urlscan.io logo urlscan.io
SecurityTrails logo

comments.navan.dev Open in urlscan Pro
122.160.47.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://comments.navan.dev/
Effective URL: https://comments.navan.dev/js/embed.min.js
Submission Tags: @phish_report
Submission: On November 01 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 122.160.47.68, located in Gurugram, India and belongs to AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services, IN. The main domain is comments.navan.dev.
TLS certificate: Issued by R11 on November 1st 2024. Valid for: 3 months.
This is the only time comments.navan.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 122.160.47.68 24560 (AIRTELBRO...)
2 1
Apex Domain
Subdomains		 Transfer
3 navan.dev
comments.navan.dev
62 KB
2 1
Domain Requested by
3 comments.navan.dev 1 redirects
2 1

This site contains no links.

Subject Issuer Validity Valid
comments.navan.dev
R11		 2024-11-01 -
2025-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://comments.navan.dev/js/embed.min.js
Frame ID: 8BBF75FB0A64E0958861CACFBEFD0FC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://comments.navan.dev/ HTTP 307
    https://comments.navan.dev/ HTTP 301
    https://comments.navan.dev/js/embed.min.js Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

61 kB
Transfer

60 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://comments.navan.dev/ HTTP 307
    https://comments.navan.dev/ HTTP 301
    https://comments.navan.dev/js/embed.min.js Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request embed.min.js
comments.navan.dev/js/
Redirect Chain
  • http://comments.navan.dev/
  • https://comments.navan.dev/
  • https://comments.navan.dev/js/embed.min.js
60 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comments.navan.dev/js/embed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
122.160.47.68 Gurugram, India, ASN24560 (AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services, IN),
Reverse DNS
abts-north-static-068.47.160.122.airtelbroadband.in
Software
nginx /
Resource Hash
e01c79f8e62e2d54f55a10614cc6199a3ba5c13cd6a7daddaac6e91b650eb162
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Referer, Content-Type
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
access-control-allow-origin
https://web.navan.dev
access-control-expose-headers
X-Set-Cookie, Date
cache-control
max-age=43200, public
content-length
61068
content-security-policy
upgrade-insecure-requests
content-type
application/javascript; charset=utf-8
date
Fri, 01 Nov 2024 19:05:11 GMT
etag
"wzsdm-1659926584.173547-61068-492700795"
expires
Sat, 02 Nov 2024 07:05:11 GMT
last-modified
Mon, 08 Aug 2022 02:43:04 GMT
permissions-policy
interest-cohort=()
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-sso-wat
You've just been SSOed
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 01 Nov 2024 19:05:11 GMT
location
https://comments.navan.dev/js/embed.min.js
permissions-policy
interest-cohort=()
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
favicon.ico
comments.navan.dev/ 		207 B
745 B 		Other
General
Check archive.org
Download Go to
Full URL
https://comments.navan.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
122.160.47.68 Gurugram, India, ASN24560 (AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services, IN),
Reverse DNS
abts-north-static-068.47.160.122.airtelbroadband.in
Software
nginx /
Resource Hash
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://comments.navan.dev/js/embed.min.js

Response headers

access-control-expose-headers
X-Set-Cookie, Date
x-permitted-cross-domain-policies
none
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
x-content-type-options
nosniff
x-sso-wat
You've just been SSOed
date
Fri, 01 Nov 2024 19:05:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin, Referer, Content-Type
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
access-control-allow-credentials
true
x-download-options
noopen
permissions-policy
interest-cohort=()
access-control-allow-origin
https://web.navan.dev
content-length
207
x-xss-protection
1; mode=block
server
nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://comments.navan.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comments.navan.dev
122.160.47.68
e01c79f8e62e2d54f55a10614cc6199a3ba5c13cd6a7daddaac6e91b650eb162
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80