accounts-snapchat.glitch.me Open in urlscan Pro
18.235.65.101 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accounts-snapchat.glitch.me/
Effective URL:
https://accounts-snapchat.glitch.me/
Submission: On May 03 via automatic, source openphish (May 3rd 2024, 1:00:37 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 18.235.65.101, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts-snapchat.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time accounts-snapchat.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Snapchat (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1	18.235.65.101 18.235.65.101	14618 (AMAZON-AES) (AMAZON-AES)
9	34.149.46.130 34.149.46.130	15169 (GOOGLE) (GOOGLE)
10	3

1 18.235.65.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-65-101.compute-1.amazonaws.com

accounts-snapchat.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.149.46.130 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 130.46.149.34.bc.googleusercontent.com

accounts.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	snapchat.com accounts.snapchat.com — Cisco Umbrella Rank: 16321 www.snapchat.com — Cisco Umbrella Rank: 25494	92 KB
1	glitch.me accounts-snapchat.glitch.me	667 KB
10	2

	Domain	Requested by
8	accounts.snapchat.com	accounts-snapchat.glitch.me
1	www.snapchat.com	accounts-snapchat.glitch.me
1	accounts-snapchat.glitch.me
10	3

This site contains links to these domains. Also see Links.

Domain
www.snap.com
support.snapchat.com
www.snapchat.com

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://accounts-snapchat.glitch.me/
Frame ID: 2ECA387A2D243907A9AD6E4E54D0AE42
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Snapchat

Page URL History Show full URLs

http://accounts-snapchat.glitch.me/ HTTP 307
https://accounts-snapchat.glitch.me/ Page URL

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

759 kB
Transfer

1103 kB
Size

0
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.snap.com/ar/
Title: Snap Inc.

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/jobs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/news/
Title: News

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/a/guidelines
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/safety
Title: Safety Centre

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/ads
Title: Buy Ads

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/ad-policies/
Title: Advertising Policies

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/brand-guidelines/
Title: Political Ads Library

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/a/promotions-rules
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/privacy/privacy-center/
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/cookie-policy/
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/co/report-copyright
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/terms/on-demand-geofilters/
Title: Community Geofilter Terms

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/geofilters/terms.html
Title: Custom Creative Tools Terms

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/privacy/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.snap.com/ar/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accounts-snapchat.glitch.me/ HTTP 307
https://accounts-snapchat.glitch.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
accounts-snapchat.glitch.me/
Redirect Chain

http://accounts-snapchat.glitch.me/
https://accounts-snapchat.glitch.me/

666 KB
667 KB

611ms
295ms

Document
text/html

18.235.65.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts-snapchat.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.65.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-65-101.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 952bb0339e8621a4ca9d370a0dc88588fca4613f1d2c44c2334abce8ed585307

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 681914
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 13:00:33 GMT
etag: "b9a1bed8338939b9d850f48e5a3d416b"
last-modified: Wed, 24 Apr 2024 16:06:57 GMT
server: AmazonS3
x-amz-id-2: lv/VpiJAAt/suVfpL4uBj+Gax/e9vl6xKjBtplMFAA0ro+H/KpMd9dUlVXa73YNGt/OFp2wdlIo=
x-amz-request-id: WWQ91PRTW1K4ZMY3
x-amz-server-side-encryption: AES256
x-amz-version-id: YEoeFpcgIqHSl5oDETCIkouOscxgf2FM

Redirect headers

Location: https://accounts-snapchat.glitch.me/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 semantic.min.css
accounts.snapchat.com//accounts/static/styles/ 401 KB
77 KB 259ms
174ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/semantic.min.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:52:50 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 463
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 34c9f92464bd1dd1906b985f96319e4d
cache-control: public, max-age=600
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78184
expires: Fri, 03 May 2024 13:02:50 GMT

GET
H2 200 dropdown.min.css
accounts.snapchat.com//accounts/static/styles/ 23 KB
7 KB 235ms
149ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/dropdown.min.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:54:40 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 353
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 5781b9a2597f24ed21a04ff3d820936b
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6743
expires: Fri, 03 May 2024 13:04:40 GMT

GET
H2 200 snapchat.css
accounts.snapchat.com//accounts/static/styles/ 1 KB
845 B 221ms
136ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/snapchat.css?t=0

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:52:25 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 488
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: ba6840eb05a4f8a32a75fba48251aa8d
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 564
expires: Fri, 03 May 2024 13:02:25 GMT

GET
H2 200 accounts.css
accounts.snapchat.com//accounts/static/styles/ 2 KB
729 B 292ms
207ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/accounts.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:51:37 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 536
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 145358b4f2384f0a6c445b44039675cd
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 614
expires: Fri, 03 May 2024 13:01:37 GMT

GET
H2 200 auth.css
accounts.snapchat.com//accounts/static/styles/ 1 KB
705 B 293ms
208ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/auth.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:51:57 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 516
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 838341f4c2206fd03dd63ce3c815aa30
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 591
expires: Fri, 03 May 2024 13:01:57 GMT

GET
H2 200 revoke.css
accounts.snapchat.com//accounts/static/styles/ 1 KB
599 B 236ms
151ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/revoke.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:55:27 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 306
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 3dd801db8d86394f7ef0c03f64e31442
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485
expires: Fri, 03 May 2024 13:05:27 GMT

GET
H2 200 accounts-ar.css
accounts.snapchat.com//accounts/static/styles/ 333 B
304 B 223ms
139ms Stylesheet
text/css 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/styles/accounts-ar.css

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9a3bf4e4cb0a1074b946708331a4be766854fad6f766b2359e476c3bdf32c22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:54:47 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 346
etag: "6k0lXg"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: 03d50f088350e211aa5981e247e4243e
cache-control: public, max-age=600
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: Fri, 03 May 2024 13:04:47 GMT

GET
H2 200 ghost.svg
www.snapchat.com/static/style-guide/images/ghost/ 5 KB
3 KB 150ms
118ms Image
image/svg+xml 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.snapchat.com/static/style-guide/images/ghost/ghost.svg

Requested by

Host: accounts-snapchat.glitch.me
URL: https://accounts-snapchat.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 07:19:57 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ba3a4becb51f8eb807e5e3697846e1a.cloudfront.net (CloudFront), 1.1 google
x-amz-cf-pop: IAD89-C2
age: 20438
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-snapchat-dot-com-proxy-target: https://static.snapchat.com
last-modified: Wed, 08 Mar 2023 15:15:31 GMT
server: API Gateway
etag: W/"84f4f3a38c2af19f23a5c17f9a8265ac"
vary: Accept-Encoding
content-type: image/svg+xml
x-amz-cf-id: lPhgU5SmWBL0SYzbs2AqgWra1JgwDtoOfliLPOZp-sy2MjeJTse25w==

GET
DATA 200
OK truncated
/ 82 B
82 B Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28be5ec9b4e16ec610259b313500b7fcefdc066349780f36a28342187b3806ee

Request headers

Referer
Origin: https://accounts-snapchat.glitch.me
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

GET
DATA 200
OK truncated
/ 82 B
82 B Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a9b1b0527d5047de1a4ba2300ea9ca50b6461490f4b6504b31dd65546a82e9

Request headers

Referer
Origin: https://accounts-snapchat.glitch.me
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

GET
H2 200 favicon.png
accounts.snapchat.com//accounts/static/images/favicon/ 3 KB
3 KB 143ms
143ms Other
image/png 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com//accounts/static/images/favicon/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

673e11d75bc71ea8e88c9057bd0cd95a88d213442aca91a061bbdaebf0903723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-snapchat.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 12:58:13 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 141
etag: "6k0lXg"
x-frame-options: DENY
content-type: image/png
x-cloud-trace-context: 76285b59672cb53e07e591e40eb0bb3c
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2753
expires: Fri, 03 May 2024 13:08:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Snapchat (Instant Messenger)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICI2NWQ5N2FkNTVhMjU0NDEzNjdkNjE2NTdlNDQyNGE3NS50dGYiOw==
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJhNjJkNmYyYzMyNGM3N2QwY2M5YTgyOTk2ZWI2OWEwNi50dGYiOw==
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJhNjJkNmYyYzMyNGM3N2QwY2M5YTgyOTk2ZWI2OWEwNi50dGYiOw==
other	warning	URL: https://accounts-snapchat.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 1836016757

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-snapchat.glitch.me
accounts.snapchat.com
www.snapchat.com
18.235.65.101
34.149.46.130
04a9b1b0527d5047de1a4ba2300ea9ca50b6461490f4b6504b31dd65546a82e9
28be5ec9b4e16ec610259b313500b7fcefdc066349780f36a28342187b3806ee
494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2
498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a
55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263
673e11d75bc71ea8e88c9057bd0cd95a88d213442aca91a061bbdaebf0903723
6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3
87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f
952bb0339e8621a4ca9d370a0dc88588fca4613f1d2c44c2334abce8ed585307
9a3bf4e4cb0a1074b946708331a4be766854fad6f766b2359e476c3bdf32c22f
cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32
e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412

accounts-snapchat.glitch.me Open in urlscan Pro 18.235.65.101 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

759 kBTransfer

1103 kBSize

0 Cookies

17 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

accounts-snapchat.glitch.me Open in urlscan Pro
18.235.65.101 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

759 kB
Transfer

1103 kB
Size

0
Cookies

10 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!