www.cnd.google.api.trakiahost.com Open in urlscan Pro
94.156.185.200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.cnd.google.api.trakiahost.com/
Submission: On March 18 via manual (March 18th 2024, 11:39:16 am UTC) from JP — Scanned from JP

Summary HTTP 17 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 94.156.185.200, located in Bulgaria and belongs to NETERRA-AS, BG. The main domain is www.cnd.google.api.trakiahost.com.

This is the only time www.cnd.google.api.trakiahost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Snapchat (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
16	94.156.185.200 94.156.185.200	34224 (NETERRA-AS) (NETERRA-AS)
1	34.149.46.130 34.149.46.130	15169 (GOOGLE) (GOOGLE)
17	2

16 94.156.185.200 (Bulgaria)

ASN34224 (NETERRA-AS, BG)
PTR: cha140.smtp66deliver.biz

www.cnd.google.api.trakiahost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.46.130 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 130.46.149.34.bc.googleusercontent.com

accounts.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	trakiahost.com www.cnd.google.api.trakiahost.com	2 MB
1	snapchat.com accounts.snapchat.com — Cisco Umbrella Rank: 16526	3 KB
17	2

	Domain	Requested by
16	www.cnd.google.api.trakiahost.com	www.cnd.google.api.trakiahost.com
1	accounts.snapchat.com	www.cnd.google.api.trakiahost.com
17	2

This site contains links to these domains. Also see Links.

Domain
accounts.snapchat.com
snap.com
careers.snap.com
newsroom.snap.com
help.snapchat.com
forbusiness.snapchat.com
snapchat.com

Subject Issuer	Validity	Valid
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.cnd.google.api.trakiahost.com/
Frame ID: C1DA7F7E58273BBA2EABE8D36D66D996
Requests: 16 HTTP requests in this frame

Frame: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/lightbox.html
Frame ID: 96EC5E4D46A0F9AEC337131871F62B4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Password Reset By Email | Snapchat

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"
/semantic(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

6 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1662 kB
Transfer

1662 kB
Size

0
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.snapchat.com/accounts/change_password
Title: change it

Search URL Search Domain Scan URL

URL: https://snap.com/en-US
Title: Snap Inc.

Search URL Search Domain Scan URL

URL: https://careers.snap.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://newsroom.snap.com/
Title: News

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Support

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/community-guidelines
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/safety/safety-center
Title: Safety Center

Search URL Search Domain Scan URL

URL: https://forbusiness.snapchat.com/?utm_source=accounts_snapchat_com&utm_medium=referral&utm_campaign=internal_referral&utm_content=footer_link
Title: Buy Ads

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/ad-policies/
Title: Advertising Policies

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/political-ads/
Title: Political Ads Library

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/brand-guidelines/
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/7047502545044?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Promotions Rules

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-center/
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/11399265637012?utm_source=snapchat_com&utm_medium=global_footer&utm_campaign=privacy_choices
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://help.snapchat.com/hc/articles/7012332110996?utm_source=web&utm_medium=snap&utm_campaign=ap
Title: Report Infringement

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/custom-creative-tools/
Title: Custom Creative Tools Terms

Search URL Search Domain Scan URL

URL: https://snapchat.com/create/terms.html
Title: Community Geofilter Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/lens-studio-license-agreement
Title: Lens Studio Terms

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/privacy/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://snap.com/en-US/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.cnd.google.api.trakiahost.com/ 2 MB
2 MB 1610ms
314ms Document
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash: 707bc2602d889b5b62060c566b0e49e7e9e677c04d603504e6500993fe35e92f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 11:39:08 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found recaptcha__en.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 328ms
328ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/recaptcha__en.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

Referer: http://www.cnd.google.api.trakiahost.com/
Origin: http://www.cnd.google.api.trakiahost.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found semantic.min.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 587ms
295ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/semantic.min.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found dropdown.min.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 596ms
300ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/dropdown.min.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found snapchat.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 633ms
306ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/snapchat.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found accounts.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 636ms
307ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/accounts.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found auth.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 634ms
305ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/auth.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found revoke.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 878ms
290ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/revoke.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery.min.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 914ms
280ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/jquery.min.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found semantic.min.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 917ms
280ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/semantic.min.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found dropdown.min.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 919ms
281ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/dropdown.min.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found accounts.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 1176ms
298ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/accounts.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found avenirnext.font.css
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 891ms
295ms Stylesheet
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/avenirnext.font.css
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found enterprise.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 301ms
300ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/enterprise.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found lightbox.html Show response
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ Frame 96EC 315 B
515 B 316ms
316ms Document
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/lightbox.html
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: http://www.cnd.google.api.trakiahost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Mar 2024 11:39:11 GMT
Keep-Alive: timeout=5, max=99
Server: Apache

GET
H2 200 snapchat-app-icon.svg
accounts.snapchat.com/accounts/static/images/ghost/ 5 KB
3 KB 359ms
187ms Image
image/svg+xml 34.149.46.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.snapchat.com/accounts/static/images/ghost/snapchat-app-icon.svg

Requested by

Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.130 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

130.46.149.34.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:34:19 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
server: API Gateway
age: 292
etag: "7ecqeQ"
x-frame-options: DENY
content-type: image/svg+xml
x-cloud-trace-context: 92d19ed690eddc189b9ea2ace04dab1f
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2446
expires: Mon, 18 Mar 2024 11:44:19 GMT

GET
H/1.1 404
Not Found main.js.download
www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/ 0
0 299ms
299ms Script
text/html 94.156.185.200
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/main.js.download
Requested by: Host: www.cnd.google.api.trakiahost.com
URL: http://www.cnd.google.api.trakiahost.com/
Protocol: HTTP/1.1
Server: 94.156.185.200 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: cha140.smtp66deliver.biz
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.cnd.google.api.trakiahost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 11:39:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Snapchat (Instant Messenger)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/recaptcha__en.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/semantic.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/dropdown.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/snapchat.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/auth.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/accounts.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/revoke.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/avenirnext.font.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/jquery.min.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/semantic.min.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/dropdown.min.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/accounts.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/enterprise.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/main.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.cnd.google.api.trakiahost.com/Password%20Reset%20By%20Email%20_%20Snapchat_files/lightbox.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.snapchat.com
www.cnd.google.api.trakiahost.com
34.149.46.130
94.156.185.200
6d420a1f6beaf9c3f18c01f468ccfafbe03d867aa274ef39d09c37d2449d28d3
707bc2602d889b5b62060c566b0e49e7e9e677c04d603504e6500993fe35e92f
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

www.cnd.google.api.trakiahost.com Open in urlscan Pro 94.156.185.200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

6 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1662 kBTransfer

1662 kBSize

0 Cookies

21 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

15 Console Messages

Indicators

www.cnd.google.api.trakiahost.com Open in urlscan Pro
94.156.185.200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

6 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1662 kB
Transfer

1662 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!