tulip-rogue-narcissus.glitch.me

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 52.21.72.108, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is tulip-rogue-narcissus.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time tulip-rogue-narcissus.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.21.72.108 52.21.72.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1	3.164.143.120 3.164.143.120	16509 (AMAZON-02) (AMAZON-02)
1	18.172.31.44 18.172.31.44	16509 (AMAZON-02) (AMAZON-02)
6	4

3 52.21.72.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-72-108.compute-1.amazonaws.com

tulip-rogue-narcissus.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.143.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-143-120.nrt20.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-31-44.nrt20.r.cloudfront.net

glitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	glitch.me tulip-rogue-narcissus.glitch.me cdn.glitch.me — Cisco Umbrella Rank: 81293	73 KB
1	glitch.com glitch.com — Cisco Umbrella Rank: 83253	6 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 11491	15 KB
6	3

	Domain	Requested by
3	tulip-rogue-narcissus.glitch.me	tulip-rogue-narcissus.glitch.me
1	glitch.com
1	cdn.glitch.me	tulip-rogue-narcissus.glitch.me
1	telegram.org	tulip-rogue-narcissus.glitch.me
6	4

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tulip-rogue-narcissus.glitch.me/
Frame ID: 51BA2836391CD9AF938BA777B4D2CBD0
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hello World!

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

94 kB
Transfer

151 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tulip-rogue-narcissus.glitch.me/ 823 B
1003 B 711ms
366ms Document
text/html 52.21.72.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tulip-rogue-narcissus.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.72.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-72-108.compute-1.amazonaws.com
Software: /
Resource Hash: daef848c1b71087d884ed2feea98f72ad9860f39f57e0271fe67017885af5102

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-length: 823
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 06:36:26 GMT
etag: W/"337-18ee58eaa60"
last-modified: Tue, 16 Apr 2024 06:18:36 GMT
vary: Origin

GET
H2 200 style.css
tulip-rogue-narcissus.glitch.me/ 4 KB
4 KB 198ms
196ms Stylesheet
text/css 52.21.72.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tulip-rogue-narcissus.glitch.me/style.css
Requested by: Host: tulip-rogue-narcissus.glitch.me
URL: https://tulip-rogue-narcissus.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.72.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-72-108.compute-1.amazonaws.com
Software: /
Resource Hash: df426a5cc294539b86f7c6d35d122074ea6578bece2d80ae832b78e245018148

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tulip-rogue-narcissus.glitch.me/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:36:26 GMT
last-modified: Mon, 15 Apr 2024 14:33:30 GMT
etag: W/"e39-18ee22d6690"
vary: Origin
content-type: text/css; charset=utf-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 3641

GET
H2 200 telegram-web-app.js Show response
telegram.org/js/ 65 KB
15 KB 992ms
489ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web-app.js

Requested by

Host: tulip-rogue-narcissus.glitch.me
URL: https://tulip-rogue-narcissus.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

234d24549fda75d451ed54a9ebf45d3dfb38679b2d383512cf02832cf0ab9226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tulip-rogue-narcissus.glitch.me/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:36:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 11:35:11 GMT
server: nginx/1.18.0
etag: W/"65f2e0ef-1043a"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 20 Apr 2024 06:36:27 GMT

GET
H2 200 script.js Show response
tulip-rogue-narcissus.glitch.me/ 1 KB
1 KB 195ms
194ms Script
application/javascript 52.21.72.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tulip-rogue-narcissus.glitch.me/script.js
Requested by: Host: tulip-rogue-narcissus.glitch.me
URL: https://tulip-rogue-narcissus.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.72.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-72-108.compute-1.amazonaws.com
Software: /
Resource Hash: dbea3449b427f911dd76d93292c4e3372a9d4a7ba33c8053a5e45fa26303a5f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tulip-rogue-narcissus.glitch.me/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:36:26 GMT
last-modified: Tue, 16 Apr 2024 06:18:03 GMT
etag: W/"4a5-18ee58e2978"
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 1189

GET
H/1.1 200
OK 605e2a51-d45f-4d87-a285-9410ad350515%2FHKGrotesk-Regular.otf
cdn.glitch.me/ 66 KB
67 KB 18ms
4ms Font
binary/octet-stream 3.164.143.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.me/605e2a51-d45f-4d87-a285-9410ad350515%2FHKGrotesk-Regular.otf?v=1603136326027

Requested by

Host: tulip-rogue-narcissus.glitch.me
URL: https://tulip-rogue-narcissus.glitch.me/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.164.143.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-143-120.nrt20.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b046d0a2d5aee84490778562132d24c154df87102a667ef878d6c00158dfbce7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tulip-rogue-narcissus.glitch.me/
Origin: https://tulip-rogue-narcissus.glitch.me
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 01:28:57 GMT
Via: 1.1 a01aece95388e417e95ea415a7c4ffee.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 19 Oct 2020 19:38:46 GMT
Server: AmazonS3
X-Amz-Cf-Pop: NRT20-P3
Age: 364051
ETag: "cab8839a909b408392b7b3147c2afd23"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 67768
X-Amz-Cf-Id: yz7spwrMllf0H-54wFyhFvTApOBO0ktNAK8xTkqpZpLmpTkipaGoNA==

GET
H/1.1 200
OK favicon.ico
glitch.com/ 15 KB
6 KB 237ms
221ms Other
image/x-icon 18.172.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://glitch.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.172.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-31-44.nrt20.r.cloudfront.net

Software

/ Express

Resource Hash

342fe53b712486ea879cab73250932a2c0d75521b1cbb08a067e69ecf0f430cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tulip-rogue-narcissus.glitch.me/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 06:36:27 GMT
Strict-Transport-Security: max-age=2628000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 e35610eddfb28cbf041574c80f85a22a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: NRT20-P1
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Apr 2024 18:37:45 GMT
ETag: W/"3aee-18ee30d04a8"
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: public, max-age=0
Accept-Ranges: bytes
X-Amz-Cf-Id: gprI5JGCy0rEl9LnuJpnmUMzYBV1vMhGBaFZ1T0Pdi9mSXcxOdhLXg==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			glitch.com/	1970-01-20 20:04:14	Name: AWSALBTGCORS Value: 0N7pLDvmHVVonQmEcxrV0mqUtfAHhii8xaBmmHeAf/AYAAgrrlkyKKhmkTa4hCYnudbI1rndiH2KbSsRn2YszsAohXpQ3sd25Gy9yMBI0kdR0tnVYBGsxP9cu+zuXRAXdtevGSHdUkLduXHxGmoY+SSrUhP4wNYalSNeoapxxWj8VinD4EE=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tulip-rogue-narcissus.glitch.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.me
glitch.com
telegram.org
tulip-rogue-narcissus.glitch.me
18.172.31.44
2001:67c:4e8:f004::9
3.164.143.120
52.21.72.108
234d24549fda75d451ed54a9ebf45d3dfb38679b2d383512cf02832cf0ab9226
342fe53b712486ea879cab73250932a2c0d75521b1cbb08a067e69ecf0f430cb
b046d0a2d5aee84490778562132d24c154df87102a667ef878d6c00158dfbce7
daef848c1b71087d884ed2feea98f72ad9860f39f57e0271fe67017885af5102
dbea3449b427f911dd76d93292c4e3372a9d4a7ba33c8053a5e45fa26303a5f8
df426a5cc294539b86f7c6d35d122074ea6578bece2d80ae832b78e245018148

tulip-rogue-narcissus.glitch.me Open in urlscan Pro 52.21.72.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

94 kBTransfer

151 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

tulip-rogue-narcissus.glitch.me Open in urlscan Pro
52.21.72.108 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

94 kB
Transfer

151 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions