urlscan.io logo urlscan.io
SecurityTrails logo

spotifyapp.atekps.kz Open in urlscan Pro
185.98.5.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://art.net.my/link/?67749454879949
Effective URL: https://spotifyapp.atekps.kz/svg/
Submission: On June 08 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 185.98.5.126, located in Astana, Kazakhstan and belongs to HOSTER-AST Hoster.KZ - Astana, KZ. The main domain is spotifyapp.atekps.kz.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.
This is the only time spotifyapp.atekps.kz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 103.133.133.74 136412 (TSI-AS-AP...)
1 185.98.5.126 207333 (HOSTER-AS...)
1 151.101.66.137 54113 (FASTLY)
2 3
Apex Domain
Subdomains		 Transfer
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
30 KB
1 atekps.kz
spotifyapp.atekps.kz
636 KB
1 art.net.my
art.net.my
195 B
2 3
Domain Requested by
1 code.jquery.com spotifyapp.atekps.kz
1 spotifyapp.atekps.kz
1 art.net.my 1 redirects
2 3

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
spotifyapp.atekps.kz
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://spotifyapp.atekps.kz/svg/
Frame ID: 38D44C4D03E0AEDE9358ED6327DEF0EF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Spotify

Page URL History Show full URLs

  1. https://art.net.my/link/?67749454879949 HTTP 302
    https://spotifyapp.atekps.kz/svg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

921 kB
Transfer

1304 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://art.net.my/link/?67749454879949 HTTP 302
    https://spotifyapp.atekps.kz/svg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
spotifyapp.atekps.kz/svg/
Redirect Chain
  • https://art.net.my/link/?67749454879949
  • https://spotifyapp.atekps.kz/svg/
963 KB
636 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spotifyapp.atekps.kz/svg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.98.5.126 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ),
Reverse DNS
pkz14.hoster.kz
Software
nginx / PleskLin
Resource Hash
322e6e399009e1d519bd001cbc057edba6d363494d7cb4e608388f0f81947f6b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 13:40:37 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 13:40:36 GMT
location
https://spotifyapp.atekps.kz/svg/
server
nginx
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: spotifyapp.atekps.kz
URL: https://spotifyapp.atekps.kz/svg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://spotifyapp.atekps.kz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 08 Jun 2024 13:40:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3711833
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-ams2100105-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717854038.284366,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
111685, 9084
truncated
/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

Request headers

Referer
Origin
https://spotifyapp.atekps.kz
Accept-Language
de-CH,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff2
truncated
/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

Request headers

Referer
Origin
https://spotifyapp.atekps.kz
Accept-Language
de-CH,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff2
truncated
/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2

Request headers

Referer
Origin
https://spotifyapp.atekps.kz
Accept-Language
de-CH,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies