accounts-dot-devsnapchat.appspot.com Open in urlscan Pro
2607:f8b0:4004:c17::99 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts-dot-devsnapchat.appspot.com/accounts/signup
Effective URL:
https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Submission: On December 25 via automatic, source openphish (December 25th 2024, 1:04:23 pm UTC) — Scanned from CA

Summary HTTP 44 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 7 domains to perform 44 HTTP transactions. The main IP is 2607:f8b0:4004:c17::99, located in Washington, United States and belongs to GOOGLE, US. The main domain is accounts-dot-devsnapchat.appspot.com.
TLS certificate: Issued by WR2 on December 2nd 2024. Valid for: 3 months.

This is the only time accounts-dot-devsnapchat.appspot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Snapchat (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2607:f8b0:400... 2607:f8b0:4004:c17::99	15169 (GOOGLE) (GOOGLE)
12	3.5.30.25 3.5.30.25	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c21::cf	15169 (GOOGLE) (GOOGLE)
7	44.202.21.40 44.202.21.40	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::cf	15169 (GOOGLE) (GOOGLE)
1	2600:9000:226... 2600:9000:2269:e800:3:12b1:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
2	199.232.91.18 199.232.91.18	54113 (FASTLY) (FASTLY)
2	172.253.115.207 172.253.115.207	15169 (GOOGLE) (GOOGLE)
3	172.253.115.153 172.253.115.153	15169 (GOOGLE) (GOOGLE)
2	34.149.46.130 34.149.46.130	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
44	13

2 2607:f8b0:4004:c17::99 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

accounts-dot-devsnapchat.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.5.30.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

sc-static-web-assets-dev.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::cf (Washington, United States)

ASN15169 (GOOGLE, US)

snapnet-cdn.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.202.21.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-21-40.compute-1.amazonaws.com

aws.api.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2269:e800:3:12b1:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)

iframe.arkoselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.91.18 (Newark, United States)

ASN54113 (FASTLY, US)

graphql.contentful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.207 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f207.1e100.net

snapnet-cdn.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.153 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f153.1e100.net

accounts-dot-devsnapchat.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.46.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.46.149.34.bc.googleusercontent.com

www.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

gcp.api.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-central1-gcp.api.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	snapchat.com aws.api.snapchat.com — Cisco Umbrella Rank: 584 story.snapchat.com Failed www.snapchat.com — Cisco Umbrella Rank: 20715 gcp.api.snapchat.com — Cisco Umbrella Rank: 649 accounts.snapchat.com Failed us-central1-gcp.api.snapchat.com — Cisco Umbrella Rank: 808 tr.snapchat.com — Cisco Umbrella Rank: 903	4 KB
12	amazonaws.com sc-static-web-assets-dev.s3.amazonaws.com	13 MB
5	appspot.com 1 redirects accounts-dot-devsnapchat.appspot.com	8 KB
4	googleapis.com snapnet-cdn.storage.googleapis.com — Cisco Umbrella Rank: 150709 storage.googleapis.com — Cisco Umbrella Rank: 314	126 KB
2	contentful.com graphql.contentful.com — Cisco Umbrella Rank: 10955	10 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1109	24 KB
1	arkoselabs.com iframe.arkoselabs.com — Cisco Umbrella Rank: 23211
44	7

	Domain	Requested by
12	sc-static-web-assets-dev.s3.amazonaws.com	accounts-dot-devsnapchat.appspot.com sc-static-web-assets-dev.s3.amazonaws.com
7	aws.api.snapchat.com	sc-static-web-assets-dev.s3.amazonaws.com
5	accounts-dot-devsnapchat.appspot.com	1 redirects accounts-dot-devsnapchat.appspot.com sc-static-web-assets-dev.s3.amazonaws.com
3	tr.snapchat.com	sc-static-web-assets-dev.s3.amazonaws.com sc-static.net
3	gcp.api.snapchat.com	sc-static-web-assets-dev.s3.amazonaws.com
3	snapnet-cdn.storage.googleapis.com	accounts-dot-devsnapchat.appspot.com snapnet-cdn.storage.googleapis.com
2	us-central1-gcp.api.snapchat.com	sc-static-web-assets-dev.s3.amazonaws.com
2	www.snapchat.com	sc-static-web-assets-dev.s3.amazonaws.com
2	graphql.contentful.com	sc-static-web-assets-dev.s3.amazonaws.com
1	sc-static.net	accounts-dot-devsnapchat.appspot.com
1	iframe.arkoselabs.com	sc-static-web-assets-dev.s3.amazonaws.com
1	storage.googleapis.com	sc-static-web-assets-dev.s3.amazonaws.com
0	accounts.snapchat.com Failed	sc-static-web-assets-dev.s3.amazonaws.com
0	story.snapchat.com Failed	sc-static-web-assets-dev.s3.amazonaws.com
44	14

This site contains links to these domains. Also see Links.

Domain
www.snap.com
values.snap.com
accounts.snapchat.com
snap.com
careers.snap.com
newsroom.snap.com
help.snapchat.com
forbusiness.snapchat.com
snapchat.com

Subject Issuer	Validity	Valid
*.appspot.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.storage.googleapis.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.api.snapchat.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
storage.googleapis.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
arkoselabs.com Amazon RSA 2048 M02	`2024-04-29` - `2025-05-28`	a year	crt.sh
graphql.contentful.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Frame ID: 9C3E3E5F2FDFD771E4E7DA694C458380
Requests: 36 HTTP requests in this frame

Frame: https://iframe.arkoselabs.com/152E1D0C-D805-4060-A111-6AC82CA6821B/lightbox.html?mkt=en-US
Frame ID: 1BEA29B201D9C856BD10909E542CD231
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=49966cac-c23c-49c7-9ff9-c7f8f6f771ba&u_scsid=ed509290-592f-43f9-9baf-5c110f0abb5f&u_sclid=4378e195-5192-4b2e-99c9-4dc602df51a2
Frame ID: BD18217AFD0CEA361E6BF43A6D7A5572
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up | Snapchat

Page URL History Show full URLs

https://accounts-dot-devsnapchat.appspot.com/accounts/signup HTTP 302
https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Page URL

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"
/semantic(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

93 %
HTTPS

33 %
IPv6

7
Domains

14
Subdomains

13
IPs

1
Countries

13533 kB
Transfer

13677 kB
Size

17
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.snap.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://values.snap.com/privacy/privacy-policy/canada-privacy-notice
Title: Canada Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.snap.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://accounts.snapchat.com/accounts/v2/signup?client_id=ads-api
Title: Click Here

Search URL Search Domain Scan URL

URL: https://snap.com/en-US
Title: Snap Inc.

Search URL Search Domain Scan URL

URL: https://careers.snap.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://newsroom.snap.com/
Title: News

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Support

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/community-guidelines
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/safety/safety-center
Title: Safety Center

Search URL Search Domain Scan URL

URL: https://forbusiness.snapchat.com/?utm_source=accounts_snapchat_com&utm_medium=referral&utm_campaign=internal_referral&utm_content=footer_link
Title: Buy Ads

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/ad-policies/
Title: Advertising Policies

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/political-ads/
Title: Political Ads Library

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/brand-guidelines/
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/7047502545044?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Promotions Rules

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-center/
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/11399265637012?utm_source=snapchat_com&utm_medium=global_footer&utm_campaign=privacy_choices
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/7012332110996?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Report Infringement

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/custom-creative-tools/
Title: Custom Creative Tools Terms

Search URL Search Domain Scan URL

URL: https://snapchat.com/create/terms.html
Title: Community Geofilter Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/lens-studio-license-agreement
Title: Lens Studio Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts-dot-devsnapchat.appspot.com/accounts/signup HTTP 302
https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signup Show response
accounts-dot-devsnapchat.appspot.com/accounts/v2/
Redirect Chain

https://accounts-dot-devsnapchat.appspot.com/accounts/signup
https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup

3 KB
2 KB

664ms
656ms

Document
text/html

2607:f8b0:4004:c17::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::99 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9f98aa7adf426ea6cbf218c044b816a0a75d52292b8500a70ee1e5de052dc83a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://sc-static-web-assets-dev.s3.amazonaws.com 'unsafe-eval' 'unsafe-inline' http://tagmanager.google.com 'sha256-93ejg12EAT+6aW5hUFXASC0su+RZ+zOjgnJgLqJaLmY=' https://sc-static.net https://www.google-analytics.com https://www.googletagmanager.com https://snap-api.arkoselabs.com/ https://accounts.google.com https://www.google.com/recaptcha/ https://www.google.com/js https://www.gstatic.com/ https://apis.google.com/ https://tr.snapchat.com/config/com/49966cac-c23c-49c7-9ff9-c7f8f6f771ba.js; font-src 'self' https://snapnet-cdn.storage.googleapis.com .sc-cdn.net https://storage.googleapis.com/snap-design-system/fonts/ data: https://sc-static-web-assets-dev.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://snapnet-cdn.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com .sc-cdn.net https://storage.googleapis.com/snap-design-system/ blob:; frame-src 'self' https://iframe.arkoselabs.com https://snap-api.arkoselabs.com https://tr.snapchat.com https://www.google.com/ https://client-api.arkoselabs.com/; connect-src 'self' https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master https://sc-static-web-assets-dev.s3.amazonaws.com https://snap-api.arkoselabs.com/ https://tr.snapchat.com https://www.snapchat.com https://accounts.snapchat.com https://web-frontend-dot-sc-analytics.appspot.com https://us-central1-gcp.api.snapchat.com https://staging-us-central1-gcp.api.snapchat.com https://www.google-analytics.com https://sentry.sc-prod.net https://cdn.contentful.com/spaces/kp51zybwznx4/ https://accounts.snap.com/ https://web.snapchat.com/ https://gcp.api.snapchat.com https://story.snapchat.com https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure https://chat-gold.sc-corp.net; img-src 'self' data: https://ssl.gstatic.com https://www.snapchat.com https://sc-oauth2-client-icons-dev.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com https://www.google-analytics.com https://images.ctfassets.net https://sdk.bitmoji.com; media-src 'self' https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com/accounts-resources; form-action 'self' https://.snap.com https://.snapchat.com https://.snap-dev.net https://.sc-corp.net https://localhost:3000 http://localhost:3000 https://staging--auth-web-sso.mesh.sc-corp.net https://accounts.google.com https://iap.googleapis.com; frame-ancestors https://iframe.arkoselabs.com https://profile.snap-dev.net https://snap-profile-manager-dev.appspot.com https://business-manager.snap-dev.net https://enterprise.snap-dev.net;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://iframe.arkoselabs.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0
content-encoding: gzip
content-length: 1104
content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://sc-static-web-assets-dev.s3.amazonaws.com 'unsafe-eval' 'unsafe-inline' http://tagmanager.google.com 'sha256-93ejg12EAT+6aW5hUFXASC0su+RZ+zOjgnJgLqJaLmY=' https://sc-static.net https://www.google-analytics.com https://www.googletagmanager.com https://snap-api.arkoselabs.com/ https://accounts.google.com https://www.google.com/recaptcha/ https://www.google.com/js https://www.gstatic.com/ https://apis.google.com/ https://tr.snapchat.com/config/com/49966cac-c23c-49c7-9ff9-c7f8f6f771ba.js; font-src 'self' https://snapnet-cdn.storage.googleapis.com *.sc-cdn.net https://storage.googleapis.com/snap-design-system/fonts/ data: https://sc-static-web-assets-dev.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://snapnet-cdn.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com *.sc-cdn.net https://storage.googleapis.com/snap-design-system/ blob:; frame-src 'self' https://iframe.arkoselabs.com https://snap-api.arkoselabs.com https://tr.snapchat.com https://www.google.com/ https://client-api.arkoselabs.com/; connect-src 'self' https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master https://sc-static-web-assets-dev.s3.amazonaws.com https://snap-api.arkoselabs.com/ https://tr.snapchat.com https://www.snapchat.com https://accounts.snapchat.com https://web-frontend-dot-sc-analytics.appspot.com https://us-central1-gcp.api.snapchat.com https://staging-us-central1-gcp.api.snapchat.com https://www.google-analytics.com https://sentry.sc-prod.net https://cdn.contentful.com/spaces/kp51zybwznx4/ https://accounts.snap.com/ https://web.snapchat.com/ https://gcp.api.snapchat.com https://story.snapchat.com https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure https://chat-gold.sc-corp.net; img-src 'self' data: https://ssl.gstatic.com https://www.snapchat.com https://sc-oauth2-client-icons-dev.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com https://www.google-analytics.com https://images.ctfassets.net https://sdk.bitmoji.com; media-src 'self' https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com/accounts-resources; form-action 'self' https://*.snap.com https://*.snapchat.com https://*.snap-dev.net https://*.sc-corp.net https://localhost:3000 http://localhost:3000 https://staging--auth-web-sso.mesh.sc-corp.net https://accounts.google.com https://iap.googleapis.com; frame-ancestors https://iframe.arkoselabs.com https://profile.snap-dev.net https://snap-profile-manager-dev.appspot.com https://business-manager.snap-dev.net https://enterprise.snap-dev.net;
content-type: text/html
date: Wed, 25 Dec 2024 13:04:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding, User-Agent
x-cloud-trace-context: ace6a4ae22e85be5228caa5cd4147006
x-content-type-options: nosniff
x-frame-options: allow-from https://iframe.arkoselabs.com
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://sc-static-web-assets-dev.s3.amazonaws.com 'unsafe-eval' 'unsafe-inline' http://tagmanager.google.com 'sha256-93ejg12EAT+6aW5hUFXASC0su+RZ+zOjgnJgLqJaLmY=' https://sc-static.net https://www.google-analytics.com https://www.googletagmanager.com https://snap-api.arkoselabs.com/ https://accounts.google.com https://www.google.com/recaptcha/ https://www.google.com/js https://www.gstatic.com/ https://apis.google.com/ https://tr.snapchat.com/config/com/49966cac-c23c-49c7-9ff9-c7f8f6f771ba.js; font-src 'self' https://snapnet-cdn.storage.googleapis.com *.sc-cdn.net https://storage.googleapis.com/snap-design-system/fonts/ data: https://sc-static-web-assets-dev.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://snapnet-cdn.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com *.sc-cdn.net https://storage.googleapis.com/snap-design-system/ blob:; frame-src 'self' https://iframe.arkoselabs.com https://snap-api.arkoselabs.com https://tr.snapchat.com https://www.google.com/ https://client-api.arkoselabs.com/; connect-src 'self' https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master https://sc-static-web-assets-dev.s3.amazonaws.com https://snap-api.arkoselabs.com/ https://tr.snapchat.com https://www.snapchat.com https://accounts.snapchat.com https://web-frontend-dot-sc-analytics.appspot.com https://us-central1-gcp.api.snapchat.com https://staging-us-central1-gcp.api.snapchat.com https://www.google-analytics.com https://sentry.sc-prod.net https://cdn.contentful.com/spaces/kp51zybwznx4/ https://accounts.snap.com/ https://web.snapchat.com/ https://gcp.api.snapchat.com https://story.snapchat.com https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure https://chat-gold.sc-corp.net; img-src 'self' data: https://ssl.gstatic.com https://www.snapchat.com https://sc-oauth2-client-icons-dev.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com https://www.google-analytics.com https://images.ctfassets.net https://sdk.bitmoji.com; media-src 'self' https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com/accounts-resources; form-action 'self' https://*.snap.com https://*.snapchat.com https://*.snap-dev.net https://*.sc-corp.net https://localhost:3000 http://localhost:3000 https://staging--auth-web-sso.mesh.sc-corp.net https://accounts.google.com https://iap.googleapis.com; frame-ancestors https://iframe.arkoselabs.com https://profile.snap-dev.net https://snap-profile-manager-dev.appspot.com https://business-manager.snap-dev.net https://enterprise.snap-dev.net;
content-type: text/html
date: Wed, 25 Dec 2024 13:04:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: /accounts/v2/signup
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubdomains
x-cloud-trace-context: af23fa696ac6b7559425204c913a3c5c
x-content-type-options: nosniff
x-frame-options: allow-from https://iframe.arkoselabs.com
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK semantic.min.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 401 KB
401 KB 250ms
104ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/semantic.min.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: 5hXzip64UmcVAMPBp8pZAq+ur6t+9GEf5GpBgR3M7acnUU4WXVeSxIlgjY8e0kc/j7QPKqWobDn2AiHpwhNXbOSiH6Jrtwwd
Cache-Control: max-age=300,public,immutable
ETag: "ae47b4a71f2dcf1a770cdf6e0cd9b793"
x-amz-request-id: BNN95ASN6K666SJQ
Accept-Ranges: bytes
Content-Length: 410126
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK dropdown.min.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 23 KB
23 KB 223ms
77ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/dropdown.min.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: jBluky1JeuLrO5M8mChTWcjEIOJMpTBF6jwdsErIs5Mwr9h2zeN4EhhAy975D5f8XoKCa0DwIf/uQyR78ftoM6CqteaHqq9H
Cache-Control: max-age=300,public,immutable
ETag: "57c7d369fd2aa0aacf62461986d3f397"
x-amz-request-id: BNN7MZRA0B43S5WZ
Accept-Ranges: bytes
Content-Length: 23479
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK snapchat.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 1 KB
2 KB 250ms
105ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/snapchat.css?t=0
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: QnWnJJUORgNpGANSm6x+YNSs2mrMtvyIoB18FdecD8f0HT/qwiksWFzg452SYY/X6xjSCSf9UBRqGDoP17zJI8I6jvcY1TML
Cache-Control: max-age=300,public,immutable
ETag: "e0afb0c16b895721570e6fb4f5f94ac4"
x-amz-request-id: BNNDC0HX2C8HRM24
Accept-Ranges: bytes
Content-Length: 1260
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK accounts.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 2 KB
2 KB 275ms
130ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/accounts.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: gcJ1+TNsgpgzbGmHBpsSYRcO9MmO3k2/U0baDhRnZqSFa45APGfHrO7QpJrDbk+OF5pKtpXAr5mxbG+yBnZleG7SYcnip1BN
Cache-Control: max-age=300,public,immutable
ETag: "5e1891f1ab4c789cd7cae191ad69e8fc"
x-amz-request-id: BNNDFY1G89TA7MBF
Accept-Ranges: bytes
Content-Length: 1897
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK auth.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 1 KB
2 KB 224ms
79ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/auth.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: HBdbD/3N98TNfwzMgxNEahnab4sRlE1K+ufrOYdEjE3gdggjqJ1t/4206FZanhhaCVySsyzd+GccP09/VhuyYUXctAh94/NY
Cache-Control: max-age=300,public,immutable
ETag: "e8e184f13540f36644b9255056ba25e7"
x-amz-request-id: BNN25284DK34KEB2
Accept-Ranges: bytes
Content-Length: 1448
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK revoke.css
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/ 1 KB
2 KB 222ms
78ms Stylesheet
text/css 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/styles/revoke.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: o/VadGa8zsOtj2FhevqXoWTEx2uRhSax67i18wy2qZ17wyBFSEmOBalFc9mn01/yWJVxJO9FX9BHe8xRPaAnJcGi3PkQJ7Sh
Cache-Control: max-age=300,public,immutable
ETag: "e48dd947385838553b944fca5c7d6c16"
x-amz-request-id: BNN8T9S9RTQ3X4YK
Accept-Ranges: bytes
Content-Length: 1150
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK jquery.min.js Show response
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 82 KB
83 KB 362ms
79ms Script
text/javascript 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/jquery.min.js
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: G7gcxq9D+cS359qBCRujwEswDO5AR8sgPKdXsCRhc684AhjfJjqqU6qbQQbNRHD31kwT+7rURKVkksS71Vwh4jGUujbD0cQ2
Cache-Control: max-age=300,public,immutable
ETag: "32015dd42e9582a80a84736f5d9a44d7"
x-amz-request-id: BNNDSTD9Y9YSGWRA
Accept-Ranges: bytes
Content-Length: 84320
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:58 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK semantic.min.js Show response
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 220 KB
221 KB 423ms
98ms Script
text/javascript 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/semantic.min.js
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 315e836cbde156652aa9162e5fd32ede267ffbffc664582b0ff4607e6adc9403

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: dxouYntjwhQXUFomYoc0nt1gUdH8bUCApCjmsiZHw5mw5WF4K1CbNjVGU39sk1JsSw5btnaInrbOcp2uviXjK9mvZmjkfVFb
Cache-Control: max-age=300,public,immutable
ETag: "c1e03715299be04eebee50331ea2d499"
x-amz-request-id: BNN8FVCBRJCD9VZC
Accept-Ranges: bytes
Content-Length: 225346
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK dropdown.min.js Show response
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 43 KB
43 KB 315ms
52ms Script
text/javascript 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/dropdown.min.js
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c574a0ad7694f369a2e7ada44fc2e958136ff4c4beb98114e79e2b868eacb0bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: 0266YLkk3shstqtSzIZ2xUZMZNmgSCSawK+axvhhIeOOG0tgY7z3xFP+nEd+oJbwyHgYB63G3fdqMaRL8ALsxeSo7THPAbVf
Cache-Control: max-age=300,public,immutable
ETag: "e0a670d2bf2702e7bcaa5dbd0c4407cd"
x-amz-request-id: BNNF8QQMNRDH49A5
Accept-Ranges: bytes
Content-Length: 43975
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:58 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK accounts-dev.js Show response
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 2 KB
2 KB 315ms
59ms Script
text/javascript 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/accounts-dev.js
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 15dde3b26505097bbb438821c968b67c9e303deada0367ae9b5a77d6b2370ce6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: 0hBqa342ezOCd+WRwuh6PNsI9ABHSLFY19gOGJfdFseNQFVK5fAxiGRUXvGTn220okTrqYYptnJgrhdpUXDR+1y2D9DU8p/a
Cache-Control: max-age=300,public,immutable
ETag: "ac89af6884616a4accf6708a99cbd250"
x-amz-request-id: BNN563EXXTQAP55R
Accept-Ranges: bytes
Content-Length: 1956
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:58 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 avenirnext.font.css
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 3 KB
855 B 158ms
32ms Stylesheet
text/css 2607:f8b0:4004:c21::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48ec1864836be0c08309078bb22c6c5d979a977ddb9c4199f73eb1a3652ab441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-goog-metageneration: 4
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=pWMf2w==, md5=WhcAM0ypNVDqAQqsjSyPTg==
etag: "5a1700334ca93550ea010aac8d2c8f4e"
age: 1168
x-goog-stored-content-encoding: gzip
expires: Wed, 25 Dec 2024 13:44:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 333
date: Wed, 25 Dec 2024 12:44:42 GMT
last-modified: Wed, 30 Sep 2020 04:03:08 GMT
content-type: text/css
x-guploader-uploadid: AFiumC6acKputvK8hTIfEmKZG1EuZK6gHQHMX8qX0Ypr6trrXDko20ubehQ-Kmno34Bwzw-EPP4PqcU
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1601438588977969
content-length: 333
content-language: en
server: UploadServer

GET
H/1.1 200
OK signup.js Show response
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 12 MB
12 MB 359ms
104ms Script
text/javascript 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/signup.js?v=67a491081734478912260e4b123c6ffa80c8daa295c0f6d981934d3183878c24%20%20src%2Fmain%2Fwebapp%2Faccounts%2Fstatic%2Fscripts%2Fmain.js%20master9ffb12af
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02d552ca91156c37dd1bb81e6699d94c40c735b82c95a1426236bab2f20e73f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: 5APFq4mrtpk7MRwD+FpHufwPd4I080WW1erjGB1op+fZnHC5h8Opr6MCVQE5ezCQHRbqJW9+ZO6dy3cmfaBOb2fsoFedR/c3
Cache-Control: max-age=300,public,immutable
ETag: "70e8d92c176148df35a3d175d0ac1d0b-2"
x-amz-request-id: BNN8G51Z749GF2SD
Accept-Ranges: bytes
Content-Length: 12882491
Date: Wed, 25 Dec 2024 13:04:11 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:59 GMT
Content-Type: text/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 targetingQuery
aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/ Frame 0
0 190ms
33ms Preflight 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-40.compute-1.amazonaws.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-grpc-web,x-snap-client-user-agent
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
access-control-max-age: 600
date: Wed, 25 Dec 2024 13:04:15 GMT
server: API Gateway

POST
H2 200 targetingQuery Show response
aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/ 484 B
541 B 53ms
33ms Fetch
application/grpc-web+proto 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery

Requested by

Host: sc-static-web-assets-dev.s3.amazonaws.com
URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/signup.js?v=67a491081734478912260e4b123c6ffa80c8daa295c0f6d981934d3183878c24%20%20src%2Fmain%2Fwebapp%2Faccounts%2Fstatic%2Fscripts%2Fmain.js%20master9ffb12af

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-202-21-40.compute-1.amazonaws.com

Software

API Gateway /

Resource Hash

55de3c1e3b6440469c2294532ca71ed1c3b9fadb98d65057193741b9e0543a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
x-snap-client-user-agent: SnapchatWeb/0.0.0.0 PROD (linux 0.0.0; chrome 131.0.0.0)
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/grpc-web+proto
x-grpc-web: 1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
grpc-accept-encoding: gzip
reqid: DHSA2ljfK0
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
date: Wed, 25 Dec 2024 13:04:15 GMT
content-type: application/grpc-web+proto
grpc-encoding: identity
server: API Gateway

GET
H2 200 font.graphik.css
storage.googleapis.com/snap-design-system/fonts/ 8 KB
8 KB 150ms
41ms Stylesheet
text/css 2607:f8b0:4004:c1d::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/snap-design-system/fonts/font.graphik.css
Requested by: Host: sc-static-web-assets-dev.s3.amazonaws.com
URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/signup.js?v=67a491081734478912260e4b123c6ffa80c8daa295c0f6d981934d3183878c24%20%20src%2Fmain%2Fwebapp%2Faccounts%2Fstatic%2Fscripts%2Fmain.js%20master9ffb12af
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aa2c8490e58ec24a622bd9226a5c4c70fb1143e8df1fedbf38c25c8d76012398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=krLCNA==, md5=usFiwLxVjutEupkiBrjRDw==
etag: "bac162c0bc558eeb44ba992206b8d10f"
age: 3083
x-goog-stored-content-encoding: identity
expires: Wed, 25 Dec 2024 13:12:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7998
date: Wed, 25 Dec 2024 12:12:52 GMT
last-modified: Fri, 24 May 2024 21:12:29 GMT
content-type: text/css
x-guploader-uploadid: AFiumC6_QsB488FATmjfQqsf3f8f2NEiXN71pzaDS8htfIF4JLfxwkjhU256ALHg3W5OkRfg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1716585149004175
content-length: 7998
server: UploadServer

GET
H2 200 lightbox.html
iframe.arkoselabs.com/152E1D0C-D805-4060-A111-6AC82CA6821B/ Frame 1BEA 0
0 196ms
31ms Document
text/html 2600:9000:2269:e800:3:12b1:2300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iframe.arkoselabs.com/152E1D0C-D805-4060-A111-6AC82CA6821B/lightbox.html?mkt=en-US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:e800:3:12b1:2300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; connect-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; font-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; frame-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; img-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com data:; script-src 'self' 'unsafe-inline' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; style-src 'self' 'unsafe-inline' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Device-Memory, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-DPR, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-Viewport-Width, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-Width, Sec-CH-UA-Form-Factors
age: 8061
alt-svc: h3=":443"; ma=86400
cache-control
content-encoding: br
content-security-policy: default-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; connect-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; font-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; frame-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; img-src 'self' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com data:; script-src 'self' 'unsafe-inline' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com; style-src 'self' 'unsafe-inline' iframe.arkoselabs.com client-api.arkoselabs.com snap-api.arkoselabs.com;
content-type: text/html
date: Wed, 25 Dec 2024 10:49:54 GMT
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy: strict-origin-when-cross-origin
server: cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
x-amz-cf-id: zc9cMcLdOSrSEt3ZU1MBLBnK9F3H_17DSVvDvJTOxHxYJkQvnsmENA==
x-amz-cf-pop: IAD89-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 targetingQuery
aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/ Frame 0
0 139ms
34ms Preflight 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-40.compute-1.amazonaws.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-grpc-web,x-snap-client-user-agent
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
access-control-max-age: 600
date: Wed, 25 Dec 2024 13:04:15 GMT
server: API Gateway

OPTIONS
H2 204 master
graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/ Frame 0
0 178ms
23ms Preflight 199.232.91.18
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.91.18 Newark, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 18014
date: Wed, 25 Dec 2024 13:04:15 GMT
server: Contentful
strict-transport-security: max-age=15768000
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 256
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 6a6f94b6-9fbb-45c6-a850-9b7591c5a038
x-served-by: cache-ewr-kewr1740035-EWR
x-timer: S1735131856.783242,VS0,VE0

POST
H2 200 targetingQuery Show response
aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/ 2 KB
2 KB 52ms
32ms Fetch
application/grpc-web+proto 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-202-21-40.compute-1.amazonaws.com

Software

API Gateway /

Resource Hash

5ff6fa9ff4ddc616837c3be58a534e5d4dd9bd996d46aca584c6ac927633218b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
x-snap-client-user-agent: SnapchatWeb/0.0.0.0 PROD (linux 0.0.0; chrome 131.0.0.0)
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/grpc-web+proto
x-grpc-web: 1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
grpc-accept-encoding: gzip
reqid: VFlQ7eZ4MQ
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
date: Wed, 25 Dec 2024 13:04:15 GMT
content-type: application/grpc-web+proto
grpc-encoding: identity
server: API Gateway

GET f072a46b266e65f3731d.wasm
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/ 0
0

POST web-page-view
story.snapchat.com/report-metrics/ 0
0

POST
H2 200 master Show response
graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/ 123 KB
10 KB 25ms
24ms XHR
application/json 199.232.91.18
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.91.18 Newark, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

0504be6cb9f059d44842e8181814cbc6e296ed27a54570dea500d36068791577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer dpk-7L7rGYzkKk-jZwtIDnyhui6DgLq6VTapJNI7W44
Referer: https://accounts-dot-devsnapchat.appspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
content-type: application/json

Response headers

access-control-max-age: 86400
x-contentful-region: us-east-1
access-control-expose-headers: Etag
content-encoding: gzip
etag: 2037498200816642994
age: 329761
x-content-type-options: nosniff
access-control-allow-methods: GET,POST,HEAD,OPTIONS
x-cache: HIT
date: Wed, 25 Dec 2024 13:04:15 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-ewr-kewr1740035-EWR
x-cache-hits: 5749
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-graphql-query-cost: 2011
strict-transport-security: max-age=15768000
x-contentful-route: /spaces/:spaceId/environments/:environmentId
cache-control: max-age=0
contentful-api: gql
contentful-upstream: graph-api
x-timer: S1735131856.808051,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9545
x-contentful-request-id: 970c9c32-389e-46de-94d3-3f85c954a9d4
server: Contentful

GET
H3 200 AvenirNext-DemiBold.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 58 KB
58 KB 116ms
36ms Font
font/woff2 172.253.115.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/AvenirNext-DemiBold.woff2
Requested by: Host: snapnet-cdn.storage.googleapis.com
URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f207.1e100.net
Software: UploadServer /
Resource Hash: bd177a4f083c686f63ccafb9de27a81b59da32dd43d37e70d4875ce93e20cf40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://accounts-dot-devsnapchat.appspot.com
Referer: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=LEN0oQ==, md5=DCRiqLtf40b3Rz9jG+x92A==
etag: "0c2462a8bb5fe346f7473f631bec7dd8"
age: 814
x-goog-stored-content-encoding: gzip
expires: Wed, 25 Dec 2024 13:50:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 59647
date: Wed, 25 Dec 2024 12:50:41 GMT
last-modified: Wed, 30 Sep 2020 04:03:09 GMT
content-type: font/woff2
x-guploader-uploadid: AFiumC7JxtK0WJcSC3kGmSylVExKkU5QOCWkeCXyrsnDavQADETElVxiEzXUByEWUnSMD5qbAVW1FG8
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1601438589595778
content-length: 59647
content-language: en
server: UploadServer

GET
H3 200 AvenirNext-Medium.woff2
snapnet-cdn.storage.googleapis.com/fonts/avenir-next/ 58 KB
58 KB 108ms
31ms Font
font/woff2 172.253.115.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/AvenirNext-Medium.woff2
Requested by: Host: snapnet-cdn.storage.googleapis.com
URL: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f207.1e100.net
Software: UploadServer /
Resource Hash: 51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://accounts-dot-devsnapchat.appspot.com
Referer: https://snapnet-cdn.storage.googleapis.com/fonts/avenir-next/avenirnext.font.css

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=Whu4Dg==, md5=7I4YxNczSU7/dJyc/prUnw==
etag: "ec8e18c4d733494eff749c9cfe9ad49f"
age: 3474
x-goog-stored-content-encoding: gzip
expires: Wed, 25 Dec 2024 13:06:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 59626
date: Wed, 25 Dec 2024 12:06:21 GMT
last-modified: Wed, 30 Sep 2020 04:03:09 GMT
content-type: font/woff2
x-guploader-uploadid: AFiumC5a_CdMPq900pWeN8heyTo0PDqk1oHa0RwudeAcjSNzZPd9C-NOLPKGIfCFMue3pELwRXupfUQ
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1601438589645398
content-length: 59626
content-language: en
server: UploadServer

