Report - spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/

Report Overview

Submitted URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
IP
162.210.98.102
ASN
#32748 STEADFAST
Submitted
2024-04-26 23:40:46
Access
public
Website Title
Edit your profile - Spotify
Final URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
166

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	1.8 kB	627 kB	142.250.74.168
spotify.nethottrading.com	unknown	unknown	No data	No data	62 kB	4.0 MB	162.210.98.102
pixel-static.spotify.com	9205	2006-04-23	2018-07-02	2024-04-16	1.7 kB	1.4 kB	35.186.224.25
www.scdn.co	37159	unknown	2017-06-28	2024-03-11	2.6 kB	24 kB	151.101.238.248
d2oh4tlt9mrke9.cloudfront.net	unknown	2008-04-25	2013-04-25	2024-04-24	2.2 kB	3.9 kB	143.204.42.208
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-25	512 B	6.5 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify
2024-04-26	medium	spotify.nethottrading.com/	Spotify

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	1.3 kB	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:17 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 9e122eb5c4347cd79e30dd67de47dec4 1d23262290f2006c36acba8b12e4c195d904638b 4a3df943d5821f03a9899103ec981a6b0c88f4ddb93ab5e26f11c82fe8e620f0 Loading...

	unknown	86 B	2023-11-11	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 14:38:18 Last Seen2024-04-27 19:20:22 Times Seen41121 Hash 20f9d81206e2e7fc38bded8321817017 3a6c466af3c35a1ebef553e91b92634181c791bc 73f689a66cb81e6b57f4a173512f5cd8c5810f9363bf549de8c5c3776c9fb76b Loading...

	www.scdn.co/build/js/sp-analytics-a3e2493d01.js	8.0 kB	2023-03-07	2024-04-27
Pretty URL www.scdn.co/build/js/sp-analytics-a3e2493d01.js IP 151.101.238.248 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:05 Last Seen2024-04-27 19:20:23 Times Seen25 Hash 3b8ea9b9fed8d12d22fd1c7b7c4367b8 f9129a0d8d9d4f4d32bc28a9591407280413de56 6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	103 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:17 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 9b76dc472588ab0d0f14f8570de42a9a ad6a73ffb895649ba880bf6a30073f90b1cf0179 f72ea99f294ffa3736f3c81a4f40dac11745ade39d8d887376d37ad115d0e624 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	563 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:17 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 89e21bc00a5be4a867d35374d38cd1f3 b36a336ad15ab1cb77001beeae7bd024fbae1924 cc2832c2d9522577bede04ee8ac48a84a84f0fa307fc91576bb4546bfd33ccbb Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	423 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 41023445320ddf33051ecff287b89694 04a86de7d58a70d959ed5b59cbf558b119e9c439 0c7895d103c8d919efa4bb4651292131ccabcc06eceb244548977a7c876d81e9 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	101 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 47f0a80d68b9b0f483bbc322021d9d36 d8c40cd405db97b2067e4f0c741c31fa32dc7162 45269afc305490a02b2bcc78f6aeae061475ac7a6382daf286c4ea5a022bcd65 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	738 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:40:55 Last Seen2024-04-27 19:20:22 Times Seen4 Hash 6e2b86903c9451ef8859bca3e2d30bf8 29213e006a6cf0aa6fd9b8d90d132a155be0c117 40a556543a351ed57c318ec1058a0a54c718065b58aac845d96c1f5e16f593f8 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	5 B	2023-03-07	2024-05-06
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-06 22:58:53 Times Seen2717 Hash 230a091930a82c5ae47e29610ee98ceb 6376b33e5123bf09a271789a272103f957c8f38d 4dc501d66cd78903b81b1a53459d0432939728c537bbe9ffab55ab81521cb352 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	185 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:17 Last Seen2024-04-27 19:20:22 Times Seen8 Hash 696a2d1f9970cfb1329236e619d5c81c c47ad29e63df5965b4893c08df5f3af0b1333fc1 5ef900fe853540497bd7a8c46808511faa4167004fd10f5f47dbb0d86f3d1990 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/sandbox%20eval%20code	147 B	2023-04-11	2024-05-07
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-07 09:38:37 Times Seen345339 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	593 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:40:55 Last Seen2024-04-27 19:20:22 Times Seen4 Hash 2691ac759572673937ee55e965a1838d a786aac058d67fa9f61e77b29050dc2d0bc71429 0229792be273fb391c61638d2d039d179fdb6a8026a2425b6914dd6c0d0b38f3 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-07
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-07 09:38:36 Times Seen344830 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	360 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:40:55 Last Seen2024-04-27 19:20:22 Times Seen4 Hash 234b9280c4c2b3f2af4db089f94e11b1 68bfea0aeffb695b199859ee8e051d935ffaaf1b 412a2114b02cd54dd7684165283381350843240a9198fafc869cc9d010ce4c12 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-7BJJ	654 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-7BJJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:40:55 Last Seen2024-04-27 01:40:55 Times Seen1 Hash b678f7b64f4c928be78b285c0b1a0ad7 ca1e7e4f9788466c9fffebbf13e0230b61ccec48 752ad9d2469b5995925e510f2013cc7c04261350e2ca1a94fe17b8365e958e82 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-7BJJ	654 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-7BJJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:40:55 Last Seen2024-04-27 01:40:56 Times Seen2 Hash 2ed202074043328ac8a7ae5a5c80b86a 7c84be36e321349094ba062f345ee5a774d320ac a6ea5fe43ce58678fef860a2dbc83fa50ed663a870de20188ab50910393b7729 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-7BJJ	654 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-7BJJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:40:56 Last Seen2024-04-27 01:40:56 Times Seen2 Hash 604385cea43b461868b4ed30c3371403 f90355f2ef21a1888347ec91aa6bb95b3be77654 881bd26c3a8d34584b975a39100e38449cec6f51089d5d8c6a70514d9282cae7 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-7BJJ	654 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-7BJJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 09:03:58 Times Seen6 Hash e53c5d2b0dd5cdf884e52401a4e18009 80852d50016f67016ee18408a0be10ce7af32ea2 5841ced57facd072a318af88f78c455708f386543184b5b119caa77800fd1ad2 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	423 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:17 Last Seen2024-04-27 19:20:22 Times Seen12 Hash 13ba200d1e85432fff4c3869e9f54fb6 3b9a3e34571b06a05785030cc4e367e315b79d15 929d1782e69b4b954bd271cd8a201b030ab5a815181669ae54a1672ba480cac3 Loading...

	d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js	155 B	2023-05-22	2024-05-03
Pretty URL d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js IP 143.204.42.208 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:17:59 Last Seen2024-05-03 18:03:53 Times Seen145 Hash 5717f0c65b6c1db2c16049daf3a8570f 6cff4b9e363d597dc223e2615605175b15181e7c 99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-7BJJ	654 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-7BJJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:40:56 Last Seen2024-04-27 01:40:56 Times Seen2 Hash f4a8287e0161b390f47711c7871c5f9e ce03e6b02a1a4f67568944f450aa1c1a214ac64b c8fcc5e01bee862bb14822f87733937f9bfbeb1ad027b682ccf83ccfe446037c Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/	337 B	2024-04-27	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/ IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 19:20:22 Times Seen12 Hash 55c4562d8449ca3251a6d0919679c887 16120aebe99b4f4316761c0cd3d428e8883135a9 96e654a77371cf03d391b3cd4e6069dcc424a49653aaa18a7be1848a9ef78f83 Loading...

	spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html	209 B	2023-03-07	2024-04-27
Pretty URL spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html IP 162.210.98.102 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:25:53 Last Seen2024-04-27 19:20:22 Times Seen54 Hash 90f8fa4c5d69214fabbdc34349b853a3 4f5793099dd96a1a7153251aa61fd5d66f976cff ef2bc17de3dc431b09e33f4708819f2c542608fc01c4c25c95cd318305377247 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b5b2d0803a8db6e452e113d2d7b20a3b	75 B	2023-11-20	2024-04-27
Pretty Observations First Seen2023-11-20 03:10:28 Last Seen2024-04-27 19:20:22 Times Seen26293 Hash b5b2d0803a8db6e452e113d2d7b20a3b d42221c8e001acd016ef0be48b3cc05dd927c2b6 9704c014393eac7f250fab475dbb6aeb00eb61c55728b47546b085e5bd852001 Loading...

	#2 Eval - 24793fd8b4474a22f8532cc47f8565bc	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:13 Last Seen2024-04-27 19:20:23 Times Seen5109 Hash 24793fd8b4474a22f8532cc47f8565bc f773d7131cd210d5d2d06e9650bd399b3aad6469 2388a152de8912388f8262345f2154fc8f7f079244bd112fabadeae3d663da2f Loading...

	#3 Eval - 1c6e2c7c36f295c65c230956cb8a3015	76 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 01:40:56 Times Seen2 Hash 1c6e2c7c36f295c65c230956cb8a3015 a51981b061afb9ebd6eafa71bc867995e18774ce ba8228476840c08f17836016291f7dff2e9c74aee4865204ab3eaed84486b55c Loading...

	#4 Eval - 6b0332e94ba88af700df2064299d61d6	111 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 15:18:52 Last Seen2024-04-27 19:20:22 Times Seen32251 Hash 6b0332e94ba88af700df2064299d61d6 727f336f8fc6457cc33ed592d4e79f917226f7e5 56a224df2a128603630f0161f71636cd1b1874505c1c9f4e7caac8e5eef0099d Loading...

	#5 Eval - 4a9942d6c6adebf5048d6810701e8a58	76 B	2023-11-11	2024-04-27
Pretty Observations First Seen2023-11-11 14:38:27 Last Seen2024-04-27 19:20:22 Times Seen20636 Hash 4a9942d6c6adebf5048d6810701e8a58 afcb67e10b2a02d51acb9f53b68f53ffd82d7f30 29311c3668c579a58b804481a61ac2ea1bd081a216cdeb3dbc3269bdc6976f0a Loading...

	#6 Eval - 3b3e583fa137d3211fdef0b33b6688f3	88 B	2023-03-07	2024-05-06
Pretty Observations First Seen2023-03-07 12:59:09 Last Seen2024-05-06 14:17:54 Times Seen32559 Hash 3b3e583fa137d3211fdef0b33b6688f3 07c8f65abcea855c857134c2c7d9589af798bcb1 40f8228ece01eecbf95189f094865649e698bd74fc7ffca290ef6de0e5efa209 Loading...

	#7 Eval - 9f5143168ffb5b7f2740e088eba751fe	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:12 Last Seen2024-04-27 19:20:22 Times Seen5105 Hash 9f5143168ffb5b7f2740e088eba751fe 5e61b96054eda4a6d3987ff4dddfd50727a57c8f f9bf69f11468a1794ec3e2235357e349fd4547055a33669a8f3ff7e6132a9e53 Loading...

	#8 Eval - d6309465de3a5e1e4ee0a94a40b481d5	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:13 Last Seen2024-04-27 01:40:56 Times Seen3936 Hash d6309465de3a5e1e4ee0a94a40b481d5 93ef4a3121b4d64a2a9acd0e54180d414f42c041 c677b429d3c8b9a9d52a2dd7ae4ca914ff7981d0db06a40175eb7a261b494830 Loading...

