client.snappt.com Open in urlscan Pro
2600:9000:2807:2000:6:801e:cb40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.snappt.com/
Submission: On October 10 via automatic, source certstream-suspicious (October 10th 2024, 1:15:28 pm UTC) — Scanned from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2600:9000:2807:2000:6:801e:cb40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is client.snappt.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 10th 2024. Valid for: a year.

This is the only time client.snappt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2600:9000:280... 2600:9000:2807:2000:6:801e:cb40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:3151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.116.57 18.164.116.57	16509 (AMAZON-02) (AMAZON-02)
1	54.196.121.108 54.196.121.108	14618 (AMAZON-AES) (AMAZON-AES)
15	4

9 2600:9000:2807:2000:6:801e:cb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

client.snappt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3151 (United States)

ASN13335 (CLOUDFLARENET, US)

fraud-api.snappt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-57.jfk50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.121.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-121-108.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	snappt.com client.snappt.com fraud-api.snappt.com — Cisco Umbrella Rank: 608348	1 MB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 852 heapanalytics.com — Cisco Umbrella Rank: 666	38 KB
15	2

	Domain	Requested by
9	client.snappt.com	client.snappt.com
4	fraud-api.snappt.com	client.snappt.com
1	heapanalytics.com
1	cdn.heapanalytics.com	client.snappt.com
15	4

This site contains no links.

Subject Issuer	Validity	Valid
fraud-production.snappt.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh
snappt.com WE1	`2024-10-03` - `2024-11-02`	a month	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://client.snappt.com/
Frame ID: C5D00909A446A89D06F064A6C92BF043
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SNAPPT - Fraud detection

Detected technologies

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

1102 kB
Transfer

3045 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client.snappt.com/ 3 KB
1 KB 653ms
306ms Document
text/html 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 468c38edee3c0b69aca1434be0be557c4698d84a03c1d2862a22a955b176da1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 10 Oct 2024 13:15:21 GMT
etag: W/"66fdb743-c58"
last-modified: Wed, 02 Oct 2024 21:12:35 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-amz-cf-id: FciqXN6aGeFFPCptIf1jxJ0eGaJ2Ks7zFHqrWVi1VbO0FCFibMBxkQ==
x-amz-cf-pop: JFK52-P6
x-cache: RefreshHit from cloudfront

GET
H2 200 style.css
client.snappt.com/assets/fonts/ 300 B
641 B 190ms
190ms Stylesheet
text/css 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/assets/fonts/style.css
Requested by: Host: client.snappt.com
URL: https://client.snappt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 41046652eca634446a48d432de80181cb12fddddfd4b9b271cde8811f8cdccb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

cache-control: no-cache
etag: "66fdb6e3-12c"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 300
x-amz-cf-id: wK2lFyMIsZOiyt7xBwxfDMljM47P5TmE6GTl7QKs6kmQQguTpmm6Gw==
date: Thu, 10 Oct 2024 13:15:21 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 main.9ed04646.js Show response
client.snappt.com/static/js/ 2 MB
584 KB 156ms
156ms Script
application/javascript 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/static/js/main.9ed04646.js
Requested by: Host: client.snappt.com
URL: https://client.snappt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a47f1f20c90852aeb9319fdd4596f8b1deabc0d6bb5820a3b2d3b092e298fa15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"66fdb743-25abc4"
age: 506882
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jEBxNHfIJ8IowVXWn-2I3RlY6RiAnNoZ8znslBwhEdpBpHPEMt9stA==
date: Fri, 04 Oct 2024 16:27:19 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 21:12:35 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 main.9cb4cf7c.css
client.snappt.com/static/css/ 26 KB
4 KB 135ms
134ms Stylesheet
text/css 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/static/css/main.9cb4cf7c.css
Requested by: Host: client.snappt.com
URL: https://client.snappt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 18f4a27030b531bdc56eaedc3415dd09bedb829c886d381baeb04571c184e510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"66fdb743-661d"
age: 347234
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jZSMwOq3N1agy8laI-kM00tyv5v_N3wAL24qb2qZecgeu5C78Nvt4g==
date: Sun, 06 Oct 2024 12:48:07 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 21:12:35 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

OPTIONS
H2 204 server_info
fraud-api.snappt.com/v2/ 0
0 281ms
112ms Preflight 2606:4700:10::6816:3151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud-api.snappt.com/v2/server_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://client.snappt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-unauthenticated-session-token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://client.snappt.com
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d06e0fcc82869c1-LAX
date: Thu, 10 Oct 2024 13:15:23 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin
x-request-id: F_0ZuwYeoUltFR8CshpC

POST
H2 200 server_info Show response
fraud-api.snappt.com/v2/ 63 B
134 B 205ms
205ms Fetch
application/json 2606:4700:10::6816:3151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud-api.snappt.com/v2/server_info

Requested by

Host: client.snappt.com
URL: https://client.snappt.com/static/js/main.9ed04646.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c580ab270eaf9edf0467fd7854399b3b2ad71c2d269222951326f0a94964d504

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://client.snappt.com/

Response headers

strict-transport-security: max-age=0; includeSubDomains
x-request-id: F_0ZuxJkBzJRt5kCrzMS
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d06e0fd8a640fb7-LAX
access-control-allow-origin: https://client.snappt.com
date: Thu, 10 Oct 2024 13:15:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H2 401 user Show response
fraud-api.snappt.com/auth/ 45 B
127 B 370ms
225ms XHR
text/plain 2606:4700:10::6816:3151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud-api.snappt.com/auth/user

Requested by

Host: client.snappt.com
URL: https://client.snappt.com/static/js/main.9ed04646.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5098de8b57169504f7b45cf03bd2e622968c0db03d9eb896607035586df7416b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://client.snappt.com/

Response headers

strict-transport-security: max-age=0; includeSubDomains
x-request-id: F_0ZuxBvwnY2U7YClZvC
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d06e0fd29bd0fb7-LAX
access-control-allow-origin: https://client.snappt.com
content-length: 45
date: Thu, 10 Oct 2024 13:15:23 GMT
vary: Origin
server: cloudflare

GET
H2 200 app_version Show response
fraud-api.snappt.com/v2/ 39 B
331 B 357ms
213ms XHR
application/json 2606:4700:10::6816:3151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud-api.snappt.com/v2/app_version

Requested by

Host: client.snappt.com
URL: https://client.snappt.com/static/js/main.9ed04646.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890b3928de2ee7c724d1756fddfcca5f365e85e13ab40f2943c4852a8227526f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://client.snappt.com/

Response headers

strict-transport-security: max-age=0; includeSubDomains
x-request-id: F_0Zuw-ouU0FyFgCwPhy
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d06e0fd29c00fb7-LAX
access-control-allow-origin: https://client.snappt.com
content-length: 39
date: Thu, 10 Oct 2024 13:15:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H2 200 favicon.ico
client.snappt.com/assets/images/ 15 KB
15 KB 192ms
192ms Other
image/x-icon 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/assets/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c772693713eb89d5ee9bd29518610d336f46a1d5187a00412dc50606f45362c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

cache-control: no-cache
etag: "66fdb6e3-3aee"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 15086
x-amz-cf-id: Lowr8lcot2qwqQuniJ1rBxcN1zMGaqfly_7ka4_tA15uK2S1rrbgAA==
date: Thu, 10 Oct 2024 13:15:22 GMT
content-type: image/x-icon
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 heap-2637664708.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 437ms
158ms Script
application/javascript 18.164.116.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2637664708.js

Requested by

Host: client.snappt.com
URL: https://client.snappt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-57.jfk50.r.cloudfront.net

Software

nginx / Express

Resource Hash

9d39c65d2aa5c8d75249e720d4d5f3124e4dcac1bd7fbe5074bed4252a75666c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

content-encoding: br
etag: W/"1d4bc-ny4oqqbxl7Eh/ik2oAjIMbb3FyQ"
age: 2
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: x0LYr0x3G0CgOKuj90vrcO0zMzLsnQgIBewB_LB7AvN7R8otsoIq-A==
date: Thu, 10 Oct 2024 13:15:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-powered-by: Express
server: nginx

GET
H2 200 logo-blue.svg Show response
client.snappt.com/assets/images/ 3 KB
2 KB 312ms
310ms XHR
image/svg+xml 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/assets/images/logo-blue.svg
Requested by: Host: client.snappt.com
URL: https://client.snappt.com/static/js/main.9ed04646.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d437104d962e68e277059523aa7c78a99728bde569b626b339f823916ca50cea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/login

Response headers

cache-control: no-cache
content-encoding: gzip
etag: W/"66fdb6e3-cdf"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6Hq8YMxLXLXjQ2AdOyl65T-HdhXawPZ5smV8vNw3GWTM4OucnQkfKg==
date: Thu, 10 Oct 2024 13:15:23 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 income-verification-login.png
client.snappt.com/assets/images/ 290 KB
291 KB 194ms
193ms Image
image/png 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client.snappt.com/assets/images/income-verification-login.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ad136d03a8cf6ceb0ae70ce2be1c328f4d6710fd8b2166e6c2025822083358f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/login

