urlscan.io logo urlscan.io
SecurityTrails logo

www.nanitosclan.com Open in urlscan Pro
94.23.0.86  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/JyAJiI0U7L
Effective URL: https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4...
Submission: On March 25 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 94.23.0.86, located in France and belongs to OVH, FR. The main domain is www.nanitosclan.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 17th 2017. Valid for: a year.
This is the only time www.nanitosclan.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.133 13414 (TWITTER)
1 4 94.23.0.86 16276 (OVH)
1 172.217.22.42 15169 (GOOGLE)
2 151.101.113.194 54113 (FASTLY)
7 5
Domain Requested by
3 www.nanitosclan.com 1 redirects www.nanitosclan.com
2 sp-bootstrap.global.ssl.fastly.net ajax.googleapis.com
1 ajax.googleapis.com www.nanitosclan.com
1 aria.izee.es
1 t.co
7 5

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert SHA2 Extended Validation Server CA		 2017-07-25 -
2018-11-05		 a year crt.sh
www.nanitosclan.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-17 -
2018-07-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Frame ID: 5EF1E64001B6655AB56DE935AEA907
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/JyAJiI0U7L Page URL
  2. http://aria.izee.es/app/ini.php Page URL
  3. https://www.nanitosclan.com/spotify.com/index.php?spotify_sessionID=4s6q5d4654564fs6465ze12d32s1f54df465... HTTP 302
    https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

212 kB
Transfer

502 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/JyAJiI0U7L Page URL
  2. http://aria.izee.es/app/ini.php Page URL
  3. https://www.nanitosclan.com/spotify.com/index.php?spotify_sessionID=4s6q5d4654564fs6465ze12d32s1f54df465s4g654h6546h54j4u64641tj1321f31564f564th654t HTTP 302
    https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
JyAJiI0U7L
t.co/ 		288 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/JyAJiI0U7L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
d814bd0ea2f4428e8eb73dee60ebc8ddfe84e41e89ba7810a5f59ee1f7d1a293
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:path
/JyAJiI0U7L
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
t.co
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
referrer always;
content-encoding
gzip
status
200
x-connection-hash
fb409250d63c4083d70a3f51a95a2cad
strict-transport-security
max-age=0
content-length
200
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
109
referrer-policy
unsafe-url
server
tsa_o
date
Sun, 25 Mar 2018 23:46:23 GMT
vary
Origin
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
set-cookie
muc=2753f7e8-5a5e-46a1-a48d-05ca3dff8af9; Expires=Tue, 24 Mar 2020 23:46:23 UTC; Domain=t.co
expires
Sun, 25 Mar 2018 23:51:23 GMT
ini.php
aria.izee.es/app/ 		321 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
http://aria.izee.es/app/ini.php
Protocol
HTTP/1.1
Server
94.23.0.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns333646.ip-94-23-0.eu
Software
nginx /
Resource Hash
6003328c09edd609277360862a3528e1cee27eb680a21aaf19749620afabe5eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
aria.izee.es
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://t.co/JyAJiI0U7L
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://t.co/JyAJiI0U7L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 25 Mar 2018 23:46:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Primary Request index.php
www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/
Redirect Chain
  • https://www.nanitosclan.com/spotify.com/index.php?spotify_sessionID=4s6q5d4654564fs6465ze12d32s1f54df465s4g654h6546h54j4u64641tj1321f31564f564th654t
  • https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17p...
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.23.0.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns333646.ip-94-23-0.eu
Software
nginx /
Resource Hash
c26454b5d15bff424c9a57bcbb60cc2334fa1718b6038017e226343cb9335d93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.nanitosclan.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://aria.izee.es/app/ini.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://aria.izee.es/app/ini.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Page-Speed
1.9.32.10-7423
Date
Sun, 25 Mar 2018 23:46:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block

Redirect headers

X-Page-Speed
1.9.32.10-7423
Date
Sun, 25 Mar 2018 23:46:28 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
location
ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Cache-Control
max-age=0, no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
index.css
www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/files/ 		268 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/files/index.css
Requested by
Host: www.nanitosclan.com
URL: https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.23.0.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns333646.ip-94-23-0.eu
Software
nginx /
Resource Hash
1afa510c4c985733bc3e90c194ee0caa5a58629971258dd2a636c587e16b25b5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.nanitosclan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 25 Mar 2018 23:46:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Mar 2018 23:46:28 GMT
Server
nginx
ETag
W/"5ab834d4-43125"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000 public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 21 Sep 2018 23:46:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.nanitosclan.com
URL: https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
Protocol
SPDY
Server
172.217.22.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/index.php?spotify_sessionID=1yi9cofp5k01c209vjmbzh4575wcz0x1c4trsqvsiyqiif9emrq7w8mkfjgzbp7txz2mbc4o7wds615vb0x1xxbiwbp2b17pt6zpjf9yd4bnnbtbdayyxi9zdbr5owv40ydyeyf632vd7cvdvh1ylwefclcdhoasil4z755ubrb1w6jdl73xfotwg8on44jf8cztehm7zsvgq2o2wn6f3152bbph6v3xbake6lpp5novtwa2gobzrsb4827rvo5k8ipi8atafp121j6zy2wstj6zocrijpcrdx86fb2k5fnvpizdkdfn6vkeixv6ashc7cdg46p49sm21vhanl1qalfs5ymaesp2m8axmss9oomlndrg9hfl5nj5f4vueai5czod45n0gq7z2gync5zi95a7ndjkvfgyj9nsmfax94bdfxpdjphvvh9bp4s993omllcv5rdag1lf6l524hd5htc3htch4xwmcfq2lo38qnbqxfl3238bmxr490lacrl8firbkpj447iciiszolrdqlw3vzh9getb4f21mqxpasxl0a6kn74rnz73s8bfw3dfmdnm86md0xnmt2cwbakvgftp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Feb 2018 20:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3553596
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
33333
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 20:39:47 GMT
circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-book.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Server
151.101.113.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16f860a080d405f412750f83c4ee2168302cd1f3347416b5b3ae50bae3571b28

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/files/index.css
Origin
https://www.nanitosclan.com

Response headers

x-amz-version-id
uk_BB9oobL1KrkS6Nqt6_9wKZXILdN7q
Via
1.1 varnish, 1.1 varnish
ETag
"0c0dfc4df72c07c84b15651ab6f951a6"
Age
16475058
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
64512
x-amz-id-2
6P+452QnRxD+LnU6KzzI8D1Val83afLPmVc1jU9/pbLltYPPiWmMmPhKCgIoMxJeYka32+LoFok=
X-Served-By
cache-iad2134-IAD, cache-hhn1544-HHN
Last-Modified
Thu, 07 Sep 2017 19:31:01 GMT
Server
AmazonS3
X-Timer
S1522021584.002404,VS0,VE0
Date
Sun, 25 Mar 2018 23:46:24 GMT
x-amz-request-id
703767A603445268
Access-Control-Allow-Origin
*
Expires
Fri, 07 Sep 2018 19:30:57 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
application/font-woff
X-Cache-Hits
1, 25005
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cd549fde0242f32cac05b1f4b9f2abd3d8a585bb71c8a4cade6bbb09c792333

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sp-bootstrap.global.ssl.fastly.net/8.2.0/fonts/circular-bold.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Server
151.101.113.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e1e4f36fc8076dd1b5f30ac8aeaeed4b5927e475d0d4e7b8d63a33beb2fd0b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.nanitosclan.com/spotify.com/ff2a856dffd557bc86b837df562d2cbe/files/index.css
Origin
https://www.nanitosclan.com

Response headers

x-amz-version-id
lv2cUiXWh9.bj.nXkNtlic0Fy4DS6vib
Via
1.1 varnish, 1.1 varnish
ETag
"14bfce9501e5a5dc0adbe559dd630bc6"
Age
16039268
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
69140
x-amz-id-2
rNce7dCOO32hyrQXyH2FCzeWwtDg5CSctxL2gbijGW288PoyKXDlSdaCgsAFUUFZr0jDnfiu6Ug=
X-Served-By
cache-iad2146-IAD, cache-hhn1521-HHN
Last-Modified
Thu, 07 Sep 2017 19:31:01 GMT
Server
AmazonS3
X-Timer
S1522021584.002402,VS0,VE0
Date
Sun, 25 Mar 2018 23:46:24 GMT
x-amz-request-id
78244A3519109E01
Access-Control-Allow-Origin
*
Expires
Fri, 07 Sep 2018 19:30:57 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
application/font-woff
X-Cache-Hits
1, 5340

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| removeWarning

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report