![](/screenshots/7d04d9c1-3f3b-40eb-bfbf-25ef9064b117.png)
investors.spotify.com.sg1.noyszid.filegear-sg.me
Open in
urlscan Pro
172.67.191.248
Public Scan
Effective URL: https://investors.spotify.com.sg1.noyszid.filegear-sg.me/?wid=1717077101879
Submission Tags: @phishunt_io
Submission: On May 30 via api from DE — Scanned from SG
Summary
TLS certificate: Issued by E1 on May 30th 2024. Valid for: 3 months.
This is the only time investors.spotify.com.sg1.noyszid.filegear-sg.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 172.67.191.248 172.67.191.248 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 163.181.160.229 163.181.160.229 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 163.181.81.237 163.181.81.237 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 163.181.42.242 163.181.42.242 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
12 | 5 |
ASN13335 (CLOUDFLARENET, US)
investors.spotify.com.sg1.noyszid.filegear-sg.me |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
unpkg.byted-static.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
lf3-short.ibytedapm.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sf3-cdn-tos.douyinstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
ibytedapm.com
lf3-short.ibytedapm.com — Cisco Umbrella Rank: 43792 |
28 KB |
2 |
filegear-sg.me
investors.spotify.com.sg1.noyszid.filegear-sg.me |
5 KB |
1 |
douyinstatic.com
sf3-cdn-tos.douyinstatic.com — Cisco Umbrella Rank: 28613 |
9 KB |
1 |
byted-static.com
unpkg.byted-static.com — Cisco Umbrella Rank: 144868 |
27 KB |
0 |
zijieapi.com
Failed
mon.zijieapi.com Failed |
|
0 |
bytedance.com
Failed
ttwid.bytedance.com Failed |
|
12 | 6 |
Domain | Requested by | |
---|---|---|
2 | lf3-short.ibytedapm.com |
investors.spotify.com.sg1.noyszid.filegear-sg.me
lf3-short.ibytedapm.com |
2 | investors.spotify.com.sg1.noyszid.filegear-sg.me |
investors.spotify.com.sg1.noyszid.filegear-sg.me
|
1 | sf3-cdn-tos.douyinstatic.com | |
1 | unpkg.byted-static.com |
investors.spotify.com.sg1.noyszid.filegear-sg.me
|
0 | mon.zijieapi.com Failed |
lf3-short.ibytedapm.com
|
0 | ttwid.bytedance.com Failed |
unpkg.byted-static.com
lf3-short.ibytedapm.com |
12 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
noyszid.filegear-sg.me E1 |
2024-05-30 - 2024-08-28 |
3 months | crt.sh |
*.byted-static.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
*.ibytedapm.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
*.douyinstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://investors.spotify.com.sg1.noyszid.filegear-sg.me/?wid=1717077101879
Frame ID: 02F89A97553B9AA0ED8D0113C726E7F7
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/7d04d9c1-3f3b-40eb-bfbf-25ef9064b117.png)
Page URL History Show full URLs
- https://investors.spotify.com.sg1.noyszid.filegear-sg.me/ Page URL
- https://investors.spotify.com.sg1.noyszid.filegear-sg.me/?wid=1717077101879 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://investors.spotify.com.sg1.noyszid.filegear-sg.me/ Page URL
- https://investors.spotify.com.sg1.noyszid.filegear-sg.me/?wid=1717077101879 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
investors.spotify.com.sg1.noyszid.filegear-sg.me/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.umd.production.js
unpkg.byted-static.com/byted-ucenter/ttwid-js/1.0.1/dist/ |
102 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browser.cn.js
lf3-short.ibytedapm.com/slardar/fe/sdk-web/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
ttwid.bytedance.com/ttwid/union/register/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
browser-settings
mon.zijieapi.com/monitor_web/settings/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
browser-settings
mon.zijieapi.com/monitor_web/settings/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-monitors.1.12.7.js
lf3-short.ibytedapm.com/slardar/fe/sdk-web/plugins/ |
21 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toutiao_favicon.ico
sf3-cdn-tos.douyinstatic.com/obj/eden-cn/uhbfnupkbps/ |
8 KB 9 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
ttwid.bytedance.com/ttwid/union/register/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
ttwid.bytedance.com/ttwid/union/register/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
investors.spotify.com.sg1.noyszid.filegear-sg.me/ |
41 B 412 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
investors.spotify.com.sg1.noyszid.filegear-sg.me/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ttwid.bytedance.com
- URL
- https://ttwid.bytedance.com/ttwid/union/register/
- Domain
- mon.zijieapi.com
- URL
- https://mon.zijieapi.com/monitor_web/settings/browser-settings?bid=toutiao_web_pc&store=1
- Domain
- mon.zijieapi.com
- URL
- https://mon.zijieapi.com/monitor_web/settings/browser-settings?bid=toutiao_web_pc&store=1
- Domain
- ttwid.bytedance.com
- URL
- https://ttwid.bytedance.com/ttwid/union/register/
- Domain
- ttwid.bytedance.com
- URL
- https://ttwid.bytedance.com/ttwid/union/register/
- Domain
- investors.spotify.com.sg1.noyszid.filegear-sg.me
- URL
- https://investors.spotify.com.sg1.noyszid.filegear-sg.me/favicon.ico
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bytedance.com/ | Name: ttwid Value: 1%7CuVHdfnKuHY-0CyGbHtuD_YHHPT0UtEWiiDKY5UOIqdI%7C1717077101%7C92d06c6bc2dbad99768108bb80edd3cf20d66a2c6169ec782f7cbe24e45ccf38 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'unsafe-eval' 'wasm-unsafe-eval' 'report-sample' 'strict-dynamic' 'nonce-4Y6vf4fw5noZmddS3ojUX' *.bytescm.com *.bytednsdoc.com *.ibytedapm.com *.snssdk.com *.yhgfb-cn-static.com *.bytetos.com *.byte-gslb.com *.bytegoofy.com *.bytecdn.cn;style-src 'self' 'unsafe-inline' *.toutiaoimg.com *.bdxiguaimg.com *.bytescm.com *.bytegoofy.com *.douyinstatic.com *.toutiao.com *.toutiaostatic.com cdn.bootcss.com;frame-ancestors 'self' *.bytedance.net *.snssdk.com shiqu.cn *.shiqu.cn zhan.vivo.com wukong.vivo.com.cn *.feishuapp.cn search-bpo.bytedance.com *.toutiao.com *.bytescm.com tcs.jiyunhudong.com aidp.bytedance.com;report-uri https://mon.zijieapi.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=toutiao_web_pc;report-to main-endpoint |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
investors.spotify.com.sg1.noyszid.filegear-sg.me
lf3-short.ibytedapm.com
mon.zijieapi.com
sf3-cdn-tos.douyinstatic.com
ttwid.bytedance.com
unpkg.byted-static.com
investors.spotify.com.sg1.noyszid.filegear-sg.me
mon.zijieapi.com
ttwid.bytedance.com
163.181.160.229
163.181.42.242
163.181.81.237
172.67.191.248
22018af8508244aa729ccf74692ed9ac695f5edb1a2512d481443a38085359e0
509eb11ffedfacdea11c58beb5f11fc87cab6c61f3b6d0076869878a25a6abbe
8ca93806242fcf868f434ee49ae71ec7c72e86a8f946f42567a0746cd5b1491a
97cf37d41db3c1581ab36f6b8708c409a4bff1d45f2843a736017a699ae50d7a
dc7b9705741e9fbc9a1a201cdc29d5e4de01329d09403df0a537f3c9599e0f85
fe96992ece274aa739ab85c4fcfdbf074f0876140274832291a3f673bec5dba4