verify11h.ddns.net Open in urlscan Pro
35.230.117.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://verify11h.ddns.net/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2022, 9:17:51 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 35.230.117.21, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is verify11h.ddns.net.
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.

This is the only time verify11h.ddns.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Snapchat (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
2	35.230.117.21 35.230.117.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80a::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2250:e800:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
20	7

2 35.230.117.21 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.117.230.35.bc.googleusercontent.com

verify11h.ddns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

accounts.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2010 (Ireland)

ASN15169 (GOOGLE, US)

snapnet-cdn.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:e800:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	snapchat.com accounts.snapchat.com — Cisco Umbrella Rank: 16881	89 KB
4	googleapis.com snapnet-cdn.storage.googleapis.com — Cisco Umbrella Rank: 98767	180 KB
3	gstatic.com www.gstatic.com	155 KB
2	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3985	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	ddns.net verify11h.ddns.net	1 MB
20	6

	Domain	Requested by
7	accounts.snapchat.com	verify11h.ddns.net
4	snapnet-cdn.storage.googleapis.com	verify11h.ddns.net snapnet-cdn.storage.googleapis.com
3	www.gstatic.com	www.google.com
2	images.ctfassets.net	verify11h.ddns.net
2	www.google.com	verify11h.ddns.net
2	verify11h.ddns.net	verify11h.ddns.net
20	6

This site contains links to these domains. Also see Links.

Domain
snap.com
careers.snap.com
newsroom.snap.com
support.snapchat.com
snapchat.com
www.snap.com
www.snapchat.com

Subject Issuer	Validity	Valid
verify11h.ddns.net R3	`2022-09-21` - `2022-12-20`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://verify11h.ddns.net/
Frame ID: 25925031159660E84C364FF91FD818A6
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LeunykcAAAAACP-WEAPOD9UCKiT6lgp7172wwpl
Frame ID: 16B6C70B9C6CD487708281A48F4B2D03
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In • Snapchat

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1689 kB
Transfer

2298 kB
Size

0
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://snap.com/en-US
Title: Snap Inc.

Search URL Search Domain Scan URL

URL: https://careers.snap.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://newsroom.snap.com/
Title: News

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/community-guidelines
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/safety/safety-center
Title: Safety Center

Search URL Search Domain Scan URL

URL: https://snapchat.com/ads
Title: Buy Ads

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/ad-policies/
Title: Advertising Policies

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/political-ads/
Title: Political Ads Library

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/brand-guidelines/
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/a/promotions-rules
Title: Promotions Rules

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-center/
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://support.snapchat.com/article/infringement-reporting-about
Title: Report Infringement

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/custom-creative-tools/
Title: Custom Creative Tools Terms

Search URL Search Domain Scan URL

URL: https://snapchat.com/create/terms.html
Title: Community Geofilter Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/lens-studio-license-agreement
Title: Lens Studio Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.snap.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/cookie-settings
Title: Cookie Settings

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
verify11h.ddns.net/ 1 MB
1 MB 489ms
152ms Document
text/html 35.230.117.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://verify11h.ddns.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.230.117.21 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.117.230.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 97fe218085c7b5aa85e6d88b75356d18421fded4b72b6d8b0fc2e0dd3ef6cda4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Sep 2022 21:17:46 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 semantic.min.css
accounts.snapchat.com/accounts/static/styles/ 401 KB
77 KB 222ms
134ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/semantic.min.css

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:10:23 GMT
content-encoding: gzip
server: API Gateway
age: 443
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: d6259b20d9eef91e6fcfc67b0238e7ac
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78184
expires: Wed, 21 Sep 2022 21:20:23 GMT

GET
H2 200 dropdown.min.css
accounts.snapchat.com/accounts/static/styles/ 23 KB
7 KB 219ms
132ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/dropdown.min.css

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:17:42 GMT
content-encoding: gzip
server: API Gateway
age: 4
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: b93880bcbec21ef554cd6e9ce26c813a
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6743
expires: Wed, 21 Sep 2022 21:27:42 GMT

GET
H2 200 snapchat.css
accounts.snapchat.com/accounts/static/styles/ 1 KB
687 B 216ms
130ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/snapchat.css?t=0