Response headers

cache-control: no-cache
etag: "66fdb6e3-489a4"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 297380
x-amz-cf-id: PnF-3g0i47rijvaznAhYomxjlOyzZcf4zqW_X6LwdHECd9mIliVK5w==
date: Thu, 10 Oct 2024 13:15:23 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 Roboto-Regular.ttf
client.snappt.com/assets/fonts/ 164 KB
165 KB 368ms
367ms Font
application/octet-stream 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/assets/fonts/Roboto-Regular.ttf
Requested by: Host: client.snappt.com
URL: https://client.snappt.com/assets/fonts/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://client.snappt.com
Referer: https://client.snappt.com/assets/fonts/style.css

Response headers

cache-control: no-cache
etag: "66fdb6e3-29144"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 168260
x-amz-cf-id: mJj64CYBSn0ccytleQzAyrkLH9fcuxmVDjS8DvJPoCn2a0ZkEb9Qag==
date: Thu, 10 Oct 2024 13:15:23 GMT
content-type: application/octet-stream
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
server: nginx
x-amz-cf-pop: JFK52-P6
vary: Accept-Encoding

GET
H2 200 favicon.ico
client.snappt.com/assets/images/ 15 KB
293 B 192ms
191ms Other
image/x-icon 2600:9000:2807:2000:6:801e:cb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.snappt.com/assets/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2807:2000:6:801e:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c772693713eb89d5ee9bd29518610d336f46a1d5187a00412dc50606f45362c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/login

Response headers

content-type: image/x-icon
cache-control: no-cache
etag: "66fdb6e3-3aee"
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 15086
x-amz-cf-id: 1cNqg3iBtvQCebkTraAKdsAcqSM-S_TCIxYQ1cRoD8A0F071TNHPdA==
date: Thu, 10 Oct 2024 13:15:23 GMT
last-modified: Wed, 02 Oct 2024 21:10:59 GMT
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: JFK52-P6

GET
H2 200 h
heapanalytics.com/ 37 B
378 B 387ms
128ms Image
image/gif 54.196.121.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2637664708&u=7124588540253262&v=5402773561551902&s=3319114291885143&b=web&tv=4.0&z=0&h=%2Flogin&d=client.snappt.com&t=SNAPPT%20-%20Fraud%20detection&ts=1728566123842&sch=1200&scw=1600&st=1728566123845&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.121.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-121-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://client.snappt.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Thu, 10 Oct 2024 13:15:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snappt.com/	1970-01-21 09:37:23	Name: _hp2_id.2637664708 Value: %7B%22userId%22%3A%227124588540253262%22%2C%22pageviewId%22%3A%225402773561551902%22%2C%22sessionId%22%3A%223319114291885143%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.snappt.com/	1970-01-21 00:09:27	Name: _hp2_ses_props.2637664708 Value: %7B%22ts%22%3A1728566123842%2C%22d%22%3A%22client.snappt.com%22%2C%22h%22%3A%22%2Flogin%22%7D
client.snappt.com/	1970-01-21 00:09:27	Name: _dd_s Value: logs=1&id=5bfe857f-a833-4558-9be8-6cd3d8348b39&created=1728566122836&expire=1728567022836

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fraud-api.snappt.com/auth/user Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
client.snappt.com
fraud-api.snappt.com
heapanalytics.com
18.164.116.57
2600:9000:2807:2000:6:801e:cb40:93a1
2606:4700:10::6816:3151
54.196.121.108
18f4a27030b531bdc56eaedc3415dd09bedb829c886d381baeb04571c184e510
3c772693713eb89d5ee9bd29518610d336f46a1d5187a00412dc50606f45362c
41046652eca634446a48d432de80181cb12fddddfd4b9b271cde8811f8cdccb7
468c38edee3c0b69aca1434be0be557c4698d84a03c1d2862a22a955b176da1d
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
5098de8b57169504f7b45cf03bd2e622968c0db03d9eb896607035586df7416b
7ad136d03a8cf6ceb0ae70ce2be1c328f4d6710fd8b2166e6c2025822083358f
890b3928de2ee7c724d1756fddfcca5f365e85e13ab40f2943c4852a8227526f
9d39c65d2aa5c8d75249e720d4d5f3124e4dcac1bd7fbe5074bed4252a75666c
a47f1f20c90852aeb9319fdd4596f8b1deabc0d6bb5820a3b2d3b092e298fa15
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c580ab270eaf9edf0467fd7854399b3b2ad71c2d269222951326f0a94964d504
d437104d962e68e277059523aa7c78a99728bde569b626b339f823916ca50cea

client.snappt.com Open in urlscan Pro 2600:9000:2807:2000:6:801e:cb40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

2 Domains

4 Subdomains

4 IPs

1 Countries

1102 kBTransfer

3045 kBSize

3 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

client.snappt.com Open in urlscan Pro
2600:9000:2807:2000:6:801e:cb40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

1102 kB
Transfer

3045 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions