstatic.com
www.incontrol.theweightrock.com
2600:1901:1:c36::
2a00:1450:4001:808::2004
2a00:1450:4001:830::2003
2a00:1450:400d:804::200e
2a04:4e42:62::760
85.13.139.171
12e15e7ecbf074d7eabb65006c234bb44c50ec4665970e50bba1a8e847cc6dba
1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47
1f018c594256abe2748ab090de002a49538af9a53bc1f36268181f923940378e
3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02
5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0
897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
976890157b7eb0d22e7179d07b556acb9aafa7f527846956989cc0336cc4e827
9b9288fae7f3eeecec8c8d96f226b3c62adb7278c96cd0c45a6e76309c15d068
9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705
a747eab42b370dc668c766f9ecc4b2700385d9696248970441e8ff10d522871b
add671586ee6124e56b629a04bd3397797008a466236f587bd6936ff262d2b82
c0931b005beb731bb77071ca5d57064c143ed4359dcdd1891130896a519c8f9d
c5ecd27e9634efb181a121d5b82419c3bd4ec9e70f6503e7ab8ebc3ac7f8ab28
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d9874563a7e3a33d16f940554ff1940e967baf3a462ae20be2cfc828d7b1056b
db22b70f8948a77fbd54101dd8f3abcc4edc218effb29dabbbcc0e32c97aa1f9
fb21ec526c3cb3e09ee5745b522b8961667152e5ae331818091cddde8feeff44