adorable-sorbet-fe715c.netlify.app
Open in
urlscan Pro
2a05:d014:275:cb00::c8
Malicious Activity!
Public Scan
Effective URL: https://adorable-sorbet-fe715c.netlify.app/
Submission: On September 08 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on December 21st 2022. Valid for: a year.
This is the only time adorable-sorbet-fe715c.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sharepoint (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a05:d014:275... 2a05:d014:275:cb00::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 3.224.43.36 3.224.43.36 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 151.101.66.132 151.101.66.132 | 54113 (FASTLY) (FASTLY) | |
8 | 4 |
ASN16509 (AMAZON-02, US)
adorable-sorbet-fe715c.netlify.app |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-43-36.compute-1.amazonaws.com
raspy-secretive-marsupial.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 233495 |
33 KB |
2 |
glitch.me
raspy-secretive-marsupial.glitch.me |
90 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351 |
49 KB |
1 |
netlify.app
adorable-sorbet-fe715c.netlify.app |
934 B |
8 | 4 |
Domain | Requested by | |
---|---|---|
3 | cdn.glitch.global |
adorable-sorbet-fe715c.netlify.app
|
2 | raspy-secretive-marsupial.glitch.me |
adorable-sorbet-fe715c.netlify.app
|
2 | cdn.jsdelivr.net |
adorable-sorbet-fe715c.netlify.app
|
1 | adorable-sorbet-fe715c.netlify.app | |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-21 - 2024-01-21 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
glitch.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-02-01 |
a year | crt.sh |
cdn.glitch.global R3 |
2023-08-04 - 2023-11-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://adorable-sorbet-fe715c.netlify.app/
Frame ID: AE4A5D5E919861712C7A255851643E5C
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
SharePage URL History Show full URLs
-
http://adorable-sorbet-fe715c.netlify.app/
HTTP 307
https://adorable-sorbet-fe715c.netlify.app/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Netlify (Web Servers) Expand
Detected patterns
- ^https?://[^/]+\.netlify\.(?:com|app)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://adorable-sorbet-fe715c.netlify.app/
HTTP 307
https://adorable-sorbet-fe715c.netlify.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
adorable-sorbet-fe715c.netlify.app/ Redirect Chain
|
2 KB 934 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
raspy-secretive-marsupial.glitch.me/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
raspy-secretive-marsupial.glitch.me/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loo.jpg
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pnt.png
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.mp4
cdn.glitch.global/26e3792d-bd6f-421e-a2c4-ea3097e5c19f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sharepoint (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture number| uidEvent object| bootstrap function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adorable-sorbet-fe715c.netlify.app
cdn.glitch.global
cdn.jsdelivr.net
raspy-secretive-marsupial.glitch.me
151.101.66.132
2606:4700::6810:5914
2a05:d014:275:cb00::c8
3.224.43.36
2d95b28334a382feb5553432a06074bab78a7dbfd882ca1cd30d860ef94cc9a8
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
b48a7a21cfe1c5ada20a91b04bcb21a71bc831023e454322d4ee59e5a87a030d
d559f88738409f13b4dee3483386dd1b2fdcdd7d323616c51d646047d2bfd0be
d656eb4dd05511bded9bf7f6ca7a0fb1426c6ae50fa08ba4870bd09e5f72fcf7
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d