URL: https://spotify.balaji.host/
Submission Tags: @phishunt_io
Submission: On December 25 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 76.76.21.21, located in United States and belongs to AMAZON-02, US. The main domain is spotify.balaji.host.
TLS certificate: Issued by R3 on December 24th 2021. Valid for: 3 months.
This is the only time spotify.balaji.host was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 76.76.21.21 16509 (AMAZON-02)
1 67.205.56.88 26347 (DREAMHOST-AS)
2 2600:1901:1:c... 15169 (GOOGLE)
7 3
Apex Domain
Subdomains
Transfer
4 balaji.host
spotify.balaji.host
126 KB
2 spotify.com
accounts.spotify.com
388 B
1 getheavy.com
getheavy.com
20 KB
7 3
Domain Requested by
4 spotify.balaji.host spotify.balaji.host
2 accounts.spotify.com spotify.balaji.host
1 getheavy.com
7 3

This site contains links to these domains. Also see Links.

Domain
accounts.spotify.com
Subject Issuer Validity Valid
spotify.balaji.host
R3
2021-12-24 -
2022-03-24
3 months crt.sh
www.getheavy.com
R3
2021-12-17 -
2022-03-17
3 months crt.sh
*.spotify.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-03 -
2022-05-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://spotify.balaji.host/
Frame ID: DEBAFBFE211AE7FE0CC1B48ADAAD582C
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

React App

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

146 kB
Transfer

432 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
spotify.balaji.host/
3 KB
2 KB
Document
General
Full URL
https://spotify.balaji.host/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
179f28145effb9de90b514e73136d8fb97ad00a95d24cd057eee47318e18994e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Dec 2021 04:53:51 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=0, must-revalidate
etag
W/"179f28145effb9de90b514e73136d8fb97ad00a95d24cd057eee47318e18994e"
access-control-allow-origin
*
content-disposition
inline; filename="index.html"
age
25554
x-vercel-cache
HIT
server
Vercel
x-vercel-id
fra1:fra1::pvbm4-1640408031681-d77b54a6830b
strict-transport-security
max-age=63072000
content-encoding
br
main.5ab49871.chunk.css
spotify.balaji.host/static/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://spotify.balaji.host/static/css/main.5ab49871.chunk.css
Requested by
Host: spotify.balaji.host
URL: https://spotify.balaji.host/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7fb656a0a505f55c224e88eb583af140d2eeb133e35eccd1c8977d714a782b8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spotify.balaji.host/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 04:53:51 GMT
content-encoding
br
server
Vercel
age
0
x-vercel-id
fra1:fra1::pvbm4-1640408031716-4d8cf132e964
etag
W/"7fb656a0a505f55c224e88eb583af140d2eeb133e35eccd1c8977d714a782b8c"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.5ab49871.chunk.css"
x-vercel-cache
MISS
2.6fa93bae.chunk.js
spotify.balaji.host/static/js/
380 KB
115 KB
Script
General
Full URL
https://spotify.balaji.host/static/js/2.6fa93bae.chunk.js
Requested by
Host: spotify.balaji.host
URL: https://spotify.balaji.host/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ba1ec028a6efd66158ee461b0891b3d44d7766ffa7451bc2435e40fed8a8f00a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spotify.balaji.host/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 04:53:52 GMT
content-encoding
br
server
Vercel
age
0
x-vercel-id
fra1:fra1::pvbm4-1640408031716-49e54d17e8af
etag
W/"ba1ec028a6efd66158ee461b0891b3d44d7766ffa7451bc2435e40fed8a8f00a"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="2.6fa93bae.chunk.js"
x-vercel-cache
MISS
main.a19d5120.chunk.js
spotify.balaji.host/static/js/
20 KB
6 KB
Script
General
Full URL
https://spotify.balaji.host/static/js/main.a19d5120.chunk.js
Requested by
Host: spotify.balaji.host
URL: https://spotify.balaji.host/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d0d10e82141aa812ba30e9ec638101da0bdfc31d6bc9c15a3750b96d9ea2ba6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spotify.balaji.host/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 04:53:51 GMT
content-encoding
br
server
Vercel
age
0
x-vercel-id
fra1:fra1::pvbm4-1640408031716-6a0873cff13b
etag
W/"d0d10e82141aa812ba30e9ec638101da0bdfc31d6bc9c15a3750b96d9ea2ba6f"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.a19d5120.chunk.js"
x-vercel-cache
MISS
spotify2019-830x350.jpg
getheavy.com/wp-content/uploads/2019/12/
20 KB
20 KB
Image
General
Full URL
https://getheavy.com/wp-content/uploads/2019/12/spotify2019-830x350.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.205.56.88 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps603407.dreamhostps.com
Software
Apache /
Resource Hash
583ae89469ae5a2c6614e5930bf0bda9497000366748767b8d052a1bc1f35c2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spotify.balaji.host/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 04:53:53 GMT
last-modified
Fri, 06 Dec 2019 21:13:24 GMT
server
Apache
etag
"4f99-5990f842f2f52"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20377
expires
Mon, 24 Jan 2022 04:53:53 GMT
token
accounts.spotify.com/api/
71 B
388 B
XHR
General
Full URL
https://accounts.spotify.com/api/token?grant_type=authorization_code&redirect_uri=https:%2F%2Fspotify.balaji.host%2F&code=&client_id=533edf4356c7407f8ce10e17f8f12785&client_secret=3af9b8e92ab44d57a9ab32f595afbeb2
Requested by
Host: spotify.balaji.host
URL: https://spotify.balaji.host/static/js/2.6fa93bae.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
9565b0ac0c0345530dba1fb2b7cacdf91d92c6e70f7645934b05179c528425c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://spotify.balaji.host/
Authorization
Basic NTMzZWRmNDM1NmM3NDA3ZjhjZTEwZTE3ZjhmMTI3ODU6M2FmOWI4ZTkyYWI0NGQ1N2E5YWIzMmY1OTVhZmJlYjI=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

sp-trace-id
e2ac08472198affd
date
Sat, 25 Dec 2021 04:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
access-control-allow-headers
User-Agent, Keep-Alive, Content-Type, Authorization, client-token
strict-transport-security
max-age=31536000
access-control-allow-methods
OPTIONS, GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://spotify.balaji.host
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
HTTP/2 edgeproxy, 1.1 google
token
accounts.spotify.com/api/
0
0
Preflight
General
Full URL
https://accounts.spotify.com/api/token?grant_type=authorization_code&redirect_uri=https:%2F%2Fspotify.balaji.host%2F&code=&client_id=533edf4356c7407f8ce10e17f8f12785&client_secret=3af9b8e92ab44d57a9ab32f595afbeb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://spotify.balaji.host
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 25 Dec 2021 04:53:52 GMT
access-control-allow-origin
https://spotify.balaji.host
access-control-allow-headers
User-Agent, Keep-Alive, Content-Type, Authorization, client-token
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, GET, POST, DELETE, PUT
sp-trace-id
fe529736a314b87f
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
vary
Accept-Encoding
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpmy-spotify-app object| regeneratorRuntime

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.spotify.com/api/token?grant_type=authorization_code&redirect_uri=https:%2F%2Fspotify.balaji.host%2F&code=&client_id=533edf4356c7407f8ce10e17f8f12785&client_secret=3af9b8e92ab44d57a9ab32f595afbeb2
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000