urlscan.io logo urlscan.io
SecurityTrails logo

adorable-sorbet-fe715c.netlify.app Open in urlscan Pro
2a05:d014:275:cb00::c8  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://adorable-sorbet-fe715c.netlify.app/
Effective URL: https://adorable-sorbet-fe715c.netlify.app/
Submission: On September 08 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a05:d014:275:cb00::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is adorable-sorbet-fe715c.netlify.app.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on December 21st 2022. Valid for: a year.
This is the only time adorable-sorbet-fe715c.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sharepoint (Online)

Domain & IP information

IP Address AS Autonomous System
1 2a05:d014:275... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.224.43.36 14618 (AMAZON-AES)
3 151.101.66.132 54113 (FASTLY)
8 4
Apex Domain
Subdomains		 Transfer
3 glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 233495
33 KB
2 glitch.me
raspy-secretive-marsupial.glitch.me
90 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
49 KB
1 netlify.app
adorable-sorbet-fe715c.netlify.app
934 B
8 4
Domain Requested by
3 cdn.glitch.global adorable-sorbet-fe715c.netlify.app
2 raspy-secretive-marsupial.glitch.me adorable-sorbet-fe715c.netlify.app
2 cdn.jsdelivr.net adorable-sorbet-fe715c.netlify.app
1 adorable-sorbet-fe715c.netlify.app
8 4

This site contains no links.

Subject Issuer Validity Valid
*.netlify.app
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-21 -
2024-01-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
glitch.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-02-01		 a year crt.sh
cdn.glitch.global
R3		 2023-08-04 -
2023-11-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://adorable-sorbet-fe715c.netlify.app/
Frame ID: AE4A5D5E919861712C7A255851643E5C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Share

Page URL History Show full URLs

  1. http://adorable-sorbet-fe715c.netlify.app/ HTTP 307
    https://adorable-sorbet-fe715c.netlify.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.netlify\.(?:com|app)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

172 kB
Transfer

3916 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://adorable-sorbet-fe715c.netlify.app/ HTTP 307
    https://adorable-sorbet-fe715c.netlify.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
adorable-sorbet-fe715c.netlify.app/
Redirect Chain
  • http://adorable-sorbet-fe715c.netlify.app/
  • https://adorable-sorbet-fe715c.netlify.app/
2 KB
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d559f88738409f13b4dee3483386dd1b2fdcdd7d323616c51d646047d2bfd0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
39033
cache-control
public,max-age=0,must-revalidate
content-encoding
br
content-length
699
content-type
text/html; charset=UTF-8
date
Fri, 08 Sep 2023 06:14:33 GMT
etag
"9fdc46e264abb86ed0d7f12ef4fdaee1-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-nf-request-id
01H9SPV32TJXQH9JT6N2R9N9MX

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://adorable-sorbet-fe715c.netlify.app/
Non-Authoritative-Reason
HSTS
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:14:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17098856
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzf1qYAAVxNXVMRz5oP5BThUap8PzsZwkYko1IC3tADmxOdiZMdJmeEtiMvF3nFIwGmsF50b%2FOIYKnxLAem2mk4SQs%2FX%2BtFBwn%2F3%2FKpd0bbsdDRc%2B2kGq%2FkAZjAM%2FamihMmTQEDfZBUI8KrNSpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80350d4d9c85bb5b-FRA
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:14:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15404497
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230075-FRA, cache-bma1659-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF2HOwmiCbiOSJShok61I%2FzdHGmJzhiV18j%2BocDC%2FauLGxJep9PE3DCMBh34RjWSJNswU%2FF3vlJq7ILoLEkuc0RXuBYCiuAWT8TTKUZAAw%2Br2mJjDMqC4rB8JJO%2BnEFq%2B6tmRXDN2ksnAoWMbHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80350d4d9c87bb5b-FRA
jquery.min.js
raspy-secretive-marsupial.glitch.me/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raspy-secretive-marsupial.glitch.me/jquery.min.js
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.43.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-43-36.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:14:34 GMT
x-amz-version-id
.WF6pmwnLOX6NEzf5hGykPurMFkZUzbC
last-modified
Wed, 24 May 2023 13:50:48 GMT
server
AmazonS3
x-amz-request-id
F60X2RTETES8RBRQ
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption
AES256
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
89476
x-amz-id-2
yF0hw9egkpzWuPqnN6wqdfS707o5T6WewVf5h/KvF7svKQD1st2UMA/7SYYOf0zjRJdAaGuLN7E=
style.css
raspy-secretive-marsupial.glitch.me/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://raspy-secretive-marsupial.glitch.me/style.css
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.43.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-43-36.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b48a7a21cfe1c5ada20a91b04bcb21a71bc831023e454322d4ee59e5a87a030d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:14:34 GMT
x-amz-version-id
WMijJ_DquvdC2VDHAJyh2UT4W9lW4Hdp
last-modified
Wed, 24 May 2023 13:50:48 GMT
server
AmazonS3
x-amz-request-id
F60W0CXMD4B57XTE
etag
"de8f3941759229e1f95a842f8fa38106"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
1439
x-amz-id-2
jy39NxWLZViPmCKzTvpO3j70v9Lh/Lte/xH84N7r2haxj739iDaWIbvdQILncJXiQ4XDrqZ0ATc=
loo.jpg
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/loo.jpg?v=1675748203267
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d95b28334a382feb5553432a06074bab78a7dbfd882ca1cd30d860ef94cc9a8
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'
via
1.1 varnish, 1.1 varnish
date
Fri, 08 Sep 2023 06:14:34 GMT
x-amz-request-id
P5PPZ95VHYEVBTQV
age
1527967
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
4588
x-amz-id-2
12wG8TPbvxFDNjFFQM+CbLzW2nA2LzmT2BPHat+iBrk22UEq8RKPubZqNICyxB8VFWeYUk6/yiQ=
x-served-by
cache-iad-kjyo7100098-IAD, cache-fra-eddf8230020-FRA
last-modified
Tue, 07 Feb 2023 05:36:48 GMT
server
AmazonS3
x-timer
S1694153674.460019,VS0,VE1
etag
"62786d4854d7dc18c1bec2fc8869e315"
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
50, 1
pnt.png
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/pnt.png?v=1675748296014
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d656eb4dd05511bded9bf7f6ca7a0fb1426c6ae50fa08ba4870bd09e5f72fcf7
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adorable-sorbet-fe715c.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'
via
1.1 varnish, 1.1 varnish
date
Fri, 08 Sep 2023 06:14:34 GMT
x-amz-request-id
ZTW85ZVJ6H0QTTGN
age
2473348
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28173
x-amz-id-2
hYDJV1NaOGkoQ4MAIjhepqkDsWwvMXf9crqebnCNhAzdNBSW9YfxoAVNLlbFZhHNR0d5i2Lm/A286xE/r8+2r4ZvJ8Hlb8Mt2wcIMUEmwQg=
x-served-by
cache-iad-kiad7000034-IAD, cache-fra-eddf8230020-FRA
last-modified
Tue, 07 Feb 2023 05:38:21 GMT
server
AmazonS3
x-timer
S1694153674.460432,VS0,VE6
etag
"c294155a2c1a110a9a4d8380218d2c26"
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
100, 1
px.mp4
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/px.mp4?v=1675748239819
Requested by
Host: adorable-sorbet-fe715c.netlify.app
URL: https://adorable-sorbet-fe715c.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://adorable-sorbet-fe715c.netlify.app/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

content-security-policy
script-src 'none'
via
1.1 varnish, 1.1 varnish
date
Fri, 08 Sep 2023 06:14:34 GMT
x-amz-request-id
XVEZYAKRJTS76DY5
age
1348675
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-5929506/5929507
Content-Length
5929507
x-amz-id-2
ErAYbqlXtmjLWpLt6TiKK4BRtW8UF2GnWz2RRA4VEuw+RUl+P+l2bFpH4G2/g4ysO0f16nTkdWo=
x-served-by
cache-iad-kcgs7200178-IAD, cache-fra-eddf8230020-FRA
last-modified
Tue, 07 Feb 2023 05:37:07 GMT
server
AmazonS3
x-timer
S1694153674.460440,VS0,VE1
etag
"c323017397a13a271d68d5c41cc14a60"
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
129, 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sharepoint (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| uidEvent object| bootstrap function| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload