websript-spotify.com
Open in
urlscan Pro
190.14.37.245
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On July 11 via api from GB
Summary
This is the only time websript-spotify.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spotify (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 190.14.37.245 190.14.37.245 | 52469 (Offshore ...) (Offshore Racks S.A) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 52.202.160.6 52.202.160.6 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
21 | 5 |
ASN52469 (Offshore Racks S.A, PA)
PTR: picna.globaleory.com
websript-spotify.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-160-6.compute-1.amazonaws.com
ws.sessioncam.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
websript-spotify.com
websript-spotify.com |
1003 KB |
1 |
sessioncam.com
ws.sessioncam.com |
419 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
10 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
0 |
fastly.net
Failed
sp-bootstrap.global.ssl.fastly.net Failed |
|
21 | 5 |
Domain | Requested by | |
---|---|---|
16 | websript-spotify.com |
websript-spotify.com
|
1 | ws.sessioncam.com |
websript-spotify.com
|
1 | maxcdn.bootstrapcdn.com |
websript-spotify.com
|
1 | ajax.googleapis.com |
websript-spotify.com
|
0 | sp-bootstrap.global.ssl.fastly.net Failed |
websript-spotify.com
|
21 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.spotify.com |
www.headspace.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
*.googleapis.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
ws.sessioncam.com Amazon |
2019-05-14 - 2020-06-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://websript-spotify.com/subscription-key-1876387627862/region/else/SpotifyBilling.php
Frame ID: A148EBEBC345FC55BD79690294820F33
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
- headers server /php\/?([\d.]+)?/i
Python (Programming Languages) Expand
Detected patterns
- headers server /(?:^|\s)Python(?:\/([\d.]+))?/i
- headers server /mod_wsgi(?:\/([\d.]+))?/i
CentOS (Operating Systems) Expand
Detected patterns
- headers server /CentOS/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_wsgi (Web Server Extensions) Expand
Detected patterns
- headers server /mod_wsgi(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
- headers server /mod_wsgi(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Cookie Policy
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Log Out
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Spotify
Search URL Search Domain Scan URL
Title: Upgrade
Search URL Search Domain Scan URL
Title: headspace.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
SpotifyBilling.php
websript-spotify.com/subscription-key-1876387627862/region/else/ |
59 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spotify-b24b86f287.css
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
326 KB 326 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offer-panel-966be1b51b.css
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
96 KB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sessioncam.js
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
266 KB 266 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.aspx
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
169 B 524 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
websript-spotify.com/subscription-key-1876387627862/region/else/......//////////assets/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
websript-spotify.com/subscription-key-1876387627862/region/else/assets/css/ |
201 B 540 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa.jpg
websript-spotify.com/subscription-key-1876387627862/region/else/assets/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mastercard.jpg
websript-spotify.com/subscription-key-1876387627862/region/else/assets/images/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amex.jpg
websript-spotify.com/subscription-key-1876387627862/region/else/assets/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.payform.min.js
websript-spotify.com/subscription-key-1876387627862/region/else/assets/js/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
websript-spotify.com/subscription-key-1876387627862/region/else/assets/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offer-panel-9527580ef4.js
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
185 KB 186 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
df.js
websript-spotify.com/subscription-key-1876387627862/Spotify%20Billing_files/ |
44 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.aspx
ws.sessioncam.com/Record/ |
145 B 419 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
websript-spotify.com/subscription-key-1876387627862/region/else/......//////////assets/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
623 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
381 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
307 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
safe-input.gif
websript-spotify.com/i/forms/ |
220 B 220 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.2/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
373 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.2/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sp-bootstrap.global.ssl.fastly.net
- URL
- https://sp-bootstrap.global.ssl.fastly.net/8.2.2/fonts/circular-book.woff2
- Domain
- sp-bootstrap.global.ssl.fastly.net
- URL
- https://sp-bootstrap.global.ssl.fastly.net/8.2.2/fonts/circular-bold.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spotify (Online)52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| html5 function| html5shim object| sessionCamRecorder function| SessionCamRecorder number| scInitTime0 function| sessionCamJQuery function| $ function| jQuery object| jQuery112408799888381524019 object| spweb function| ErrorDisplay function| Translation function| Dialog function| SubView function| viewMap function| Sifter object| MicroPlugin function| Selectize object| Raven function| Inputmask object| _ function| dfGetPlug function| dfGetIEAV function| dfGetFonts function| dfInitDS function| dfGetDS function| dfGetIEUD function| getWebglFp function| getJsFonts function| dfGetProp function| dfCanvasFingerprint function| populateFontList function| dfGetEntropy function| dfSet function| dfHashConcat function| dfDo function| padString function| calculateMd5_b64 function| md5_cmc5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| md5_safe_add function| md5_bit_rol function| md5_s2b function| md5_binl2b64 object| PluginDetect0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
maxcdn.bootstrapcdn.com
sp-bootstrap.global.ssl.fastly.net
websript-spotify.com
ws.sessioncam.com
sp-bootstrap.global.ssl.fastly.net
190.14.37.245
209.197.3.15
2a00:1450:4001:825::200a
52.202.160.6
04cb33fb591b7867cb2729fa81f0bb0fee3bfe0e3fb8c96828485cc38aee3b51
27c6c010b56541288cf75fa5e8773311aadac4e60add1a00351da2664fcad6cf
490d9315b1625faad52ea0e9cee7e896298be5bc423f297e8e05427276e2b86b
5112cb8fe858303a3e466cf6c702a2f2da711ff8722d1a976cb9272d53e4c2a4
5314c05004534b7ad529b2ed9f83c58eca0004ff24a5b876ffb09b4b4aacb4d0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
586c5e4e6469e052bde4c1086374944c4710acd2e7addb4868b5eb808cb86b24
593c07c0a0926217c2238deb0a5a35c110a777bf88f484075e0a017c5260bd90
638a3effa9b28def0b1f6d97036c357bb6f440a762817c2f75dd172e3915ab3a
665f931053696a7a3b58fd16e56d9e3bca509b07394d8d8683b3ae3691b0775f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
72cdde54cb5873078eccfab3f4d0e94a6d375e2a767fe66882601663686eed43
75fef0bf00b04ac5b707aab7ad60d7263b4c024dfab3cf438bfb2ee955bf28cb
8424080a59db2a994ed98bb678b40b772b0cd4f722deceff9e9254db75eabf35
87f645239bdd5740d2478920815b4bdcfd88c4745c892cd9106b08aede589f3a
914100a3b46f4c97bf596eb5672cb4c74d34968ecef699c9a77833565c03c621
9d1980bad3269b042d78ea6481238ff045172cefc3f437966159a207c858739b
ae075e8a3546b2b35f156607d37803297ced212d4b83d68a9eadacd07a0bb3c6
d300244e66ccc0c82e99401c03a85d80390a79de6f123bb5b32545197a2afe57
d469d73efdfacc79e74999e0851195830900ed91e7209c7003862e854e1f2ee1
da012e522cfe487e9e60104c14d5f68b90f5309331250bec6748609b8a3bbc03
f6cc19ea0ab3e72ff2d3c81d0f7122f4ddb2c86f0f5f73a21cbe4ba194ea2afa