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:08:43 GMT
content-encoding: gzip
server: API Gateway
age: 543
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: 5f3d8b3c8c63a03f646f3e80b899ac06
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 564
expires: Wed, 21 Sep 2022 21:18:43 GMT

GET
H2 200 accounts.css
accounts.snapchat.com/accounts/static/styles/ 2 KB
736 B 219ms
133ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/accounts.css

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:12:37 GMT
content-encoding: gzip
server: API Gateway
age: 309
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: 4504510a4ed308eecafa65ff030a7010
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614
expires: Wed, 21 Sep 2022 21:22:37 GMT

GET
H2 200 auth.css
accounts.snapchat.com/accounts/static/styles/ 1 KB
713 B 217ms
133ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/auth.css

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:12:56 GMT
content-encoding: gzip
server: API Gateway
age: 290
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: 5437814c5c03174892c73a6e5ff6e962
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591
expires: Wed, 21 Sep 2022 21:22:56 GMT

GET
H2 200 revoke.css
accounts.snapchat.com/accounts/static/styles/ 1 KB
868 B 213ms
129ms Stylesheet
text/css 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.snapchat.com/accounts/static/styles/revoke.css

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:09:58 GMT
content-encoding: gzip
server: API Gateway
age: 468
etag: "OPHpgQ"
x-frame-options: DENY
content-type: text/css
via: 1.1 google, 1.1 google
x-cloud-trace-context: a05889db82bb8375ef21f861f6a1e7f2
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 485
expires: Wed, 21 Sep 2022 21:19:58 GMT

GET
H2 200 avenirnext.font.css
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 3 KB
960 B 241ms
49ms Stylesheet
text/css 2a00:1450:400d:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Requested by: Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48ec1864836be0c08309078bb22c6c5d979a977ddb9c4199f73eb1a3652ab441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:53:31 GMT
content-encoding: gzip
age: 1455
x-guploader-uploadid: ADPycdtK4cGemzbqJeR6ahwRe-mXyZsCB8JBzWgJG1D50yE0QRViaYEfDATv3OXaj441wUmtr2nDIdKIlUcAeBOI9mj0vw
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
last-modified: Wed, 30 Sep 2020 04:03:08 GMT
server: UploadServer
etag: "5a1700334ca93550ea010aac8d2c8f4e"
x-goog-hash: crc32c=pWMf2w==, md5=WhcAM0ypNVDqAQqsjSyPTg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1601438588977969
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 333
accept-ranges: bytes
content-type: text/css
expires: Wed, 21 Sep 2022 21:53:31 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 942 B
1001 B 188ms
71ms Script
text/javascript 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?hl=en-us&render=explicit

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13a0d15c5a62f6b4a6c62e06317629fd779e8e2a3f709f8a411da4c25f8066dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 21:17:46 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ 388 KB
155 KB 173ms
49ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?hl=en-us&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94d48861ea4d1585e765d393147dafc3df44e3f33a2150b944bca4815cf9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://verify11h.ddns.net/
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 13:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157726
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 13:25:37 GMT

GET
H/1.1 404
Not Found ghost.svg
verify11h.ddns.net/accounts/static/images/ghost/ 315 B
315 B 176ms
154ms Image
text/html 35.230.117.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify11h.ddns.net/accounts/static/images/ghost/ghost.svg
Requested by: Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.230.117.21 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.117.230.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 21:17:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 snapchat-app-icon.svg
accounts.snapchat.com/accounts/static/images/ghost/ 5 KB
3 KB 130ms
129ms Image
image/svg+xml 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.snapchat.com/accounts/static/images/ghost/snapchat-app-icon.svg

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:08:47 GMT
content-encoding: gzip
server: API Gateway
age: 540
etag: "OPHpgQ"
x-frame-options: DENY
content-type: image/svg+xml
via: 1.1 google, 1.1 google
x-cloud-trace-context: a9ee45af5970fd3f1b4b6e6719bdd927
cache-control: public, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2446
expires: Wed, 21 Sep 2022 21:18:47 GMT

GET
DATA 200
OK truncated
/ 84 B
84 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25c04d5918b7294419edd15160821630adcb86424bef9bad0ad6b8619fb9a689

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 84 B
84 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d0cd46544968b78004db98c58b9a864c3fb62d588af238062964737c75940f

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 84 B
84 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2765b3fdee809c95a3866125c9ecdaa490dc6fd916fe56672c87754e9263996e

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 83 B
83 B Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 881a0a6cd885e2f2015e1978ad2fc369360f975cd304b85e4bb0a26814f1108b

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 83 B
83 B Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bcbbd8b60d4c6ee347d1c372300b579e293f30c5e0b4a113b467c092920e245

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 83 B
83 B Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1515420fd33406c6369f1c676bca1918d8814e09b4f74d84360cf6b992efcc

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 82 B
82 B Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c1e2423d798da0dd4434d410225d1a750c69bd6138c809ed50bf58c12e1a53d

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

GET
DATA 200
OK truncated
/ 82 B
82 B Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a9b1b0527d5047de1a4ba2300ea9ca50b6461490f4b6504b31dd65546a82e9

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

GET
DATA 200
OK truncated
/ 82 B
82 B Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28be5ec9b4e16ec610259b313500b7fcefdc066349780f36a28342187b3806ee

Request headers

Referer
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-ttf

GET
H2 200 cookie-1.svg
images.ctfassets.net/kp51zybwznx4/6Z33cxfj9twwd4eWIjEI6i/4cb58d2a416f7a827bff4851bb61cfcc/ 31 KB
11 KB 39ms
9ms Image
image/svg+xml 2600:9000:2250:e800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kp51zybwznx4/6Z33cxfj9twwd4eWIjEI6i/4cb58d2a416f7a827bff4851bb61cfcc/cookie-1.svg
Requested by: Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 00806aa6963e1100fb857d9e57e6c77caea97b04a157f01e2ce08ba73123f84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:03:40 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 01:58:52 GMT
server: Contentful Images API
age: 68371
etag: W/"e3cb85d2cdd14583b3f0484990829a31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: r9lV1-wBkR4gaib7F8N9tUFfWYg9EdZkl4phRlEOUzPyCoYrhCBlag==
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 16B6 7 KB
1 KB 183ms
70ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LeunykcAAAAACP-WEAPOD9UCKiT6lgp7172wwpl

Requested by

Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71b20649b45db2b24b92b0a3043743356af55eea429ad29175d054ddce6772c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OXWn0u1uEnj5vH7z8oTMaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://verify11h.ddns.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-OXWn0u1uEnj5vH7z8oTMaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:17:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie-2.svg
images.ctfassets.net/kp51zybwznx4/4AbKvzglmepfDjlJK7CEwc/5ed9f05c30cdfd15728b9841dfa906e5/ 10 KB
4 KB 14ms
9ms Image
image/svg+xml 2600:9000:2250:e800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kp51zybwznx4/4AbKvzglmepfDjlJK7CEwc/5ed9f05c30cdfd15728b9841dfa906e5/cookie-2.svg
Requested by: Host: verify11h.ddns.net
URL: https://verify11h.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ec71bf676f54faaca0d862e663939bfee1e7e400f00678488e9995980fd53222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify11h.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:03:40 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 01:59:13 GMT
server: Contentful Images API
age: 56872
etag: W/"421f878b5c7b3d8ec7330ca6cfe3e60e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: AtIL6J9UFGusLKUTmTEnJISBacvPQOe2X2gOUvNmwjxgHevUO78kig==
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a01fe436583f14e7f5eb79cc2ac814f2f589e475cd8b39d7dc1bd01cb6949fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 AvenirNext-Bold.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 63 KB
63 KB 151ms
49ms Font
font/woff2 2a00:1450:400d:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/AvenirNext-Bold.woff2
Requested by: Host: snapnet-cdn.storage.googleapis.com
URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3fd9e7a7c399c12de835daebd7cf67d3f243c7186e305a149770c4ed9367290a

Request headers

Referer: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:54:12 GMT
content-encoding: gzip
age: 1415
x-guploader-uploadid: ADPycdueVZGhWJ0bSCaHpBcGnR1Ez-I_poYPZPsScnmxvsUqzwtHt19fYwxrRw8le3Dmp7RkXftWGIUQndZeJZ17mts0ew
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64385
last-modified: Wed, 30 Sep 2020 04:03:10 GMT
server: UploadServer
etag: "060ea358601c2a8f7c73be7e00908717"
x-goog-hash: crc32c=+Qi5uw==, md5=Bg6jWGAcKo98c75+AJCHFw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1601438590702191
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 64385
accept-ranges: bytes
content-type: font/woff2
expires: Wed, 21 Sep 2022 21:54:12 GMT

GET
H3 200 AvenirNext-DemiBold.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 58 KB
58 KB 158ms
53ms Font
font/woff2 2a00:1450:400d:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/AvenirNext-DemiBold.woff2
Requested by: Host: snapnet-cdn.storage.googleapis.com
URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bd177a4f083c686f63ccafb9de27a81b59da32dd43d37e70d4875ce93e20cf40

Request headers

Referer: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:54:12 GMT
content-encoding: gzip
age: 1415
x-guploader-uploadid: ADPycduwYniOrGjwDd-koKUv53dWTyg53c6JbEQY4NIcbticblofXIxLAkJd4ozFd7M-D7-CG7COzHhDIMAhN3u_Lwk_uw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59647
last-modified: Wed, 30 Sep 2020 04:03:09 GMT
server: UploadServer
etag: "0c2462a8bb5fe346f7473f631bec7dd8"
x-goog-hash: crc32c=LEN0oQ==, md5=DCRiqLtf40b3Rz9jG+x92A==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1601438589595778
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 59647
accept-ranges: bytes
content-type: font/woff2
expires: Wed, 21 Sep 2022 21:54:12 GMT

GET
H3 200 AvenirNext-Medium.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 58 KB
58 KB 191ms
84ms Font
font/woff2 2a00:1450:400d:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/AvenirNext-Medium.woff2
Requested by: Host: snapnet-cdn.storage.googleapis.com
URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0

Request headers

Referer: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Origin: https://verify11h.ddns.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:54:12 GMT
content-encoding: gzip
age: 1415
x-guploader-uploadid: ADPycdvBx4hyW45qP_0ZphN9IzGmAgPKl0fsGB8chp65GBKPYUe6nGJIPppok2v1StlS7tuKkcVwQdEWvdapNuGLhKy2UQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59626
last-modified: Wed, 30 Sep 2020 04:03:09 GMT
server: UploadServer
etag: "ec8e18c4d733494eff749c9cfe9ad49f"
x-goog-hash: crc32c=Whu4Dg==, md5=7I4YxNczSU7/dJyc/prUnw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1601438589645398
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 59626
accept-ranges: bytes
content-type: font/woff2
expires: Wed, 21 Sep 2022 21:54:12 GMT

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 16B6 0
0 308ms
208ms Stylesheet
text/html 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LeunykcAAAAACP-WEAPOD9UCKiT6lgp7172wwpl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 16B6 0
0 214ms
114ms Script
text/html 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LeunykcAAAAACP-WEAPOD9UCKiT6lgp7172wwpl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Snapchat (Instant Messenger)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: Failed to decode downloaded font: data:application/font-woff2;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICI3ZTlhYzQwYTliZTNjZDM4NDM3Mjc3NWQ4NTc0MGQyZC53b2ZmMiI7
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: Failed to decode downloaded font: data:application/font-woff2;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJlNmY2MjY4MTg0ZjViNGRkNDllMWRjZTc5NzQ5NDY3Ny53b2ZmMiI7
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: Failed to decode downloaded font: data:application/font-woff2;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJlNmY2MjY4MTg0ZjViNGRkNDllMWRjZTc5NzQ5NDY3Ny53b2ZmMiI7
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: Failed to decode downloaded font: data:application/font-woff2;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICIxMTRiMWZmNDg4ODg4MzdjNGEyNjQ5ZDM5ODhlMjE1Yy53b2ZmMiI7
other	warning	URL: https://verify11h.ddns.net/(Line 49828) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: Failed to decode downloaded font: data:application/font-woff;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJlNzAyOGNjZDgwYzgwYjc0Yjg4ODUyNjVmZWQzN2Q3ZS53b2ZmIjs=
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: Failed to decode downloaded font: data:application/font-woff;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJlYTZiNDUxYTg0NDU3ODE1MTdlZWZiNGVlNDFlNDQ0Ny53b2ZmIjs=
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: Failed to decode downloaded font: data:application/font-woff;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJlYTZiNDUxYTg0NDU3ODE1MTdlZWZiNGVlNDFlNDQ0Ny53b2ZmIjs=
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: Failed to decode downloaded font: data:application/font-woff;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICI2M2IxY2ZmYmI0OWQ4MTE2NGRiYmU5MzE1ZDU2MzdkMy53b2ZmIjs=
other	warning	URL: https://verify11h.ddns.net/(Line 49982) Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICI5NmNhMDJjZmM4NTFjYzY3MDU0ZjU1NThjYWJjYTIwNy50dGYiOw==
other	warning	URL: https://verify11h.ddns.net/ Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJhNjJkNmYyYzMyNGM3N2QwY2M5YTgyOTk2ZWI2OWEwNi50dGYiOw==
other	warning	URL: https://verify11h.ddns.net/ Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICJhNjJkNmYyYzMyNGM3N2QwY2M5YTgyOTk2ZWI2OWEwNi50dGYiOw==
other	warning	URL: https://verify11h.ddns.net/ Message: OTS parsing error: invalid sfntVersion: 1836016757
other	warning	URL: https://verify11h.ddns.net/ Message: Failed to decode downloaded font: data:application/x-font-ttf;base64,bW9kdWxlLmV4cG9ydHMgPSBfX3dlYnBhY2tfcHVibGljX3BhdGhfXyArICI2NWQ5N2FkNTVhMjU0NDEzNjdkNjE2NTdlNDQyNGE3NS50dGYiOw==
other	warning	URL: https://verify11h.ddns.net/ Message: OTS parsing error: invalid sfntVersion: 1836016757
network	error	URL: https://verify11h.ddns.net/accounts/static/images/ghost/ghost.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.snapchat.com
images.ctfassets.net
snapnet-cdn.storage.googleapis.com
verify11h.ddns.net
www.google.com
www.gstatic.com
2600:9000:2250:e800:12:94b3:c380:93a1
2a00:1450:400d:805::2003
2a00:1450:400d:806::2004
2a00:1450:400d:80a::2010
35.190.43.134
35.230.117.21
00806aa6963e1100fb857d9e57e6c77caea97b04a157f01e2ce08ba73123f84c
04a9b1b0527d5047de1a4ba2300ea9ca50b6461490f4b6504b31dd65546a82e9
0bcbbd8b60d4c6ee347d1c372300b579e293f30c5e0b4a113b467c092920e245
13a0d15c5a62f6b4a6c62e06317629fd779e8e2a3f709f8a411da4c25f8066dc
25c04d5918b7294419edd15160821630adcb86424bef9bad0ad6b8619fb9a689
2765b3fdee809c95a3866125c9ecdaa490dc6fd916fe56672c87754e9263996e
28be5ec9b4e16ec610259b313500b7fcefdc066349780f36a28342187b3806ee
3a01fe436583f14e7f5eb79cc2ac814f2f589e475cd8b39d7dc1bd01cb6949fa
3d94d48861ea4d1585e765d393147dafc3df44e3f33a2150b944bca4815cf9e4
3fd9e7a7c399c12de835daebd7cf67d3f243c7186e305a149770c4ed9367290a
48ec1864836be0c08309078bb22c6c5d979a977ddb9c4199f73eb1a3652ab441
494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2
498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a
51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0
55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263
5c1e2423d798da0dd4434d410225d1a750c69bd6138c809ed50bf58c12e1a53d
6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3
71b20649b45db2b24b92b0a3043743356af55eea429ad29175d054ddce6772c0
87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f
881a0a6cd885e2f2015e1978ad2fc369360f975cd304b85e4bb0a26814f1108b
8e1515420fd33406c6369f1c676bca1918d8814e09b4f74d84360cf6b992efcc
97fe218085c7b5aa85e6d88b75356d18421fded4b72b6d8b0fc2e0dd3ef6cda4
b5d0cd46544968b78004db98c58b9a864c3fb62d588af238062964737c75940f
bd177a4f083c686f63ccafb9de27a81b59da32dd43d37e70d4875ce93e20cf40
cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412
ec71bf676f54faaca0d862e663939bfee1e7e400f00678488e9995980fd53222

verify11h.ddns.net Open in urlscan Pro 35.230.117.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

1689 kBTransfer

2298 kBSize

0 Cookies

21 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

verify11h.ddns.net Open in urlscan Pro
35.230.117.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1689 kB
Transfer

2298 kB
Size

0
Cookies

20 HTTP transactions
10 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!