verify11h.ddns.net
Open in
urlscan Pro
35.230.117.21
Malicious Activity!
Public Scan
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.
This is the only time verify11h.ddns.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Snapchat (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 35.230.117.21 35.230.117.21 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
7 | 35.190.43.134 35.190.43.134 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:400d:80a::2010 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400d:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:400d:805::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:225... 2600:9000:2250:e800:12:94b3:c380:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 7 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.117.230.35.bc.googleusercontent.com
verify11h.ddns.net |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
accounts.snapchat.com |
ASN16509 (AMAZON-02, US)
images.ctfassets.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
snapchat.com
accounts.snapchat.com — Cisco Umbrella Rank: 16881 |
89 KB |
4 |
googleapis.com
snapnet-cdn.storage.googleapis.com — Cisco Umbrella Rank: 98767 |
180 KB |
3 |
gstatic.com
www.gstatic.com |
155 KB |
2 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3985 |
15 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
2 |
ddns.net
verify11h.ddns.net |
1 MB |
20 | 6 |
Domain | Requested by | |
---|---|---|
7 | accounts.snapchat.com |
verify11h.ddns.net
|
4 | snapnet-cdn.storage.googleapis.com |
verify11h.ddns.net
snapnet-cdn.storage.googleapis.com |
3 | www.gstatic.com |
www.google.com
|
2 | images.ctfassets.net |
verify11h.ddns.net
|
2 | www.google.com |
verify11h.ddns.net
|
2 | verify11h.ddns.net |
verify11h.ddns.net
|
20 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
snap.com |
careers.snap.com |
newsroom.snap.com |
support.snapchat.com |
snapchat.com |
www.snap.com |
www.snapchat.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
verify11h.ddns.net R3 |
2022-09-21 - 2022-12-20 |
3 months | crt.sh |
*.snap.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-16 - 2023-08-16 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
images.ctfassets.net Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://verify11h.ddns.net/
Frame ID: 25925031159660E84C364FF91FD818A6
Requests: 27 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LeunykcAAAAACP-WEAPOD9UCKiT6lgp7172wwpl
Frame ID: 16B6C70B9C6CD487708281A48F4B2D03
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Log In • SnapchatDetected technologies
Semantic UI (UI frameworks) ExpandDetected patterns
- <link[^>]+semantic(?:\.min)\.css"
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title: Snap Inc.
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Community Guidelines
Search URL Search Domain Scan URL
Title: Safety Center
Search URL Search Domain Scan URL
Title: Buy Ads
Search URL Search Domain Scan URL
Title: Advertising Policies
Search URL Search Domain Scan URL
Title: Political Ads Library
Search URL Search Domain Scan URL
Title: Brand Guidelines
Search URL Search Domain Scan URL
Title: Promotions Rules
Search URL Search Domain Scan URL
Title: Privacy Center
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Report Infringement
Search URL Search Domain Scan URL
Title: Custom Creative Tools Terms
Search URL Search Domain Scan URL
Title: Community Geofilter Terms
Search URL Search Domain Scan URL
Title: Lens Studio Terms
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Cookie Settings
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
verify11h.ddns.net/ |
1 MB 1 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.css
accounts.snapchat.com/accounts/static/styles/ |
401 KB 77 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dropdown.min.css
accounts.snapchat.com/accounts/static/styles/ |
23 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snapchat.css
accounts.snapchat.com/accounts/static/styles/ |
1 KB 687 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accounts.css
accounts.snapchat.com/accounts/static/styles/ |
2 KB 736 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth.css
accounts.snapchat.com/accounts/static/styles/ |
1 KB 713 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revoke.css
accounts.snapchat.com/accounts/static/styles/ |
1 KB 868 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avenirnext.font.css
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ |
3 KB 960 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise.js
www.google.com/recaptcha/ |
942 B 1001 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ |
388 KB 155 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ghost.svg
verify11h.ddns.net/accounts/static/images/ghost/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snapchat-app-icon.svg
accounts.snapchat.com/accounts/static/images/ghost/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
84 B 84 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
84 B 84 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
84 B 84 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
83 B 83 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
83 B 83 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
83 B 83 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 82 B |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 82 B |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 82 B |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-1.svg
images.ctfassets.net/kp51zybwznx4/6Z33cxfj9twwd4eWIjEI6i/4cb58d2a416f7a827bff4851bb61cfcc/ |
31 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bframe
www.google.com/recaptcha/enterprise/ Frame 16B6 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-2.svg
images.ctfassets.net/kp51zybwznx4/4AbKvzglmepfDjlJK7CEwc/5ed9f05c30cdfd15728b9841dfa906e5/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
278 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNext-Bold.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNext-DemiBold.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ |
58 KB 58 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNext-Medium.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ |
58 KB 58 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 16B6 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 16B6 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Snapchat (Instant Messenger)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
27 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.snapchat.com
images.ctfassets.net
snapnet-cdn.storage.googleapis.com
verify11h.ddns.net
www.google.com
www.gstatic.com
2600:9000:2250:e800:12:94b3:c380:93a1
2a00:1450:400d:805::2003
2a00:1450:400d:806::2004
2a00:1450:400d:80a::2010
35.190.43.134
35.230.117.21
00806aa6963e1100fb857d9e57e6c77caea97b04a157f01e2ce08ba73123f84c
04a9b1b0527d5047de1a4ba2300ea9ca50b6461490f4b6504b31dd65546a82e9
0bcbbd8b60d4c6ee347d1c372300b579e293f30c5e0b4a113b467c092920e245
13a0d15c5a62f6b4a6c62e06317629fd779e8e2a3f709f8a411da4c25f8066dc
25c04d5918b7294419edd15160821630adcb86424bef9bad0ad6b8619fb9a689
2765b3fdee809c95a3866125c9ecdaa490dc6fd916fe56672c87754e9263996e
28be5ec9b4e16ec610259b313500b7fcefdc066349780f36a28342187b3806ee
3a01fe436583f14e7f5eb79cc2ac814f2f589e475cd8b39d7dc1bd01cb6949fa
3d94d48861ea4d1585e765d393147dafc3df44e3f33a2150b944bca4815cf9e4
3fd9e7a7c399c12de835daebd7cf67d3f243c7186e305a149770c4ed9367290a
48ec1864836be0c08309078bb22c6c5d979a977ddb9c4199f73eb1a3652ab441
494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2
498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a
51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0
55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263
5c1e2423d798da0dd4434d410225d1a750c69bd6138c809ed50bf58c12e1a53d
6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3
71b20649b45db2b24b92b0a3043743356af55eea429ad29175d054ddce6772c0
87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f
881a0a6cd885e2f2015e1978ad2fc369360f975cd304b85e4bb0a26814f1108b
8e1515420fd33406c6369f1c676bca1918d8814e09b4f74d84360cf6b992efcc
97fe218085c7b5aa85e6d88b75356d18421fded4b72b6d8b0fc2e0dd3ef6cda4
b5d0cd46544968b78004db98c58b9a864c3fb62d588af238062964737c75940f
bd177a4f083c686f63ccafb9de27a81b59da32dd43d37e70d4875ce93e20cf40
cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412
ec71bf676f54faaca0d862e663939bfee1e7e400f00678488e9995980fd53222