harvest-profuse-primula.glitch.me Open in urlscan Pro
54.167.19.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.co.th/amp/tao.bb/E7B7K
Effective URL:
https://harvest-profuse-primula.glitch.me/
Submission: On November 07 via api (November 7th 2024, 1:37:08 pm UTC) from RU — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 54.167.19.172, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is harvest-profuse-primula.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 3rd 2024. Valid for: a year.

This is the only time harvest-profuse-primula.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3037::6815:22a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.167.19.172 54.167.19.172	14618 (AMAZON-AES) (AMAZON-AES)
2	2

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:22a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tao.bb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.167.19.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-19-172.compute-1.amazonaws.com

harvest-profuse-primula.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tree-relieved-krypton.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	glitch.me harvest-profuse-primula.glitch.me tree-relieved-krypton.glitch.me	903 KB
1	tao.bb 1 redirects tao.bb	569 B
1	google.co.th 1 redirects www.google.co.th — Cisco Umbrella Rank: 11660	1 KB
2	3

	Domain	Requested by
1	tree-relieved-krypton.glitch.me	harvest-profuse-primula.glitch.me
1	harvest-profuse-primula.glitch.me
1	tao.bb	1 redirects
1	www.google.co.th	1 redirects
2	4

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M02	`2024-11-03` - `2025-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://harvest-profuse-primula.glitch.me/
Frame ID: 60C336FF1408491D17E248DCF7879F33
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LinkedIn

Page URL History Show full URLs

https://www.google.co.th/amp/tao.bb/E7B7K HTTP 302
http://tao.bb/E7B7K HTTP 307
https://tao.bb/E7B7K HTTP 302
https://harvest-profuse-primula.glitch.me/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

2
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

1052 kB
Transfer

1178 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.co.th/amp/tao.bb/E7B7K HTTP 302
http://tao.bb/E7B7K HTTP 307
https://tao.bb/E7B7K HTTP 302
https://harvest-profuse-primula.glitch.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response harvest-profuse-primula.glitch.me/ Redirect Chain https://www.google.co.th/amp/tao.bb/E7B7K http://tao.bb/E7B7K https://tao.bb/E7B7K https://harvest-profuse-primula.glitch.me/	817 KB 819 KB	518ms 259ms	Document text/html	54.167.19.172 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://harvest-profuse-primula.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.167.19.172 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-167-19-172.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `d7b3c79a0677dbcd1ca900581936d8cd7f9ecf277818cd82f1e191671da4abbb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control no-cache content-length 836938 content-type text/html; charset=utf-8 date Thu, 07 Nov 2024 13:36:59 GMT etag "8fb0431cfb9686eecf6e96e00200cce5" last-modified Thu, 07 Nov 2024 12:18:07 GMT server AmazonS3 x-amz-id-2 CQrKhG3VOxgvun1excf/kcOUS9evWbjgIf7ougRAk9tNSnv/60ln5NK+uXfVnjIpffRNI6RyBwzjJDwhKaLfvYgJoVxWd900C2ag2MvG/9A= x-amz-request-id 7SSTXBFMEC36BQP8 x-amz-server-side-encryption AES256 x-amz-version-id 1eURzr5YQpJfvUVZO8hiqX1xywgGcCB2 Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dedb71c4abdd29d-FRA content-length 0 date Thu, 07 Nov 2024 13:36:59 GMT location https://harvest-profuse-primula.glitch.me nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmqL3poAMZoIoA4v7mFY7RbwlupbBD8R2L%2BylRX6j0hJz7jqL0N3aK0F375o1AcsyyAB5WqnNwdEZWg1H%2BA2Pvc7kbdHEfYKgw4aHg1npGIX98aqS0L8v0a6QFzo3xSX7H%2Fq2sU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=37325&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2469&delivery_rate=105062&cwnd=253&unsent_bytes=0&cid=95169f656f630b3c&ts=1801&x=0"
GET H2	200	sabaoth.jquery.min.js Show response tree-relieved-krypton.glitch.me/	84 KB 84 KB	239ms 220ms	Script application/javascript	54.167.19.172 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tree-relieved-krypton.glitch.me/sabaoth.jquery.min.js Requested by Host: harvest-profuse-primula.glitch.me URL: https://harvest-profuse-primula.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.167.19.172 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-167-19-172.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer Response headers x-amz-id-2 jXBV9Pam3eOjv6D18g2pWxcLOrxwTzP3r+teU03zjl+iVUiZxACb6hXR3wuCUIZODAIcLOQLQn2uXcSFXehcEw== cache-control no-cache etag "2f6b11a7e914718e0290410e85366fe9" x-amz-version-id _49Rz9MQul2.hKOU6VDSVzI2Tgdoue9R x-amz-request-id 9SYY9VA6JHF6B28X accept-ranges bytes content-length 85578 date Thu, 07 Nov 2024 13:37:02 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 24 Sep 2024 09:58:18 GMT server AmazonS3 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	39 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a2f6309a18fc8a00e46c7d3abad046e897de4e6503bcf3244df9378b298b3198` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	89 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c8137cdbaf0e32928a305bd29bbb628855c6cd7f09e6ea4c2c156c7fa739f69e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	29 KB 29 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1bf53b33743c5c45d6c944815f74cbf58b228806858fb6e3a0b86c1204f4be06` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://harvest-profuse-primula.glitch.me Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	31 KB 31 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f2c05d1d723bd31646c2c5adb65c29f317feab778a02511fbdcbc180853ca042` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://harvest-profuse-primula.glitch.me Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	30 KB 30 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `98dcc4ec9b1198b35a56a439bef6dd1ea639970635f6bb92b2a88e4b4af661ae` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://harvest-profuse-primula.glitch.me Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	31 KB 31 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `346cfd3df3dbb80d08655ae396a413f66cbccfcf201eae36a6403dcf7ed372bc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://harvest-profuse-primula.glitch.me Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	29 KB 29 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4495791c174536e8ecfe7727c97c6531086ca4ad37c33118397795816c7c28b7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://harvest-profuse-primula.glitch.me Referer Response headers Content-Type font/woff2

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.co.th/	1970-01-21 10:19:33	Name: __Secure-ENID Value: 23.SE=aGFRurCSg3uSG-tORlpqPRD6d-WrICEApoRGGt-PrZol4tcFwenuLraKp0KweoMfNmIah7f4NKwGxSSfrB1NiXekg7DCHwTZvLgws2vQqxs6HCgt0aMQZT4bTk1IGGHoag5PCROxjPlhbTFBvXkJKdWKNYY5-9Fs0CFqXogT3_gnkyUWaRV1_xURAyKL3kJ-hSCXM3M

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tree-relieved-krypton.glitch.me/sabaoth.jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tree-relieved-krypton.glitch.me/sabaoth.jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://harvest-profuse-primula.glitch.me/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

harvest-profuse-primula.glitch.me
tao.bb
tree-relieved-krypton.glitch.me
www.google.co.th
2606:4700:3037::6815:22a4
2a00:1450:4001:81c::2003
54.167.19.172
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1bf53b33743c5c45d6c944815f74cbf58b228806858fb6e3a0b86c1204f4be06
346cfd3df3dbb80d08655ae396a413f66cbccfcf201eae36a6403dcf7ed372bc
4495791c174536e8ecfe7727c97c6531086ca4ad37c33118397795816c7c28b7
98dcc4ec9b1198b35a56a439bef6dd1ea639970635f6bb92b2a88e4b4af661ae
a2f6309a18fc8a00e46c7d3abad046e897de4e6503bcf3244df9378b298b3198
c8137cdbaf0e32928a305bd29bbb628855c6cd7f09e6ea4c2c156c7fa739f69e
d7b3c79a0677dbcd1ca900581936d8cd7f9ecf277818cd82f1e191671da4abbb
f2c05d1d723bd31646c2c5adb65c29f317feab778a02511fbdcbc180853ca042

harvest-profuse-primula.glitch.me Open in urlscan Pro 54.167.19.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

100 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

1052 kBTransfer

1178 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

harvest-profuse-primula.glitch.me Open in urlscan Pro
54.167.19.172 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

1052 kB
Transfer

1178 kB
Size

1
Cookies

2 HTTP transactions
7 data transactions