holy-thankful-heron.glitch.me
Open in
urlscan Pro
54.243.129.50
Malicious Activity!
Public Scan
Submission: On September 04 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time holy-thankful-heron.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Navy Federal Credit Union (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 8 | 54.243.129.50 54.243.129.50 | 14618 (AMAZON-AES) (AMAZON-AES) | |
12 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-129-50.compute-1.amazonaws.com
holy-thankful-heron.glitch.me | |
radical-typhoon-note.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
glitch.me
3 redirects
holy-thankful-heron.glitch.me radical-typhoon-note.glitch.me |
3 MB |
0 |
glitch.com
Failed
cdn.glitch.com Failed |
|
12 | 2 |
Domain | Requested by | |
---|---|---|
7 | holy-thankful-heron.glitch.me |
3 redirects
holy-thankful-heron.glitch.me
|
1 | radical-typhoon-note.glitch.me |
holy-thankful-heron.glitch.me
|
0 | cdn.glitch.com Failed |
holy-thankful-heron.glitch.me
|
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
radical-typhoon-note.glitch.me |
www.navyfederal.org |
accountservices.navyfederal.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-02-01 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://holy-thankful-heron.glitch.me/public/online.access.notification.html
Frame ID: D5543C465D44083D5506E7DFAA49D09F
Requests: 18 HTTP requests in this frame
Frame:
https://holy-thankful-heron.glitch.me/
Frame ID: 41227A1ABD2A6D49ABB2208E317B7A55
Requests: 4 HTTP requests in this frame
Frame:
https://holy-thankful-heron.glitch.me/
Frame ID: 844469C85276D04694C6A42143882551
Requests: 1 HTTP requests in this frame
Frame:
https://holy-thankful-heron.glitch.me/
Frame ID: B6BF1109203F249828B6700D5F99A960
Requests: 1 HTTP requests in this frame
Frame:
https://holy-thankful-heron.glitch.me/
Frame ID: 45299FA963A27FF55E47E5D1ED6A1013
Requests: 1 HTTP requests in this frame
Frame:
https://holy-thankful-heron.glitch.me/
Frame ID: 87C64500069B6B96D878184F14F8BC75
Requests: 1 HTTP requests in this frame
14 Outgoing links
These are links going to different origins than the main page.
Title: Skip Navigation Links
Search URL Search Domain Scan URL
Title: æ37Locations
Search URL Search Domain Scan URL
Title: æ32Contact Us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Sign In Help
Search URL Search Domain Scan URL
Title: Enroll in digital banking »
Search URL Search Domain Scan URL
Title: Learn more »
Search URL Search Domain Scan URL
Title: About Us 08 08
Search URL Search Domain Scan URL
Title: 08 08Privacy Policy 08 08
Search URL Search Domain Scan URL
Title: 08 08Security 08 08
Search URL Search Domain Scan URL
Title: 08 08Accessibility 08 08
Search URL Search Domain Scan URL
Title: 08 08Browser Support
Search URL Search Domain Scan URL
Title: Federally Insured by NCUA
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/font-awesome.min.css HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/ip.js.download HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/saved_resource.html HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/saved_resource(1).html HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/saved_resource(2).html HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/saved_resource(3).html HTTP 302
- https://holy-thankful-heron.glitch.me/
- https://holy-thankful-heron.glitch.me/public/Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE_files/saved_resource(4).html HTTP 302
- https://holy-thankful-heron.glitch.me/
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
online.access.notification.html
holy-thankful-heron.glitch.me/public/ |
3 MB 3 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
holy-thankful-heron.glitch.me/ Redirect Chain
|
3 KB 4 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
holy-thankful-heron.glitch.me/ Redirect Chain
|
3 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NFCU.HTML
radical-typhoon-note.glitch.me// |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
640 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
80 KB 80 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
holy-thankful-heron.glitch.me/ Frame 4122 Redirect Chain
|
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
holy-thankful-heron.glitch.me/ Frame 8444 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
holy-thankful-heron.glitch.me/ Frame B6BF Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
holy-thankful-heron.glitch.me/ Frame 4529 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
holy-thankful-heron.glitch.me/ Frame 87C6 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
holy-thankful-heron.glitch.me/public/ Frame 4122 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
cad20829-cd7f-405a-95e8-5e17b206a304%2Fillustration.svg
cdn.glitch.com/ Frame 4122 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
605e2a51-d45f-4d87-a285-9410ad350515%2FLogo_Color.svg
cdn.glitch.com/ Frame 4122 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- holy-thankful-heron.glitch.me
- URL
- https://holy-thankful-heron.glitch.me/
- Domain
- holy-thankful-heron.glitch.me
- URL
- https://holy-thankful-heron.glitch.me/
- Domain
- holy-thankful-heron.glitch.me
- URL
- https://holy-thankful-heron.glitch.me/
- Domain
- holy-thankful-heron.glitch.me
- URL
- https://holy-thankful-heron.glitch.me/
- Domain
- holy-thankful-heron.glitch.me
- URL
- https://holy-thankful-heron.glitch.me/public/style.css
- Domain
- cdn.glitch.com
- URL
- https://cdn.glitch.com/cad20829-cd7f-405a-95e8-5e17b206a304%2Fillustration.svg?v=1618198438357
- Domain
- cdn.glitch.com
- URL
- https://cdn.glitch.com/605e2a51-d45f-4d87-a285-9410ad350515%2FLogo_Color.svg?v=1618199565140
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Navy Federal Credit Union (Government)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| savepage_ShadowLoader function| sendp undefined| userip0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.glitch.com
holy-thankful-heron.glitch.me
radical-typhoon-note.glitch.me
cdn.glitch.com
holy-thankful-heron.glitch.me
54.243.129.50
137f34c69c07dd3f6c1caf23bf0611cff6fe684b58ce75b22677abc149643001
16eb10aacb5be4e997453d0d2501d49e7d3a236828ee90f22cd3f913951a6d67
1cfb06a931d21dc32d2d0dd7d0073138f63d005fd28ad8ebe090b707e0c26a6b
2cca552b4d48760fdce1fb2c0a21e6bf09b6ada1f7e70f5b1f4b7b810367c630
3e700f9ff93a023fcaee00daeb83062c9492803afc78643532d41d369133f991
83de0b26f5230608c42df74eab660c8e7a51ffe1710ce6c2514bd9c7756b5488
89a821c2c4f26ce58357c1e2fe213e58de98e7a7dd0ddc17e2b3aedeb3a1beae
94a271e503aa4ce07fe3c3d06dcd920cf626ea053af0c7a7917879973462e2e3
a8614e2be373b6407e95bca90a8d47ebf7bccb705475a85ee9997ee01ca38133
abd0ba3bfcdb6d0b220ce116d51b7317e7e872106601e1d4451fab6f23698d42
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d3c66738cff7fddc343adf5eed0f1ace982866d8beacbd1d699c45ce7cde17d8
e0f149e457780b5aa7a03794f117fe9d852f8ac87e6d3c208164df82af30a507
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac7a5450fce00715e381e02b2359fa4bd7ddd5a30f52e15ca9c342ce24d3b37
f7da84eea3d03884fcce20e3c82b7d11f3f0ac91c48b0f57d675ab54e2646ee3