navan.cyberhaven.io
Open in
urlscan Pro
104.196.215.187
Public Scan
Effective URL: https://navan.cyberhaven.io/
Submission Tags: @phish_report
Submission: On October 16 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R11 on October 16th 2024. Valid for: 3 months.
This is the only time navan.cyberhaven.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 104.196.215.187 104.196.215.187 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2001:4860:480... 2001:4860:4802:36::15 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:26e... 2600:9000:26e8:1000:5:961b:82c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.186.163 142.250.186.163 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.224.189.18 13.224.189.18 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.245.46.20 18.245.46.20 | 16509 (AMAZON-02) (AMAZON-02) | |
27 | 7 |
ASN15169 (GOOGLE, US)
PTR: 187.215.196.104.bc.googleusercontent.com
navan.cyberhaven.io |
ASN16509 (AMAZON-02, US)
content.analytics.cyberhaven.io |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net
js.intercomcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
cyberhaven.io
navan.cyberhaven.io fullstory.cyberhaven.io content.analytics.cyberhaven.io |
4 MB |
2 |
intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 3146 |
286 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
2 KB |
1 |
intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2183 |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
18 KB |
27 | 5 |
Domain | Requested by | |
---|---|---|
15 | navan.cyberhaven.io |
navan.cyberhaven.io
|
5 | fullstory.cyberhaven.io |
navan.cyberhaven.io
fullstory.cyberhaven.io |
2 | js.intercomcdn.com |
widget.intercom.io
|
2 | fonts.googleapis.com |
navan.cyberhaven.io
|
1 | widget.intercom.io |
navan.cyberhaven.io
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | content.analytics.cyberhaven.io |
navan.cyberhaven.io
|
27 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
navan.cyberhaven.io R11 |
2024-10-16 - 2025-01-14 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
fullstory.cyberhaven.io WR3 |
2024-08-24 - 2024-11-22 |
3 months | crt.sh |
content.analytics.cyberhaven.io Amazon RSA 2048 M03 |
2024-08-17 - 2025-09-15 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.intercom.com Amazon RSA 2048 M03 |
2024-01-15 - 2025-02-11 |
a year | crt.sh |
*.intercomcdn.com Amazon RSA 2048 M02 |
2023-12-01 - 2024-12-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://navan.cyberhaven.io/
Frame ID: 9DE79941CED220486008D539C12CB5D9
Requests: 25 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.698ec508.js
Frame ID: 4A69CE872A803C28C8A19C9553474261
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
CyberhavenPage URL History Show full URLs
-
http://navan.cyberhaven.io/
HTTP 307
https://navan.cyberhaven.io/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://navan.cyberhaven.io/
HTTP 307
https://navan.cyberhaven.io/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
navan.cyberhaven.io/ Redirect Chain
|
2 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 981 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 923 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
785.12355706d2f971e15677.bundle.js
navan.cyberhaven.io/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.751fcbda8c0e1f29633c.bundle.js
navan.cyberhaven.io/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.134dbf83fc385b1fd0c2.css
navan.cyberhaven.io/ |
29 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
navan.cyberhaven.io/ |
266 B 528 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-config
navan.cyberhaven.io/v1/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-config
navan.cyberhaven.io/v1/ |
4 KB 0 |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
136.305def42b9696a8d270f.bundle.js
navan.cyberhaven.io/ |
39 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-image-gallery.a2c8b5383355bbe5dab9.bundle.js
navan.cyberhaven.io/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
fullstory.cyberhaven.io/s/ |
285 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pendo.js
content.analytics.cyberhaven.io/agent/static/7efc2491-30ab-4720-44ae-c8846c6ecf6d/ |
477 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enabled-auth-providers
navan.cyberhaven.io/v2/user-management/ |
17 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
list-ids
navan.cyberhaven.io/v2/user-management/saml/ |
63 B 207 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
500.456ca4716599754251b4.bundle.js
navan.cyberhaven.io/ |
223 KB 224 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
70.a3517fb2a17f84b33ddf.bundle.js
navan.cyberhaven.io/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shsa72dg
widget.intercom.io/widget/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
fullstory.cyberhaven.io/s/settings/TMY3F/v1/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.698ec508.js
js.intercomcdn.com/ Frame 4A69 |
469 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.8b97a971.js
js.intercomcdn.com/ Frame 4A69 |
455 KB 145 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
navan.cyberhaven.io/ |
6 KB 7 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
fullstory.cyberhaven.io/rec/ |
1 KB 972 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
navan.cyberhaven.io/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrations
fullstory.cyberhaven.io/rec/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v2
fullstory.cyberhaven.io/rec/bundle/ |
29 B 118 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| initVariables object| ENV object| FEATURES string| API_VERSION object| webpackChunkcyberhaven function| clearImmediate function| setImmediate object| regeneratorRuntime object| __MUI_LICENSE_INFO__ object| Prism string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| pendo object| s function| loginInternal object| intercomSettings function| Intercom string| _fs_loaded function| _fs_shutdown function| __intercomAssignLocation function| __intercomReloadLocation string| _fs_rec_settings_host2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cyberhaven.io/ | Name: fs_lua Value: 1.1729067007054 |
|
.cyberhaven.io/ | Name: fs_uid Value: #TMY3F#fceb46a4-7988-440d-9087-b53b87cb0d87:7e5ff078-9a6c-4f2e-a16d-8ee2a2c44183:1729067007054::1#/1760603008 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src https://content.analytics.cyberhaven.io https://data.analytics.cyberhaven.io https://app.pendo.io https://cdn.pendo.io https://fullstory.cyberhaven.io https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://www.gstatic.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases https://auth.navan.cyberhaven.io https://www.datadoghq-browser-agent.com; style-src https://content.analytics.cyberhaven.io 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src https://content.analytics.cyberhaven.io https://data.analytics.cyberhaven.io https://app.pendo.io https://fullstory.cyberhaven.io blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com 'self' https://www.google.com https://t0.gstatic.com https://assets.cyberhaven.io; frame-src https://app.pendo.io https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://portal.productboard.com/ 'self' https://www.google.com https://google.com https://*.firebaseapp.com https://*.cyberhaven.io https://www.gstatic.com https://recaptcha.google.com/recaptcha https://auth.navan.cyberhaven.io https://superset.navan.cyberhaven.io data: blob:; connect-src https://content.analytics.cyberhaven.io https://data.analytics.cyberhaven.io https://app.pendo.io https://fullstory.cyberhaven.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://*.googleapis.com 'self' https://www.googleapis.com/identitytoolkit/v3 https://apis.google.com https://*.firebaseapp.com https://*.cyberhaven.io https://www.google.com/recaptcha https://www.gstatic.com/recaptcha https://auth.navan.cyberhaven.io blob: *.logs.datadoghq.com *.logs.datadoghq.eu *.browser-intake-datadoghq.com https://superset.navan.cyberhaven.io; font-src https://js.intercomcdn.com 'self' https://fonts.gstatic.com; media-src https://js.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://apihub.document360.io; default-src 'self'; object-src 'self'; worker-src 'self' blob:; child-src 'self'; |
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
content.analytics.cyberhaven.io
fonts.googleapis.com
fonts.gstatic.com
fullstory.cyberhaven.io
js.intercomcdn.com
navan.cyberhaven.io
widget.intercom.io
104.196.215.187
13.224.189.18
142.250.186.163
18.245.46.20
2001:4860:4802:36::15
2600:9000:26e8:1000:5:961b:82c0:93a1
2a00:1450:4001:830::200a
00722a549de86ad49b7bb42d29e66ddbd959d7760798460211c74b3d8a427ec8
0e0663e6c6a69c73c0f176a674d3b47fb7605496e640376a09b4331dc0bf897d
1be86683d286948bed0c16658200c541fc83b55f74a692b2e177d4ce88216cad
22b51d32f81198bf17ba485ac228d19d1bbf3ce436621a3cd9c15a2a006b1f8a
266b8b9b120e7dccf4e8b5cd3679c25eeb9f04a46daa0f44d76b102548f5675f
2ac5d2e1a71e7e8af7a1e2e492329ccebc23438230268b0a88b490c6b5f32e9e
2ea567c86146dc0f25ef44441cb0c8ac7806a5b87270d867fb73af90ef6164cb
4ecc382e34b40123527ea05abb1d3f17be5e5578b2b8270764d161d2e06b6ce7
588a78a753d0b372d1e87c01c3b06ace394cbfc7496ba98eb49c98b8eea5fe49
5deccae5fa93b83908d60bc8baece066f90dba84d9becd54c9fa926a9c08c0d0
64e5112b871b65b525894da8a000a7842dabafaf3ff8ab0049daff2723214eb8
6b40bf7e7299640c919267efa0d51c7f7df8120f9df7b04bcbcea870b5b31c6c
78fdef28388d3886db6278f6ac0601d7a396abc734f327c704593c4a162f9a0b
82b13d78cc011e2825168f198a5265d6079c71452bd0c4f33fc7065ff382bf1a
851b4475a92836315da1a827b37c5da177dbd41f569fde7f2d5edc71d627a458
a38b7557d3fb89897c71d2b1775c43b8279703e8879b4e77f8637e60eb070a9c
ac4a52bb71ae470167c39bf9ce89506910aa63192c58ecd880063de204a53619
ade53ffa2a5f2da25b16cb66abb50ec7217b368a51b600dfbca0d7577043eccc
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
c4c41f98a1f4ab89d93817d890e8baabc02dbe99266266d72ed7337fb624660f
cae2a8aa5b5e17c515590523a161c4067e4ddf75f6b97519f6caa6e537bfa24c
ccbc25ee20b08c44dd3e2a963f05733d08d2edbb7b1f118b0c52e9dd972bd385
eb0e004c7f1da759b91a38c6159c23a94cdc4f005fd1cdc38a2cd9da709819ee
eb9e3a4c705bc281f66b0d94cb91b6850c0310388f2261460c3f6b304390516a
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
f6fef5feadad59c89db856c645025bca57695ee471aa3d6b8519f08f1f39f346