snapchat.com.list-devices.cfd

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 92.113.31.235, located in Ukraine and belongs to AS-HOSTINGER, CY. The main domain is snapchat.com.list-devices.cfd.
TLS certificate: Issued by E6 on September 27th 2024. Valid for: 3 months.

This is the only time snapchat.com.list-devices.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Snapchat (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
2	92.113.31.235 92.113.31.235	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2600:9000:235... 2600:9000:2359:ec00:10:7d36:1700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:e684	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

2 92.113.31.235 (Ukraine)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv602861.hstgr.cloud

snapchat.com.list-devices.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2359:ec00:10:7d36:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:e684 (United States)

ASN13335 (CLOUDFLARENET, US)

led-closed-gasoline-comparing.trycloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	snapchat.com static.snapchat.com — Cisco Umbrella Rank: 67932	25 KB
2	list-devices.cfd snapchat.com.list-devices.cfd	3 KB
1	trycloudflare.com led-closed-gasoline-comparing.trycloudflare.com
6	3

	Domain	Requested by
3	static.snapchat.com	snapchat.com.list-devices.cfd
2	snapchat.com.list-devices.cfd
1	led-closed-gasoline-comparing.trycloudflare.com	snapchat.com.list-devices.cfd
6	3

This site contains no links.

Subject Issuer	Validity	Valid
snapchat.com.list-devices.cfd E6	`2024-09-27` - `2024-12-26`	3 months	crt.sh
static.snapchat.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
trycloudflare.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://snapchat.com.list-devices.cfd/
Frame ID: 0F5777BF1F9C6C37C028ACD144DAD68B
Requests: 5 HTTP requests in this frame

Frame: https://led-closed-gasoline-comparing.trycloudflare.com/
Frame ID: E4A015D531FDC13691C861001041F6E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Snapchat Support. Remove unauthorised devices.

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

28 kB
Transfer

123 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response snapchat.com.list-devices.cfd/	5 KB 2 KB	198ms 49ms	Document text/html	92.113.31.235 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://snapchat.com.list-devices.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 92.113.31.235 , Ukraine, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv602861.hstgr.cloud Software Apache/2.4.58 (Ubuntu) / Resource Hash `b86e2201241d92a3b9ab7d017b45bd62ec3ef74798bd3299a8092538df8f211b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 1984 Content-Type text/html Date Sun, 29 Sep 2024 00:35:32 GMT ETag "1409-6231b27d8d724-gzip" Keep-Alive timeout=5, max=100 Last-Modified Fri, 27 Sep 2024 15:03:19 GMT Server Apache/2.4.58 (Ubuntu) Vary Accept-Encoding
GET H2	200	25a8e6fb2edf1556.css static.snapchat.com/profiles/_next/static/css/	77 KB 15 KB	128ms 41ms	Stylesheet text/css	2600:9000:2359:ec00:10:7d36:1700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.snapchat.com/profiles/_next/static/css/25a8e6fb2edf1556.css Requested by Host: snapchat.com.list-devices.cfd URL: https://snapchat.com.list-devices.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:ec00:10:7d36:1700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `ba7bddfc8871daa3c7f929c4402eff5571ce26d1a0b00ac91c89395b9249ee11` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://snapchat.com.list-devices.cfd/ Response headers content-encoding br x-amz-version-id null etag W/"b823c4906718c93d2e9239ab3020ef04" age 987036 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id WIpn8X8CKcSRg-LkxqjR3W908FsEp8HPfjYst19nXkzqXi1BwXPw7g== date Tue, 17 Sep 2024 14:24:57 GMT content-type text/css vary Accept-Encoding, Origin last-modified Tue, 02 Apr 2024 10:57:42 GMT cache-control max-age=31536000,public,immutable via 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	a6cf15e5d70447ab.css static.snapchat.com/profiles/_next/static/css/	18 KB 5 KB	121ms 34ms	Stylesheet text/css	2600:9000:2359:ec00:10:7d36:1700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.snapchat.com/profiles/_next/static/css/a6cf15e5d70447ab.css Requested by Host: snapchat.com.list-devices.cfd URL: https://snapchat.com.list-devices.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:ec00:10:7d36:1700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `d771ae4b91b105e575042dc7a6bde3c3079b06413b0454554242ca65c2612e06` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://snapchat.com.list-devices.cfd/ Response headers content-encoding gzip x-amz-version-id null etag W/"9f9a1a29d364beb45d2da00b72dff643" age 22296699 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id uZ4DZq92C2bJw3HQddy6dqZlvY1AB2af037wwsPl9vBwPU8YXfiPOA== date Sun, 14 Jan 2024 23:03:54 GMT content-type text/css vary Accept-Encoding, Origin last-modified Sat, 13 Jan 2024 14:05:20 GMT cache-control max-age=31536000,public,immutable via 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	86790ff34af3661b.css static.snapchat.com/profiles/_next/static/css/	23 KB 5 KB	120ms 33ms	Stylesheet text/css	2600:9000:2359:ec00:10:7d36:1700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.snapchat.com/profiles/_next/static/css/86790ff34af3661b.css Requested by Host: snapchat.com.list-devices.cfd URL: https://snapchat.com.list-devices.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:ec00:10:7d36:1700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `fb1fd955c093c9ffd1e3a6e1aa8a4c2138d77ddfc5e8d7f0099486716667aabe` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://snapchat.com.list-devices.cfd/ Response headers content-encoding gzip x-amz-version-id null etag W/"716ac1c385bfb7af16d1146d2fdcd1d6" age 17936903 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id ig4HMjSHg8ks2x-8d3GjtMZFieu-InDCugybmf3-qYuySe8fOMp3Pw== date Tue, 05 Mar 2024 10:07:10 GMT content-type text/css vary Accept-Encoding, Origin last-modified Mon, 04 Mar 2024 20:49:55 GMT cache-control max-age=31536000,public,immutable via 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	/ led-closed-gasoline-comparing.trycloudflare.com/ Frame E4A0	0 0	265ms 194ms	Document text/html	2606:4700::6810:e684 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://led-closed-gasoline-comparing.trycloudflare.com/ Requested by Host: snapchat.com.list-devices.cfd URL: https://snapchat.com.list-devices.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:e684 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.6 Resource Hash Request headers Referer https://snapchat.com.list-devices.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8ca7e4cf5e10d233-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 29 Sep 2024 00:35:32 GMT host led-closed-gasoline-comparing.trycloudflare.com server cloudflare vary Accept-Encoding x-powered-by PHP/8.3.6
GET H/1.1	404 Not Found	favicon.ico snapchat.com.list-devices.cfd/	292 B 508 B	63ms 63ms	Other text/html	92.113.31.235 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://snapchat.com.list-devices.cfd/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 92.113.31.235 , Ukraine, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv602861.hstgr.cloud Software Apache/2.4.58 (Ubuntu) / Resource Hash `355101daa5d199fc16404499b510009dd2b616bd07f674238e3576188423fd27` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://snapchat.com.list-devices.cfd/ Response headers Keep-Alive timeout=5, max=99 Content-Length 292 Date Sun, 29 Sep 2024 00:35:33 GMT Content-Type text/html; charset=iso-8859-1 Server Apache/2.4.58 (Ubuntu) Connection Keep-Alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Snapchat (Instant Messenger)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getQueryParams

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://snapchat.com.list-devices.cfd/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

led-closed-gasoline-comparing.trycloudflare.com
snapchat.com.list-devices.cfd
static.snapchat.com
2600:9000:2359:ec00:10:7d36:1700:93a1
2606:4700::6810:e684
92.113.31.235
355101daa5d199fc16404499b510009dd2b616bd07f674238e3576188423fd27
b86e2201241d92a3b9ab7d017b45bd62ec3ef74798bd3299a8092538df8f211b
ba7bddfc8871daa3c7f929c4402eff5571ce26d1a0b00ac91c89395b9249ee11
d771ae4b91b105e575042dc7a6bde3c3079b06413b0454554242ca65c2612e06
fb1fd955c093c9ffd1e3a6e1aa8a4c2138d77ddfc5e8d7f0099486716667aabe

snapchat.com.list-devices.cfd Open in urlscan Pro 92.113.31.235 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

28 kBTransfer

123 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

snapchat.com.list-devices.cfd Open in urlscan Pro
92.113.31.235 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

28 kB
Transfer

123 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!