	#9 Eval - 54805f6f43d4a09cc74c97c4166c77b5	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:12 Last Seen2024-04-27 01:40:56 Times Seen4 Hash 54805f6f43d4a09cc74c97c4166c77b5 03445f02a7a8813ad9561c557a2b944b8fc32d80 1c47c4e5d0fb09313393eae9df173e72fbb51f073ca40cc3e0df1770749f10d1 Loading...

	#10 Eval - 28607c76a3f74eeecb24572610a994be	76 B	2023-11-11	2024-04-27
Pretty Observations First Seen2023-11-11 14:38:27 Last Seen2024-04-27 19:20:23 Times Seen20215 Hash 28607c76a3f74eeecb24572610a994be f580b022fedf6dca4dd32dad1345de04fbaab91a 0c2ef1084ddf521cc9614da4701a0f6ae2b558bbe3851dcff2fbdcabb0b573e7 Loading...

	#11 Eval - 6e7fef7309dc0dcfcf48c975f4b6e7c7	66 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 15:18:52 Last Seen2024-04-27 19:20:22 Times Seen32243 Hash 6e7fef7309dc0dcfcf48c975f4b6e7c7 ef52c386b79204f72d192e48442cd99538785129 545a1ad00558f109a4fe30ccff400f0c34db0c15f58c365ec7b464baad26188a Loading...

	#12 Eval - f636ab52decfa07deaa0393d4c049b99	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:12 Last Seen2024-04-27 19:20:23 Times Seen5112 Hash f636ab52decfa07deaa0393d4c049b99 0d93ca4d324b0b4d0989cd3fb92b4e7a555048c8 c02de0f6c3e9d389b9f71d240223aaa974a810eef4ab6660e28ab81325f3b040 Loading...

	#13 Eval - 0056c58c4afd7bab6051e5c819e943d6	75 B	2023-11-11	2024-04-27
Pretty Observations First Seen2023-11-11 14:38:18 Last Seen2024-04-27 19:20:22 Times Seen30928 Hash 0056c58c4afd7bab6051e5c819e943d6 c5c9a4ce5cc9b7687daeb8603a375977ffbe9b56 3d3423e88482ce203cbfc0be9a059b61654bc2353f678214dd4eef85289944e8 Loading...

	#14 Eval - 3c471bf7a49776193bbe0a881c8623e0	76 B	2023-11-20	2024-04-27
Pretty Observations First Seen2023-11-20 03:10:28 Last Seen2024-04-27 19:20:22 Times Seen26981 Hash 3c471bf7a49776193bbe0a881c8623e0 ecc2035257c00c541bc46b51d88836c1fe687316 0af40ffe3d73c3de125b84baecde65b3e034df7218f3bdf1f454b1a89c974622 Loading...

	#15 Eval - d277a098600494d8ae51fe130e502e7f	76 B	2023-11-20	2024-04-27
Pretty Observations First Seen2023-11-20 03:10:28 Last Seen2024-04-27 19:20:22 Times Seen23642 Hash d277a098600494d8ae51fe130e502e7f f1b265a453830f4f2228e2ff7281e0e39987d34e fa1cf0bb5ac23c99962984e9ce64870fc0a832db19ff04261a6f513e2ea92ab3 Loading...

	#16 Eval - 48c3884598d29a77e1353bd6c156744d	75 B	2023-11-20	2024-04-27
Pretty Observations First Seen2023-11-20 03:10:28 Last Seen2024-04-27 19:20:22 Times Seen27080 Hash 48c3884598d29a77e1353bd6c156744d 14ea3ac731be4e0a88db98c2e7f502f1a8b5f186 d85acb2920245189d3005653b43ba571036142535cc6f0bcccd5b7fd0c48d760 Loading...

	#17 Eval - 8495c4244f9c78daf1afee2bc2b32829	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:12 Last Seen2024-04-27 19:20:22 Times Seen17609 Hash 8495c4244f9c78daf1afee2bc2b32829 067382ad8f05a777070ddaa0e943fe5a07191e85 13fc279d52b44e1cf8f03c6da3fcd94ab594eff1ed9b984450c897b89c38d1b1 Loading...

	#18 Eval - 55d517f2bcc03cc1a5ac36a64dbdd26c	385 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 15:18:52 Last Seen2024-04-27 19:20:22 Times Seen32249 Hash 55d517f2bcc03cc1a5ac36a64dbdd26c f7a550897d7c30b21d47c6cdc5c07aa908f95a82 d52d76c77e1f3d5b716786609991d313132359f2fe04bc6079ae3bdcd512f8d5 Loading...

	#19 Eval - 8e34f86f0350b8921ccefa8b20672ce3	68 B	2023-11-11	2024-05-05
Pretty Observations First Seen2023-11-11 14:38:18 Last Seen2024-05-05 20:16:30 Times Seen32248 Hash 8e34f86f0350b8921ccefa8b20672ce3 0668073a265bd8a027892e67e7d5ab21a508b908 7a5e4cc7c6a84fa408b73ead54618dd3dcd4a29ad8407a483582822a32914cb7 Loading...

	#20 Eval - add4c24450319342d374767dbc04da13	75 B	2023-11-11	2024-04-27
Pretty Observations First Seen2023-11-11 14:38:19 Last Seen2024-04-27 01:40:56 Times Seen31954 Hash add4c24450319342d374767dbc04da13 43f5d14ab2fd671bd805e97ad31a9e0c38939170 d6a298a1690f5ce464ffc5fc71e91b95ebfbffb4d85ab07ab589f1249c6c7a2b Loading...

	#21 Eval - 624cf714a364e1b1519ea6823e9350da	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:13 Last Seen2024-04-27 19:20:23 Times Seen16509 Hash 624cf714a364e1b1519ea6823e9350da f2666c99d4f42d1caf32f0d0c708655dbe053a61 3c6905d7fd646c2e607dc5942555f845fe400b77713665f57e061713be5c6047 Loading...

	#22 Eval - 06f33462f8636be73e41762343876f92	76 B	2023-07-01	2024-04-27
Pretty Observations First Seen2023-07-01 06:13:13 Last Seen2024-04-27 01:40:56 Times Seen3 Hash 06f33462f8636be73e41762343876f92 5cc5dc7cd87fd6831b36e506f22be68ec8ea2228 359c89c47ee99a0c3b8267a1cb11d21c8639615f6e739a860e182095501b9492 Loading...

	#23 Eval - 6007c4d55fe436418488a8ba90826098	75 B	2023-12-26	2024-04-27
Pretty Observations First Seen2023-12-26 05:30:54 Last Seen2024-04-27 19:20:23 Times Seen23926 Hash 6007c4d55fe436418488a8ba90826098 6f13a245c5e8ed8ba203d5c3a60dc01721878070 9a7a271a0905b56f70f2adb616229e29569095d30563bbf72f32a45f267c44e2 Loading...

	#24 Eval - 151b8d08bff46fbd83efcabf5513c754	76 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:38:18 Last Seen2024-04-27 01:40:56 Times Seen2 Hash 151b8d08bff46fbd83efcabf5513c754 91d16b8307ad12ca98ddf78c3ca39546b2ea9f0d e1cc31a2b82c0bf6a74bd207eeda677f4ef19c7b9e3676b062a577d5adb79f0a Loading...

	#25 Eval - 7df6ef6076fce04c0c2e5ad59231616b	54 B	2023-05-16	2024-05-07
Pretty Observations First Seen2023-05-16 23:11:45 Last Seen2024-05-07 08:34:28 Times Seen32262 Hash 7df6ef6076fce04c0c2e5ad59231616b 1fb81e1bb21b1c60a4bd414430431b6f44464302 6c2b1ff4f5042d942bccb80de018cdd9ad719853d9c0d02c9e126774366a3a2e Loading...

HTTP Transactions (103)

URL IP Response Size

www.googletagmanager.com/gtm.js?id=GTM-7BJJ

142.250.74.168

200 OK

156 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-7BJJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (55667)
Size
156 kB (156105 bytes)
Hash
604385cea43b461868b4ed30c3371403
f90355f2ef21a1888347ec91aa6bb95b3be77654
881bd26c3a8d34584b975a39100e38449cec6f51089d5d8c6a70514d9282cae7

HTTP Headers

GET /gtm.js?id=GTM-7BJJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
expires: Fri, 26 Apr 2024 23:40:00 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 22:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 156105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css

162.210.98.102

200 OK

19 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
19 kB (18781 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

pixel-static.spotify.com/sync.min.js

35.186.224.25

503 Service Unavailable

19 B

URL GET HTTP/2
pixel-static.spotify.com/sync.min.js
IP
35.186.224.25:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerDigiCert Inc
Subject*.spotify.com
Fingerprint69:2B:36:29:F0:B5:FC:1B:A3:57:A6:76:E6:92:EF:30:14:22:34:6A
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 04 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
376389c82d3c6e15c3c40b25e1701efc
7a41c6870551d01bbc9931c1f77856556cdf9ca4
7ac9c58532de36879ea6d7d357f8878e16a18bff367f898fb7db398a9ae643c5

HTTP Headers

GET /sync.min.js HTTP/1.1
Host: pixel-static.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 19
content-type: text/plain
date: Fri, 26 Apr 2024 23:40:01 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.scdn.co/i/_global/touch-icon-144.png

151.101.238.248

200 OK

4.8 kB

URL GET HTTP/1.1
www.scdn.co/i/_global/touch-icon-144.png
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
PNG image data, 144 x 144, 8-bit/color RGB, non-interlaced
Size
4.8 kB (4776 bytes)
Hash
ff2831d235fec7c02db449621525990e
ac0c4c81a0267d8d841ae9525ea230c51a891baa
0d25218c1914875469ecbd168fdddbba2feb01bf5dead8c5836b6c375ea85d45

HTTP Headers

GET /i/_global/touch-icon-144.png HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 4776
Last-Modified: Fri, 09 Dec 2022 09:15:45 GMT
ETag: "ff2831d235fec7c02db449621525990e"
x-goog-generation: 1670577344886845
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4776
x-amz-meta-goog-reserved-file-mtime: 1670576184
Content-Type: image/png
x-amz-checksum-crc32c: wcQOyQ==
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:02 GMT
Age: 1962295
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100020-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 1774, 623
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/cs.js.download

162.210.98.102

20 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/cs.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
20 kB (19493 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

143.204.42.208

200 OK

169 B

URL GET HTTP/1.1
d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
IP
143.204.42.208:443
ASN
#16509 AMAZON-02

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
169 B (169 bytes)
Hash
5717f0c65b6c1db2c16049daf3a8570f
6cff4b9e363d597dc223e2615605175b15181e7c
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

HTTP Headers

GET /Record/js/sessioncam.recorder.js HTTP/1.1
Host: d2oh4tlt9mrke9.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 169
Connection: keep-alive
Date: Fri, 26 Apr 2024 17:36:36 GMT
Last-Modified: Tue, 09 May 2023 06:44:09 GMT
ETag: "d72d9f955f73ac4670c04333f9c658be"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=43200
Content-Encoding: gzip
x-amz-version-id: 4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UhRWYeXnxUksBgVSvE7IMqMX_9obyOEJGGUmSDWgV4P5wXqUMEeI8A==
Age: 21807

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/cs.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/cs.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:04 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:05 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/linkid.js.download

162.210.98.102

200 OK

21 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/linkid.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
21 kB (21040 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/linkid.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:59 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/gtm.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/gtm.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/gtm.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:05 GMT
server: LiteSpeed

www.googletagmanager.com/gtm.js?id=GTM-7BJJ

142.250.74.168

200 OK

156 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-7BJJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (55667)
Size
156 kB (156101 bytes)
Hash
2ed202074043328ac8a7ae5a5c80b86a
7c84be36e321349094ba062f345ee5a774d320ac
a6ea5fe43ce58678fef860a2dbc83fa50ed663a870de20188ab50910393b7729

HTTP Headers

GET /gtm.js?id=GTM-7BJJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:05 GMT
expires: Fri, 26 Apr 2024 23:40:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 22:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 156101
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.scdn.co/build/js/sp-analytics-a3e2493d01.js

151.101.238.248

200 OK

2.9 kB

URL GET HTTP/1.1
www.scdn.co/build/js/sp-analytics-a3e2493d01.js
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
JavaScript source, ASCII text, with very long lines (7916)
Size
2.9 kB (2934 bytes)
Hash
3b8ea9b9fed8d12d22fd1c7b7c4367b8
f9129a0d8d9d4f4d32bc28a9591407280413de56
6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4

HTTP Headers

GET /build/js/sp-analytics-a3e2493d01.js HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2934
Last-Modified: Thu, 09 Aug 2018 08:55:55 GMT
ETag: "3b8ea9b9fed8d12d22fd1c7b7c4367b8"
x-goog-generation: 1533804955085745
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7969
x-amz-meta-goog-reserved-file-mtime: 1533804724
Content-Type: application/javascript
x-amz-checksum-crc32c: n4QGTQ==
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:06 GMT
Age: 1630443
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100105-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 111, 1
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/spotify-b24b86f287.css

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15866 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:06 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/modernizr-bc8113e41c.js.download

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/modernizr-bc8113e41c.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/modernizr-bc8113e41c.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download

162.210.98.102

200 OK

20 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
20 kB (19894 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:07 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sp-analytics-a3e2493d01.js.download

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sp-analytics-a3e2493d01.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31863 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sp-analytics-a3e2493d01.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:58 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:08 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/spotify-b24b86f287.css

162.210.98.102

200 OK

48 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download

162.210.98.102

16 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/jquery-2-0680c441b5.1.3.min.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:09 GMT
server: LiteSpeed

www.googletagmanager.com/gtm.js?id=GTM-7BJJ

142.250.74.168

200 OK

156 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-7BJJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (55667)
Size
156 kB (156102 bytes)
Hash
f4a8287e0161b390f47711c7871c5f9e
ce03e6b02a1a4f67568944f450aa1c1a214ac64b
c8fcc5e01bee862bb14822f87733937f9bfbeb1ad027b682ccf83ccfe446037c

HTTP Headers

GET /gtm.js?id=GTM-7BJJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:10 GMT
expires: Fri, 26 Apr 2024 23:40:10 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 22:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 156102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/config.aspx

162.210.98.102

48 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/config.aspx
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/config.aspx HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:01 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/spotify-b24b86f287.css

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:10 GMT
server: LiteSpeed

www.scdn.co/build/js/sp-analytics-a3e2493d01.js

151.101.238.248

200 OK

2.9 kB

URL GET HTTP/1.1
www.scdn.co/build/js/sp-analytics-a3e2493d01.js
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
JavaScript source, ASCII text, with very long lines (7916)
Size
2.9 kB (2934 bytes)
Hash
3b8ea9b9fed8d12d22fd1c7b7c4367b8
f9129a0d8d9d4f4d32bc28a9591407280413de56
6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4

HTTP Headers

GET /build/js/sp-analytics-a3e2493d01.js HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2934
Last-Modified: Thu, 09 Aug 2018 08:55:55 GMT
ETag: "3b8ea9b9fed8d12d22fd1c7b7c4367b8"
x-goog-generation: 1533804955085745
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7969
x-amz-meta-goog-reserved-file-mtime: 1533804724
Content-Type: application/javascript
x-amz-checksum-crc32c: n4QGTQ==
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:11 GMT
Age: 1630448
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100105-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 111, 2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

pixel-static.spotify.com/sync.min.js

35.186.224.25

503 Service Unavailable

19 B

URL GET HTTP/2
pixel-static.spotify.com/sync.min.js
IP
35.186.224.25:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerDigiCert Inc
Subject*.spotify.com
Fingerprint69:2B:36:29:F0:B5:FC:1B:A3:57:A6:76:E6:92:EF:30:14:22:34:6A
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 04 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
376389c82d3c6e15c3c40b25e1701efc
7a41c6870551d01bbc9931c1f77856556cdf9ca4
7ac9c58532de36879ea6d7d357f8878e16a18bff367f898fb7db398a9ae643c5

HTTP Headers

GET /sync.min.js HTTP/1.1
Host: pixel-static.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 503 Service Unavailable
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 19
content-type: text/plain
date: Fri, 26 Apr 2024 23:40:10 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (16016 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:10 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download

162.210.98.102

200 OK

48 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:11 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31607 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:04 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sessioncam.recorder.js.download

162.210.98.102

63 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sessioncam.recorder.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
63 kB (63386 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/sessioncam.recorder.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:01 GMT
server: LiteSpeed

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
gzip compressed data, max speed, from Unix
Size
5.8 kB (5759 bytes)
Hash
aa33725c2d0a3d1c2f9c878d64914807
6e83d13ec860384a977738b04ff0891a01ab519a
fe412eadb3dc9820ec6cab7cb62349be057c509e34f7e2de6d23b28eacc98bfd

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:40:16 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=Ul131jrzOePrBGyp1H50yHHOc6uf-xF6EG7wS26wIFY-G3alqmmjlBysRF12TY0aZByY080dTwdnevRGrUjkbe26knVajQlW890M1kzAEO-hINMqBEYJUfGDd5fPjgNB
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

www.scdn.co/build/js/sp-analytics-a3e2493d01.js

151.101.238.248

200 OK

2.9 kB

URL GET HTTP/1.1
www.scdn.co/build/js/sp-analytics-a3e2493d01.js
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
JavaScript source, ASCII text, with very long lines (7916)
Size
2.9 kB (2934 bytes)
Hash
3b8ea9b9fed8d12d22fd1c7b7c4367b8
f9129a0d8d9d4f4d32bc28a9591407280413de56
6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4

HTTP Headers

GET /build/js/sp-analytics-a3e2493d01.js HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2934
Last-Modified: Thu, 09 Aug 2018 08:55:55 GMT
ETag: "3b8ea9b9fed8d12d22fd1c7b7c4367b8"
x-goog-generation: 1533804955085745
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7969
x-amz-meta-goog-reserved-file-mtime: 1533804724
Content-Type: application/javascript
x-amz-checksum-crc32c: n4QGTQ==
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:16 GMT
Age: 1630454
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100105-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 111, 3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/analytics.js.download

162.210.98.102

200 OK

172 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/analytics.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
172 kB (171947 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:14 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/gtm.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/gtm.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/gtm.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:17 GMT
server: LiteSpeed

pixel-static.spotify.com/sync.min.js

35.186.224.25

503 Service Unavailable

19 B

URL GET HTTP/2
pixel-static.spotify.com/sync.min.js
IP
35.186.224.25:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerDigiCert Inc
Subject*.spotify.com
Fingerprint69:2B:36:29:F0:B5:FC:1B:A3:57:A6:76:E6:92:EF:30:14:22:34:6A
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 04 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
376389c82d3c6e15c3c40b25e1701efc
7a41c6870551d01bbc9931c1f77856556cdf9ca4
7ac9c58532de36879ea6d7d357f8878e16a18bff367f898fb7db398a9ae643c5

HTTP Headers

GET /sync.min.js HTTP/1.1
Host: pixel-static.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 503 Service Unavailable
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 19
content-type: text/plain
date: Fri, 26 Apr 2024 23:40:17 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

143.204.42.208

200 OK

169 B

URL GET HTTP/1.1
d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
IP
143.204.42.208:443
ASN
#16509 AMAZON-02

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
169 B (169 bytes)
Hash
5717f0c65b6c1db2c16049daf3a8570f
6cff4b9e363d597dc223e2615605175b15181e7c
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

HTTP Headers

GET /Record/js/sessioncam.recorder.js HTTP/1.1
Host: d2oh4tlt9mrke9.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 169
Connection: keep-alive
Date: Fri, 26 Apr 2024 17:36:36 GMT
Last-Modified: Tue, 09 May 2023 06:44:09 GMT
ETag: "d72d9f955f73ac4670c04333f9c658be"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=43200
Content-Encoding: gzip
x-amz-version-id: 4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d23gguBsT0vw_DX8pdI0aMKXhqzD-5ahnpaL87vtgOdAPz0PKPdrzQ==
Age: 21822

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download

162.210.98.102

16 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:19 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/linkid.js.download

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/linkid.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/linkid.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:19 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-f4e3384ead.css

162.210.98.102

63 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-f4e3384ead.css
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
63 kB (63300 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:05 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/analytics.js.download

162.210.98.102

50 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/analytics.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
50 kB (50475 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:59 GMT
server: LiteSpeed

www.googletagmanager.com/gtm.js?id=GTM-7BJJ

142.250.74.168

200 OK

156 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-7BJJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (55667)
Size
156 kB (156100 bytes)
Hash
e53c5d2b0dd5cdf884e52401a4e18009
80852d50016f67016ee18408a0be10ce7af32ea2
5841ced57facd072a318af88f78c455708f386543184b5b119caa77800fd1ad2

HTTP Headers

GET /gtm.js?id=GTM-7BJJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:20 GMT
expires: Fri, 26 Apr 2024 23:40:20 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 22:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 156100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css

162.210.98.102

200 OK

48 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/js

162.210.98.102

16 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/js
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15866 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/js HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:19 GMT
server: LiteSpeed

d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

143.204.42.208

200 OK

169 B

URL GET HTTP/1.1
d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
IP
143.204.42.208:443
ASN
#16509 AMAZON-02

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
169 B (169 bytes)
Hash
5717f0c65b6c1db2c16049daf3a8570f
6cff4b9e363d597dc223e2615605175b15181e7c
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

HTTP Headers

GET /Record/js/sessioncam.recorder.js HTTP/1.1
Host: d2oh4tlt9mrke9.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 169
Connection: keep-alive
Date: Fri, 26 Apr 2024 17:36:36 GMT
Last-Modified: Tue, 09 May 2023 06:44:09 GMT
ETag: "d72d9f955f73ac4670c04333f9c658be"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=43200
Content-Encoding: gzip
x-amz-version-id: 4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kFigqdfxsiaevNOKSDyxnsWmLjTWBSR2I_UW1AZzQB2r3jho_BLN2Q==
Age: 21827