GET
H3 200 snapchat-app-icon.svg
accounts-dot-devsnapchat.appspot.com/accounts/static/images/ghost/ 5 KB
2 KB 224ms
219ms Image
image/svg+xml 172.253.115.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-dot-devsnapchat.appspot.com/accounts/static/images/ghost/snapchat-app-icon.svg

Requested by

Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.153 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f153.1e100.net

Software

Google Frontend /

Resource Hash

6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "yx29sQ"
expires: Wed, 25 Dec 2024 13:14:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 13:04:15 GMT
x-cloud-trace-context: efce13700092fd0616872586f247d4d3
content-type: image/svg+xml
server: Google Frontend
x-frame-options: DENY

GET
H3 200 show-password-icon.svg
accounts-dot-devsnapchat.appspot.com/accounts/static/images/password/ 895 B
528 B 246ms
241ms Image
image/svg+xml 172.253.115.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-dot-devsnapchat.appspot.com/accounts/static/images/password/show-password-icon.svg

Requested by

Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.153 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f153.1e100.net

Software

Google Frontend /

Resource Hash

05fda1f6a09591e02270bac8997ee716e7b6225350ebf988465bab7779b9c5da

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: "yx29sQ"
expires: Wed, 25 Dec 2024 13:14:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 13:04:15 GMT
x-cloud-trace-context: efce13700092fd0616872586f247d4d3
content-type: image/svg+xml
server: Google Frontend
x-frame-options: DENY

GET
H2 200 is_cookie_popup_eligible Show response
www.snapchat.com/cookies/api/ 22 B
292 B 213ms
70ms Fetch
application/json 34.149.46.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.snapchat.com/cookies/api/is_cookie_popup_eligible

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway / Express

Resource Hash

77376ca190ac5007d908da4bc655ecfbe64fc9baf92a07c7ece238b52894cba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"16-lpNuvHLSLPolaQuxG9Sc9I+V/KY"
via: 1.1 google, 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: API Gateway
x-cloud-trace-context: 9350ebf81fea759dd62cdd87d15a8685

GET
H2 200 user_location Show response
www.snapchat.com/cookies/api/ 57 B
170 B 221ms
78ms Fetch
application/json 34.149.46.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.snapchat.com/cookies/api/user_location

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway / Express

Resource Hash

dac2428c655712f379f3b11240ad4621ebf9a71931573ce77e3e777d90fc623e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"39-r0MkAqKsFX4JU8SvHB6av4OFdBg"
via: 1.1 google, 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: API Gateway
x-cloud-trace-context: 5b6ff89e8fb98e4995930ece13de18f7

OPTIONS
H2 200 BatchUpdateAbExposure
aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/ Frame 0
0 42ms
42ms Preflight 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-40.compute-1.amazonaws.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-grpc-web
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
access-control-max-age: 600
date: Wed, 25 Dec 2024 13:04:15 GMT
server: API Gateway

POST
H2 200 BatchUpdateAbExposure Show response
aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/ 25 B
74 B 51ms
43ms Fetch
application/grpc-web+proto 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-202-21-40.compute-1.amazonaws.com

Software

API Gateway /

Resource Hash

a7fbae6ea5b5b8999052b17829abb1525baeaa9c9c105484f31f1a9ff2e17e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/grpc-web+proto
x-grpc-web: 1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
grpc-accept-encoding: gzip
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
date: Wed, 25 Dec 2024 13:04:15 GMT
content-type: application/grpc-web+proto
grpc-encoding: identity
server: API Gateway

GET
H/1.1 200
OK favicon.png
sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/images/favicon/ 3 KB
3 KB 50ms
49ms Other
image/png 3.5.30.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/images/favicon/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 673e11d75bc71ea8e88c9057bd0cd95a88d213442aca91a061bbdaebf0903723

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

x-amz-id-2: QJ9+CYQcZQDCSzqmRGHgLoHQ6sGNxtEuMBPbverAKGk+5wyQxY6lzgGVSGFJxWHrxCm7YPeITKc+OOm0VDA95uqY17ygl7U1
Cache-Control: max-age=300,public,immutable
ETag: "66dede62866ec5017b2e8b021b9a5825"
x-amz-request-id: F4HCG5HYZNFX03EA
Accept-Ranges: bytes
Content-Length: 2753
Date: Wed, 25 Dec 2024 13:04:17 GMT
Last-Modified: Fri, 20 Dec 2024 02:30:57 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 metrics Show response
gcp.api.snapchat.com/web/ 0
94 B 38ms
36ms XHR
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp.api.snapchat.com/web/metrics

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
X-Snapchat-Web-Client-Auth: OWI2M2U0ZGM3NGYzMzU0YTJlMmNkYTcxY2QzMmFkMWExOGUzYWZmYmI2NGUzYmE2OTQ2Yjk5YTJhYzlmZmRkZToxNzM1MTMxODU2MjUw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-protobuf

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Dec 2024 13:04:16 GMT
server: API Gateway

OPTIONS
H2 200 metrics
gcp.api.snapchat.com/web/ Frame 0
0 95ms
33ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gcp.api.snapchat.com/web/metrics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-snapchat-web-client-auth
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Snapchat-Web-Client-Auth,Content-Type,X-Snap-Route-Tag
access-control-allow-methods: POST
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Dec 2024 13:04:15 GMT
server: API Gateway
via: 1.1 google

GET
H3 200 pixel.js Show response
accounts-dot-devsnapchat.appspot.com/accounts/static/scripts/ 614 B
388 B 215ms
215ms Script
text/javascript 172.253.115.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts-dot-devsnapchat.appspot.com/accounts/static/scripts/pixel.js
Requested by: Host: sc-static-web-assets-dev.s3.amazonaws.com
URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/signup.js?v=67a491081734478912260e4b123c6ffa80c8daa295c0f6d981934d3183878c24%20%20src%2Fmain%2Fwebapp%2Faccounts%2Fstatic%2Fscripts%2Fmain.js%20master9ffb12af
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.153 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f153.1e100.net
Software: Google Frontend /
Resource Hash: e90219998b2c3054440012620f51072b4705ec8be6c415912b5fc55001f61ccd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

cache-control: public, max-age=300
content-encoding: gzip
etag: "yx29sQ"
age: 0
expires: Wed, 25 Dec 2024 13:09:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
date: Wed, 25 Dec 2024 13:04:16 GMT
x-cloud-trace-context: a0b7f8db27f10f6e13ec6331dd90280b
content-type: text/javascript
server: Google Frontend

POST sso
accounts.snapchat.com/accounts/ 0
0

OPTIONS
H2 200 init_client
us-central1-gcp.api.snapchat.com/web-analytics/web/ Frame 0
0 89ms
48ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-gcp.api.snapchat.com/web-analytics/web/init_client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts-dot-devsnapchat.appspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,X-Snap-Route-Tag,X-Blizzard-Upload-Timestamp,X-Spectrum-Upload-Timestamp
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Dec 2024 13:04:16 GMT
server: API Gateway
via: 1.1 google

POST
H2 200 targetingQuery Show response
aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/ 266 B
349 B 40ms
38ms Fetch
application/grpc-web+proto 44.202.21.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.202.21.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-202-21-40.compute-1.amazonaws.com

Software

API Gateway /

Resource Hash

b4c70297cb7ff12e0d40412324c3e2e78c83eadbe7f50197b2551123e62a780e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
x-snap-client-user-agent: SnapchatWeb/0.0.0 PROD (linux 0.0.0; chrome 131.0.0.0)
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/grpc-web+proto
x-grpc-web: 1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
grpc-accept-encoding: gzip
reqid: 29z6pruoqg
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/grpc-web+proto
grpc-encoding: identity
server: API Gateway

POST
H3 200 init_client Show response
us-central1-gcp.api.snapchat.com/web-analytics/web/ 245 B
263 B 52ms
51ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://us-central1-gcp.api.snapchat.com/web-analytics/web/init_client

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

b47258d7494c242aa47dfc4d7797334b053fce2106e9e7878699e2c847b1318d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/json;charset=utf-8
server: API Gateway

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 266ms
51ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: accounts-dot-devsnapchat.appspot.com
URL: https://accounts-dot-devsnapchat.appspot.com/accounts/static/scripts/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 300a8a5d2745578efb5cc8c55d73f2443e395df85fe5cc7df01a05f8ebf694c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23827
x-amz-cf-id: 6PrVZ6xBJDFHkGqZ6JutlEbnts255Mp2cXx-hZT5J4WlXeJKddAh7w==
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: YUL62-P1
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 49966cac-c23c-49c7-9ff9-c7f8f6f771ba.json Show response
tr.snapchat.com/config/com/ 121 B
429 B 152ms
102ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/49966cac-c23c-49c7-9ff9-c7f8f6f771ba.json?v=3.35.1-2412242153

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

3314763c481aff85e0b1ec5af0b4323ef2c5dd8b5ee8600b2a656421740eaf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 38
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google, 1.1 google
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121
date: Wed, 25 Dec 2024 13:04:16 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame BD18 0
0 129ms
66ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=49966cac-c23c-49c7-9ff9-c7f8f6f771ba&u_scsid=ed509290-592f-43f9-9baf-5c110f0abb5f&u_sclid=4378e195-5192-4b2e-99c9-4dc602df51a2

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Wed, 25 Dec 2024 13:04:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

POST
H3 200 p
tr.snapchat.com/ 0
16 B 90ms
69ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://accounts-dot-devsnapchat.appspot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
content-length: 0
date: Wed, 25 Dec 2024 13:04:17 GMT
server: API Gateway

POST
H3 200 metrics Show response
gcp.api.snapchat.com/web/ 0
14 B 38ms
37ms XHR
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp.api.snapchat.com/web/metrics

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts-dot-devsnapchat.appspot.com/
X-Snapchat-Web-Client-Auth: YjM4NTY3MGM2YWVjMDIwZGU4NTMxMTg0ZDIzN2FmOTIwNjM4M2I1ZDZiNWI4YmJmYzUxZDc1YTMyY2FkZjc2ZToxNzM1MTMxODYxMzQx
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-protobuf

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://accounts-dot-devsnapchat.appspot.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Dec 2024 13:04:21 GMT
server: API Gateway

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sc-static-web-assets-dev.s3.amazonaws.com
URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/f072a46b266e65f3731d.wasm

Domain: story.snapchat.com
URL: https://story.snapchat.com/report-metrics/web-page-view

Domain: accounts.snapchat.com
URL: https://accounts.snapchat.com/accounts/sso?client_id=snapchat-com-metrics

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Snapchat (Instant Messenger)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 02:00:18	Name: X-AB Value: 40d9ebe90b3b49959b010f40e839335f
accounts-dot-devsnapchat.appspot.com/accounts/	1970-01-21 02:00:18	Name: xsrf_token Value: Fum70wZMfL0qIzmEOFftpQ
accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: sc-wcid Value: 5af356d4-1d43-4ea0-9545-8bf96acba2d3
.arkoselabs.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2Tcy_EqLJ0qhYnviOGCTm_1P9sZBMu9.hAx5FSqz2z4-1717104076479-0.0.1.1-604800000
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: sc-cookies-accepted Value: true
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: EssentialSession Value: true
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: Preferences Value: true
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: Performance Value: true
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 10:44:27	Name: Marketing Value: true
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 11:28:38	Name: _scid Value: P75XGtjOGVDj5-aSIR16fDnDE5XS5luL
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 11:28:38	Name: _scid_r Value: P75XGtjOGVDj5-aSIR16fDnDE5XS5luL
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 02:08:56	Name: _ScCbts Value: %5B%5D
.snapchat.com/	1970-01-21 11:20:27	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwREAEAwEwIoyc3GC0Q1JVKF4X/taZIsdBWKkS83jMkqkOJOHqy3Ar1ZM7TSlDuv3Kx6dM/gtQAAAAA==
.tapad.com/	1970-01-21 03:25:15	Name: TapAd_TS Value: 1735131857248
.tapad.com/	1970-01-21 03:25:15	Name: TapAd_DID Value: 3dbc02f2-5339-4fe0-ade4-6727d1cfd620
.tapad.com/	1970-01-21 03:25:15	Name: TapAd_3WAY_SYNCS Value:
.accounts-dot-devsnapchat.appspot.com/	1970-01-21 11:28:38	Name: _sctr Value: 1%7C1735113600000

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Message: Access to fetch at 'https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/f072a46b266e65f3731d.wasm' from origin 'https://accounts-dot-devsnapchat.appspot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://sc-static-web-assets-dev.s3.amazonaws.com/public/accounts-ui/static/1734661444/scripts/f072a46b266e65f3731d.wasm Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Message: Access to fetch at 'https://story.snapchat.com/report-metrics/web-page-view' from origin 'https://accounts-dot-devsnapchat.appspot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://story.snapchat.com/report-metrics/web-page-view Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://accounts-dot-devsnapchat.appspot.com/accounts/v2/signup Message: Access to fetch at 'https://accounts.snapchat.com/accounts/sso?client_id=snapchat-com-metrics' from origin 'https://accounts-dot-devsnapchat.appspot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://accounts.snapchat.com/accounts/sso?client_id=snapchat-com-metrics Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://sc-static-web-assets-dev.s3.amazonaws.com 'unsafe-eval' 'unsafe-inline' http://tagmanager.google.com 'sha256-93ejg12EAT+6aW5hUFXASC0su+RZ+zOjgnJgLqJaLmY=' https://sc-static.net https://www.google-analytics.com https://www.googletagmanager.com https://snap-api.arkoselabs.com/ https://accounts.google.com https://www.google.com/recaptcha/ https://www.google.com/js https://www.gstatic.com/ https://apis.google.com/ https://tr.snapchat.com/config/com/49966cac-c23c-49c7-9ff9-c7f8f6f771ba.js; font-src 'self' https://snapnet-cdn.storage.googleapis.com .sc-cdn.net https://storage.googleapis.com/snap-design-system/fonts/ data: https://sc-static-web-assets-dev.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://snapnet-cdn.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com .sc-cdn.net https://storage.googleapis.com/snap-design-system/ blob:; frame-src 'self' https://iframe.arkoselabs.com https://snap-api.arkoselabs.com https://tr.snapchat.com https://www.google.com/ https://client-api.arkoselabs.com/; connect-src 'self' https://graphql.contentful.com/content/v1/spaces/kp51zybwznx4/environments/master https://sc-static-web-assets-dev.s3.amazonaws.com https://snap-api.arkoselabs.com/ https://tr.snapchat.com https://www.snapchat.com https://accounts.snapchat.com https://web-frontend-dot-sc-analytics.appspot.com https://us-central1-gcp.api.snapchat.com https://staging-us-central1-gcp.api.snapchat.com https://www.google-analytics.com https://sentry.sc-prod.net https://cdn.contentful.com/spaces/kp51zybwznx4/ https://accounts.snap.com/ https://web.snapchat.com/ https://gcp.api.snapchat.com https://story.snapchat.com https://aws.api.snapchat.com/snapchat.cdp.cof.CircumstancesService/targetingQuery https://aws.api.snapchat.com/snapchat.ab.exposure_service.ExposureService/BatchUpdateAbExposure https://chat-gold.sc-corp.net; img-src 'self' data: https://ssl.gstatic.com https://www.snapchat.com https://sc-oauth2-client-icons-dev.storage.googleapis.com https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com https://www.google-analytics.com https://images.ctfassets.net https://sdk.bitmoji.com; media-src 'self' https://sc-static-web-assets-dev.s3.amazonaws.com https://storage.googleapis.com/accounts-resources; form-action 'self' https://.snap.com https://.snapchat.com https://.snap-dev.net https://.sc-corp.net https://localhost:3000 http://localhost:3000 https://staging--auth-web-sso.mesh.sc-corp.net https://accounts.google.com https://iap.googleapis.com; frame-ancestors https://iframe.arkoselabs.com https://profile.snap-dev.net https://snap-profile-manager-dev.appspot.com https://business-manager.snap-dev.net https://enterprise.snap-dev.net;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://iframe.arkoselabs.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-dot-devsnapchat.appspot.com
accounts.snapchat.com
aws.api.snapchat.com
gcp.api.snapchat.com
graphql.contentful.com
iframe.arkoselabs.com
sc-static-web-assets-dev.s3.amazonaws.com
sc-static.net
snapnet-cdn.storage.googleapis.com
storage.googleapis.com
story.snapchat.com
tr.snapchat.com
us-central1-gcp.api.snapchat.com
www.snapchat.com
accounts.snapchat.com
sc-static-web-assets-dev.s3.amazonaws.com
story.snapchat.com
172.253.115.153
172.253.115.207
199.232.91.18
2600:9000:2269:e800:3:12b1:2300:93a1
2607:f8b0:4004:c17::99
2607:f8b0:4004:c1d::cf
2607:f8b0:4004:c21::cf
3.163.245.4
3.5.30.25
34.149.46.130
35.190.43.134
44.202.21.40
02d552ca91156c37dd1bb81e6699d94c40c735b82c95a1426236bab2f20e73f2
0504be6cb9f059d44842e8181814cbc6e296ed27a54570dea500d36068791577
05fda1f6a09591e02270bac8997ee716e7b6225350ebf988465bab7779b9c5da
15dde3b26505097bbb438821c968b67c9e303deada0367ae9b5a77d6b2370ce6
300a8a5d2745578efb5cc8c55d73f2443e395df85fe5cc7df01a05f8ebf694c6
315e836cbde156652aa9162e5fd32ede267ffbffc664582b0ff4607e6adc9403
3314763c481aff85e0b1ec5af0b4323ef2c5dd8b5ee8600b2a656421740eaf94
48ec1864836be0c08309078bb22c6c5d979a977ddb9c4199f73eb1a3652ab441
494b8167faba431c364dc43257d6e60ccf8490803bf03648198454fdadaec8f2
498453af95a962f85c7ec7fe739918bc32d0b0768f108edaab76dd63478a1d1a
51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0
55afb4e61527076483c1929a24971b27b8b366fbc5b72f85b96b051a97c1a263
55de3c1e3b6440469c2294532ca71ed1c3b9fadb98d65057193741b9e0543a4d
5ff6fa9ff4ddc616837c3be58a534e5d4dd9bd996d46aca584c6ac927633218b
673e11d75bc71ea8e88c9057bd0cd95a88d213442aca91a061bbdaebf0903723
6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3
77376ca190ac5007d908da4bc655ecfbe64fc9baf92a07c7ece238b52894cba1
87e50f229ef7329e90030981164f7f23dcab7a28527937ea3b15e562ee69e42f
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9f98aa7adf426ea6cbf218c044b816a0a75d52292b8500a70ee1e5de052dc83a
a7fbae6ea5b5b8999052b17829abb1525baeaa9c9c105484f31f1a9ff2e17e6c
aa2c8490e58ec24a622bd9226a5c4c70fb1143e8df1fedbf38c25c8d76012398
b47258d7494c242aa47dfc4d7797334b053fce2106e9e7878699e2c847b1318d
b4c70297cb7ff12e0d40412324c3e2e78c83eadbe7f50197b2551123e62a780e
bd177a4f083c686f63ccafb9de27a81b59da32dd43d37e70d4875ce93e20cf40
c574a0ad7694f369a2e7ada44fc2e958136ff4c4beb98114e79e2b868eacb0bd
cb90820edef6ff76150e4795a54491ed695f5621a9fc5e13284f9b3c11efde32
dac2428c655712f379f3b11240ad4621ebf9a71931573ce77e3e777d90fc623e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d1e5eee09335046a5d65e14effd65e71e95a0892fecd59638cf874abdaf412
e90219998b2c3054440012620f51072b4705ec8be6c415912b5fc55001f61ccd

accounts-dot-devsnapchat.appspot.com Open in urlscan Pro 2607:f8b0:4004:c17::99 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

33 %IPv6

7 Domains

14 Subdomains

13 IPs

1 Countries

13533 kBTransfer

13677 kBSize

17 Cookies

24 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts-dot-devsnapchat.appspot.com Open in urlscan Pro
2607:f8b0:4004:c17::99 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

33 %
IPv6

7
Domains

14
Subdomains

13
IPs

1
Countries

13533 kB
Transfer

13677 kB
Size

17
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!