urlscan.io logo urlscan.io
SecurityTrails logo

cedar-jelly-crustacean.glitch.me Open in urlscan Pro
2a04:4e42:400::571  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://cedar-jelly-crustacean.glitch.me/public/rem.HTM
Submission: On June 12 via automatic, source phishtank — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2a04:4e42:400::571, located in United States and belongs to FASTLY, US. The main domain is cedar-jelly-crustacean.glitch.me.
TLS certificate: Issued by Certainly Intermediate R1 on June 10th 2025. Valid for: a month.
This is the only time cedar-jelly-crustacean.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

IP Address AS Autonomous System
1 3 2a04:4e42:400... 54113 (FASTLY)
1 192.225.159.77 30286 (THM)
3 3
Apex Domain
Subdomains		 Transfer
3 glitch.me
cedar-jelly-crustacean.glitch.me
656 KB
1 navyfederal.org
img2021.navyfederal.org — Cisco Umbrella Rank: 42913
401 B
3 2
Domain Requested by
3 cedar-jelly-crustacean.glitch.me 1 redirects
1 img2021.navyfederal.org srcdoc
3 2

This site contains links to these domains. Also see Links.

Domain
www.navyfederal.org
accountservices.navyfederal.org
policies.google.com
Subject Issuer Validity Valid
*.glitch.me
Certainly Intermediate R1		 2025-06-10 -
2025-07-10		 a month crt.sh
img2021.navyfederal.org
DigiCert EV RSA CA G2		 2025-05-02 -
2026-05-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cedar-jelly-crustacean.glitch.me/public/rem.HTM
Frame ID: CA6E387DDBBF36D1F9DD71319F5709C8
Requests: 7 HTTP requests in this frame

Frame: https://img2021.navyfederal.org/fp/clear1.png;CIS3SID=D887683491EA40897C59B9747B0BD15B?org_id=5jdpqg2f&session_id=dc6df711-f53d-4368-b736-dbf94d5bfb85&nonce=f0f9cbfbef5e2f79&pageid=1&jf=34333426716b645f7a6c643f746c725d4b69406a4537404348535a7d35583457247161645f666374673f31373c34323230313730247b61665d767b78653f756d623a656166716926736b665f6967793d3b32353b33383131323e383530633a3e343a616d3364303032333836303a30613a3434386b673366303b3033323f3831363032383036663f3364383761376d3535336161373734303c306660383a3430346e313a3264613034363b6e3631326631643034373736653b373239693a6637633f653661396c6160353a6c3135363b3331333137673862336337366736653569343030666c646363386e633367346d3335313e6264306430646e66623631393b3333666a662671696c5f716b6f3531323637383230323f3538356066643a3636603064333731376c363936366b3632616b3b333236636a653a3b6e653130643b30693833346162376765383b34393262306337363e3b3230303338303a3a6a3233646131673e6230356431353562626c3a6663396c3466363c3e30303166696664376a3538643133376d66636063653a363132393b6164353b3936662e7b6b64703f38
Frame ID: 720B014792B24CA2F58CFAFF504A833C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

795 kB
Transfer

868 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://cedar-jelly-crustacean.glitch.me/favicon.ico HTTP 302
  • https://cedar-jelly-crustacean.glitch.me/

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rem.HTM
cedar-jelly-crustacean.glitch.me/public/ 		651 KB
652 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cedar-jelly-crustacean.glitch.me/public/rem.HTM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::571 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39d0eb6146f30c71fb703be1a538d90b8c2e7cc2921085100c4af02c01306e34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
667030
content-type
text/html; charset=utf-8
date
Thu, 12 Jun 2025 12:59:11 GMT
etag
"0c390142a925f7ae6f910d64e4c47492"
last-modified
Thu, 29 May 2025 16:42:51 GMT
server
AmazonS3
via
1.1 varnish
x-amz-id-2
s66VKZZYQGQqFAbGx7lAdL2YaEs7UofD4gbkz+zXca6FSCwM4WrDVi47vydo3gv6z/Q1dnMiLl409vhDLRyzEfrSD4WFUSNz
x-amz-request-id
X0B6AM87FF5WTF6G
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-toj-leto2350040-TOJ, cache-toj-leto2350040-TOJ
x-timer
S1749733151.888840,VS0,VE505
truncated
/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fa934880a173f877c7e90f95fca2ade66544e05daa88707d0866b6f903a9c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin
https://cedar-jelly-crustacean.glitch.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a013af9f2e74ca2ba4cce61114b44fa5bd304d849e85fd41d269c835dc6f0db1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin
https://cedar-jelly-crustacean.glitch.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
314657d2f8121f4b44b50900eccfb8c7ebc336da2dc7e62182cce48c77018dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e80d024dca764170eec0c890e20dadbc9013ecd2b98ac3cb30587965bc0c62b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin
https://cedar-jelly-crustacean.glitch.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		66 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0281f2df196096e82e299b0804ddf9553c1c008616fa21f3dfbc39478f77e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
clear1.png;CIS3SID=D887683491EA40897C59B9747B0BD15B
img2021.navyfederal.org/fp/ Frame 720B 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2021.navyfederal.org/fp/clear1.png;CIS3SID=D887683491EA40897C59B9747B0BD15B?org_id=5jdpqg2f&session_id=dc6df711-f53d-4368-b736-dbf94d5bfb85&nonce=f0f9cbfbef5e2f79&pageid=1&jf=34333426716b645f7a6c643f746c725d4b69406a4537404348535a7d35583457247161645f666374673f31373c34323230313730247b61665d767b78653f756d623a656166716926736b665f6967793d3b32353b33383131323e383530633a3e343a616d3364303032333836303a30613a3434386b673366303b3033323f3831363032383036663f3364383761376d3535336161373734303c306660383a3430346e313a3264613034363b6e3631326631643034373736653b373239693a6637633f653661396c6160353a6c3135363b3331333137673862336337366736653569343030666c646363386e633367346d3335313e6264306430646e66623631393b3333666a662671696c5f716b6f3531323637383230323f3538356066643a3636603064333731376c363936366b3632616b3b333236636a653a3b6e653130643b30693833346162376765383b34393262306337363e3b3230303338303a3a6a3233646131673e6230356431353562626c3a6663396c3466363c3e30303166696664376a3538643133376d66636063653a363132393b6164353b3936662e7b6b64703f38
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.159.77 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer
https://cedar-jelly-crustacean.glitch.me/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Date
Thu, 12 Jun 2025 12:59:12 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png;charset=UTF-8
Server
Apache
truncated
/ Frame 720B 		81 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
cedar-jelly-crustacean.glitch.me/
Redirect Chain
  • https://cedar-jelly-crustacean.glitch.me/favicon.ico
  • https://cedar-jelly-crustacean.glitch.me/
3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cedar-jelly-crustacean.glitch.me/
Protocol
H2
Server
2a04:4e42:400::571 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a73d729aa62f65a7633e34cb07e77fbc2e1986611474ece049bc3f3bed3837e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer
https://cedar-jelly-crustacean.glitch.me/public/rem.HTM

Response headers

x-amz-version-id
null
etag
"28f11a65929ac18f0a8ac186e031c461"
x-cache
MISS, MISS
date
Thu, 12 Jun 2025 12:59:13 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-toj-leto2350040-TOJ, cache-toj-leto2350040-TOJ
x-cache-hits
0, 0
last-modified
Thu, 29 May 2025 16:42:51 GMT
x-amz-id-2
7ohWyMGPSgdF0MgBO3675tGi2R0m1VFrPxofdd4FnvnVSdmrhlQl9hWtgsKlUHFvYdngsM0l9N6AUBeqGZoMxO6EGR91naB1e8McU0/TPEY=
cache-control
no-cache
x-timer
S1749733153.266308,VS0,VE154
via
1.1 varnish
x-amz-request-id
8D0VJHCNBQ2KZGAG
accept-ranges
bytes
content-length
3449
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

location
/
x-timer
S1749733153.890215,VS0,VE152
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS, MISS
content-length
23
date
Thu, 12 Jun 2025 12:59:13 GMT
content-type
text/plain; charset=utf-8
x-served-by
cache-toj-leto2350040-TOJ, cache-toj-leto2350040-TOJ
x-cache-hits
0, 0
vary
Accept

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getBrowserInfo function| getCurrentTime function| sendToTelegram function| redirectAfterDelay

0 Cookies