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/modernizr-bc8113e41c.js.download

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/modernizr-bc8113e41c.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/modernizr-bc8113e41c.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:05 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/linkid.js.download

162.210.98.102

200 OK

63 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/linkid.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
63 kB (63386 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/linkid.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:08 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css

162.210.98.102

200 OK

48 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:16 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html

162.210.98.102

200 OK

79 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
79 kB (79233 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:18 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download

162.210.98.102

172 kB

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
172 kB (171948 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:22 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css

162.210.98.102

16 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:26 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/config.aspx

162.210.98.102

200 OK

48 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/config.aspx
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/config.aspx HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:17 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html

162.210.98.102

200 OK

16 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15866 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
set-cookie: PHPSESSID=3f5a5c8826f22d1cd531f144b4e2442c; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:26 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/config.aspx

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/config.aspx
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/config.aspx HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:10 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download

162.210.98.102

48 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:14 GMT
server: LiteSpeed

d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

143.204.42.208

200 OK

169 B

URL GET HTTP/1.1
d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
IP
143.204.42.208:443
ASN
#16509 AMAZON-02

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
169 B (169 bytes)
Hash
5717f0c65b6c1db2c16049daf3a8570f
6cff4b9e363d597dc223e2615605175b15181e7c
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

HTTP Headers

GET /Record/js/sessioncam.recorder.js HTTP/1.1
Host: d2oh4tlt9mrke9.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 169
Connection: keep-alive
Date: Fri, 26 Apr 2024 17:36:36 GMT
Last-Modified: Tue, 09 May 2023 06:44:09 GMT
ETag: "d72d9f955f73ac4670c04333f9c658be"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=43200
Content-Encoding: gzip
x-amz-version-id: 4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fmZXhH9nRwFhElD6KpBzv_vfQZpb9R53cXHE8Ks9__VSiGm50yMuiA==
Age: 21833

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/js

162.210.98.102

200 OK

32 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/js
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/js HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:59 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css

162.210.98.102

200 OK

63 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
63 kB (63386 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:09 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download

162.210.98.102

200 OK

79 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
79 kB (79233 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:08 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/js

162.210.98.102

172 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/js
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
172 kB (171955 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/js HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:30 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html

162.210.98.102

32 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:29 GMT
server: LiteSpeed

www.scdn.co/build/js/sp-analytics-a3e2493d01.js

151.101.238.248

200 OK

2.9 kB

URL GET HTTP/1.1
www.scdn.co/build/js/sp-analytics-a3e2493d01.js
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
JavaScript source, ASCII text, with very long lines (7916)
Size
2.9 kB (2934 bytes)
Hash
3b8ea9b9fed8d12d22fd1c7b7c4367b8
f9129a0d8d9d4f4d32bc28a9591407280413de56
6cdbd83431a2ec14c784a34ce8bf57af46863a2e5c6b39fff81f4967a47f88b4

HTTP Headers

GET /build/js/sp-analytics-a3e2493d01.js HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2934
Last-Modified: Thu, 09 Aug 2018 08:55:55 GMT
ETag: "3b8ea9b9fed8d12d22fd1c7b7c4367b8"
x-goog-generation: 1533804955085745
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7969
x-amz-meta-goog-reserved-file-mtime: 1533804724
Content-Type: application/javascript
x-amz-checksum-crc32c: n4QGTQ==
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:32 GMT
Age: 1630469
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100105-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 111, 6
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

pixel-static.spotify.com/sync.min.js

35.186.224.25

503 Service Unavailable

19 B

URL GET HTTP/2
pixel-static.spotify.com/sync.min.js
IP
35.186.224.25:443
ASN
#15169 GOOGLE

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuerDigiCert Inc
Subject*.spotify.com
Fingerprint69:2B:36:29:F0:B5:FC:1B:A3:57:A6:76:E6:92:EF:30:14:22:34:6A
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 04 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
376389c82d3c6e15c3c40b25e1701efc
7a41c6870551d01bbc9931c1f77856556cdf9ca4
7ac9c58532de36879ea6d7d357f8878e16a18bff367f898fb7db398a9ae643c5

HTTP Headers

GET /sync.min.js HTTP/1.1
Host: pixel-static.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 503 Service Unavailable
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 19
content-type: text/plain
date: Fri, 26 Apr 2024 23:40:32 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

143.204.42.208

200 OK

169 B

URL GET HTTP/1.1
d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
IP
143.204.42.208:443
ASN
#16509 AMAZON-02

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
169 B (169 bytes)
Hash
5717f0c65b6c1db2c16049daf3a8570f
6cff4b9e363d597dc223e2615605175b15181e7c
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

HTTP Headers

GET /Record/js/sessioncam.recorder.js HTTP/1.1
Host: d2oh4tlt9mrke9.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 169
Connection: keep-alive
Date: Fri, 26 Apr 2024 17:36:36 GMT
Last-Modified: Tue, 09 May 2023 06:44:09 GMT
ETag: "d72d9f955f73ac4670c04333f9c658be"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=43200
Content-Encoding: gzip
x-amz-version-id: 4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o1bGM1ipq9oRhfbwMogYig3ThaYH0XoAHo5eD1BNlVqzEWlWbtAjSA==
Age: 21838

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download

162.210.98.102

16 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
16 kB (15845 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:35 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html

162.210.98.102

32 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
32 kB (31692 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:34 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css

162.210.98.102

48 kB

URL
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css
IP
162.210.98.102:0
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5891), with CRLF line terminators
Size
48 kB (47539 bytes)
Hash
e2d20b0f632ed9a5e6309b90706ffa13
b02c823e6209ff24b1699e29d3b862da50a9a7d1
18f15fcac75e1eaa312a5e76d22e4a72321ed60e5f228beb96a1a2a6df373cfa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:26 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:09 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:17 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/bon-32c3a6a7e1.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:11 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:16 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:14 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/jquery-2-0680c441b5.1.3.min.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/jquery-2-0680c441b5.1.3.min.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/jquery-2-0680c441b5.1.3.min.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-bb92d6d161.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-bb92d6d161.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/account-bb92d6d161.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:11 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-bb92d6d161.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-bb92d6d161.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/account-bb92d6d161.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:14 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/gtm.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/gtm.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/gtm.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:09 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:12 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download

0.0.0.0

0 B

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/js

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/js
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/js HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:08 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/cs.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/cs.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:08 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-bb92d6d161.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-bb92d6d161.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/account-bb92d6d161.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:07 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/analytics.js.download

0.0.0.0

0 B

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/analytics.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/analytics.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/vt-150.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/vt-150.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/vt-150.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:07 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/

162.210.98.102

200 OK

58 kB

URL User Request GET HTTP/2
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/ HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:39:57 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/config.aspx

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/config.aspx
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/config.aspx HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:06 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/linkid.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/linkid.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/linkid.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:13 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/js

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/js
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/js HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:13 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download

0.0.0.0

0 B

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spweb-site-efa1133a2d.min.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-bb92d6d161.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-bb92d6d161.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/account-bb92d6d161.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:02 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:03 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/bon-32c3a6a7e1.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/bon-32c3a6a7e1.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/bon-32c3a6a7e1.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:02 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/spotify-b24b86f287.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:20 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/vt-150.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/vt-150.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/vt-150.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:11 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/tracking-2e5455755b.download.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:10 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/sp-analytics-a3e2493d01.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:19 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download

0.0.0.0

58 kB

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/modernizr-bc8113e41c.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:20 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/tracking-2e5455755b.download.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/tracking-2e5455755b.download.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/tracking-2e5455755b.download.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:06 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sessioncam.recorder.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sessioncam.recorder.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/sessioncam.recorder.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:11 GMT
server: LiteSpeed

www.scdn.co/i/_global/favicon.png

151.101.238.248

200 OK

3.6 kB

URL GET HTTP/1.1
www.scdn.co/i/_global/favicon.png
IP
151.101.238.248:443
ASN
#54113 FASTLY

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuerGlobalSign nv-sa
Subject*.scdn.co
Fingerprint96:08:82:C2:CB:0C:82:BD:0A:EA:18:76:73:89:54:F3:EC:97:D3:1C
ValidityTue, 09 Apr 2024 09:05:08 GMT - Sun, 11 May 2025 09:05:07 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3646 bytes)
Hash
326dfa6c84225dfca443693e985fdaab
5a8971cb61bcdae6431abbba6d5a79cefc7d2d45
0c7ee91862c795f69147f2174a919b1303dd28ce8ceccabe3f50ae219bfb01b7

HTTP Headers

GET /i/_global/favicon.png HTTP/1.1
Host: www.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3646
Last-Modified: Fri, 09 Dec 2022 09:15:44 GMT
ETag: "326dfa6c84225dfca443693e985fdaab"
x-goog-generation: 1670577344003625
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3646
x-amz-meta-goog-reserved-file-mtime: 1670576184
Content-Type: image/png
x-amz-checksum-crc32c: iuRMew==
Accept-Ranges: bytes
Date: Fri, 26 Apr 2024 23:40:02 GMT
Age: 2700006
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100076-CHI, cache-osl6549-OSL
X-Cache: HIT, HIT
X-Cache-Hits: 20025, 3740
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/cs.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/cs.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/cs.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:13 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/vt-150.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/vt-150.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/vt-150.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:02 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/gtm.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/gtm.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/gtm.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 15845
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:20 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css

0.0.0.0

58 kB

URL GET
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css
IP
0.0.0.0:0
ASN
#0

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/billing_files/account-f4e3384ead.css HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:20 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/sp-analytics-a3e2493d01.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/sp-analytics-a3e2493d01.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/sp-analytics-a3e2493d01.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:04 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/gtm.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/gtm.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/gtm.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:00 GMT
server: LiteSpeed

spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/vt-150.js.download

162.210.98.102

200 OK

58 kB

URL GET HTTP/3
spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/vt-150.js.download
IP
162.210.98.102:443
ASN
#32748 STEADFAST

Requested by
https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Certificate
IssuercPanel, Inc.
Subjectspotify.nethottrading.com
Fingerprint5E:B9:6C:31:37:46:A5:C1:38:8C:62:41:E7:1F:9C:7F:E5:0F:3E:09
ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type

Size
58 kB (57545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Spotify

HTTP Headers

GET /1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/billing_files/vt-150.js.download HTTP/1.1
Host: spotify.nethottrading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spotify.nethottrading.com/1a01b27006c67fa43567355b4b3568b3/billing.php/billing_files/billing_files/billing_files/activityi.html
Cookie: PHPSESSID=723aed38ef3a2d9343b6766d4bf420f4; spAnalytics_id=eyJkZXZpY2VJZCI6IjU1YjNkYzU0ZWVjODQzNjEyYmUyMzllYTlhYjFiMzM1IiwidXNlcklkIjpudWxsfQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:40:14 GMT
server: LiteSpeed

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL