accountsspotify-comlogin-continue.linkpc.net
Open in
urlscan Pro
85.208.136.117
Malicious Activity!
Public Scan
Submission: On April 29 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 29th 2023. Valid for: 3 months.
This is the only time accountsspotify-comlogin-continue.linkpc.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spotify (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 85.208.136.117 85.208.136.117 | 211252 (AS_DELIS) (AS_DELIS) | |
1 | 2a09:8280:1::3:e 2a09:8280:1::3:e | 40509 (FLY) (FLY) | |
16 | 2 |
ASN211252 (AS_DELIS, US)
accountsspotify-comlogin-continue.linkpc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
linkpc.net
accountsspotify-comlogin-continue.linkpc.net |
442 KB |
1 |
worldtimeapi.org
worldtimeapi.org — Cisco Umbrella Rank: 27438 |
870 B |
16 | 2 |
Domain | Requested by | |
---|---|---|
15 | accountsspotify-comlogin-continue.linkpc.net |
accountsspotify-comlogin-continue.linkpc.net
|
1 | worldtimeapi.org |
accountsspotify-comlogin-continue.linkpc.net
|
16 | 2 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
accountsspotify-comlogin-continue.linkpc.net R3 |
2023-04-29 - 2023-07-28 |
3 months | crt.sh |
worldtimeapi.org R3 |
2023-03-26 - 2023-06-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://accountsspotify-comlogin-continue.linkpc.net/
Frame ID: 1D836FBCBC718BF9104E968892E66900
Requests: 16 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Shankusu Store (click)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
accountsspotify-comlogin-continue.linkpc.net/ |
414 B 389 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
495.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
179 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
268.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
275.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
17 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
117.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
63 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67.js
accountsspotify-comlogin-continue.linkpc.net/app-assets/js/ |
118 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
accountsspotify-comlogin-continue.linkpc.net/app-assets/ |
0 151 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.json
accountsspotify-comlogin-continue.linkpc.net/app-assets/json/ |
63 B 218 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
accountsspotify-comlogin-continue.linkpc.net/app-assets/json/lang/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
New_York
worldtimeapi.org/api/timezone/America/ |
422 B 870 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-OS2v3-Black.woff2
accountsspotify-comlogin-continue.linkpc.net/app-assets/font/ |
62 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-OS2v3-Book.woff2
accountsspotify-comlogin-continue.linkpc.net/app-assets/font/ |
59 KB 59 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-OS2v3-Light.woff2
accountsspotify-comlogin-continue.linkpc.net/app-assets/font/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xxx.jpg
accountsspotify-comlogin-continue.linkpc.net/app-assets/image/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r1MmEU9fBBc4.woff2
accountsspotify-comlogin-continue.linkpc.net/app-assets/font/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spotify (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| webpackChunksimple0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accountsspotify-comlogin-continue.linkpc.net
worldtimeapi.org
2a09:8280:1::3:e
85.208.136.117
0a69c9b802c384d757f91eee229621e88108948ec8fa37694ad4157f3cd5d5a9
0c308bd5e66959b02bf21a8fd3a9eca1f38ba42a1b3a8fd9f4da51685f71c4b6
1c989bf3c7ce2ccbd5e501359d99ee7e782a0adacee44fe2ef61018323689df8
52472b943777e08f83bcaf37c40a50e1a15d514fc9ac9cc17b29c6776158a21a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe0f1f2b6468439e4776211f33569c98798cc42fe05c2ec73ad82d41bc84333
883b7b0165516c12b16a8b335e8607e14d8131276d5690c4d9bf17387f28fb88
8d0f3657de46a331165d9b59c50b5f459490b19f2762fd32b4f9277b1ac5bfb2
9dc43f390ff08d5e39a1aa22e21747c6d1ec3071327f7dbdbcd1d60968ddefac
aa588690bc5473cf8e3c3f38db37f30ed41799b3bcc6bdfd97268ae8b88cc79f
b9befeb08328abd8ac37e09221b1b818f1e09230247ee36a4a854ec80b5ab79e
c018d088e08b62bd13ab14fdcc0c9c3b07ed42f67d39ef0e6217b76190dcc3c5
db19d31a39397630d857c70e23e65055387b640fdce0b0a4bbaf655be46ce504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9fbeec4c9fef79a86d727146803394b042dede315ba7427ccbb3600e9cb014e
ec2b383c934b812a84ee52176a14cf158767c1df4b4953e86c9ceb022d89e822