navi.discount-domain.com Open in urlscan Pro
104.18.19.236 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://navi.discount-domain.com/
Effective URL:
https://navi.discount-domain.com/Default/Login
Submission: On June 10 via api (June 10th 2024, 10:18:44 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 104.18.19.236, located in and belongs to CLOUDFLARENET, US. The main domain is navi.discount-domain.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on December 19th 2023. Valid for: a year.

This is the only time navi.discount-domain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	104.18.19.236 104.18.19.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
12	3

11 104.18.19.236 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navi.discount-domain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	discount-domain.com 1 redirects navi.discount-domain.com	101 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5	945 B
0	g-system.io Failed lss.g-system.io Failed
12	3

	Domain	Requested by
11	navi.discount-domain.com	1 redirects navi.discount-domain.com
1	www.google.com	navi.discount-domain.com
0	lss.g-system.io Failed	navi.discount-domain.com
12	3

This site contains links to these domains. Also see Links.

Domain
gmo.jp
www.onamae.com
www.gmo.jp

Subject Issuer	Validity	Valid
navi.discount-domain.com GlobalSign GCC R3 DV TLS CA 2020	`2023-12-19` - `2025-01-19`	a year	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://navi.discount-domain.com/Default/Login
Frame ID: 321DFDB3E3D5A970DCABCBC6E66F3C61
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

アカウントマネージャー COMNavi メインメニュー

Page URL History Show full URLs

https://navi.discount-domain.com/ HTTP 302
https://navi.discount-domain.com/Default/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

101 kB
Transfer

276 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://gmo.jp/policy/privacy.html?pol=onamae
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://www.onamae.com/other/agreement/
Title: 利用規約

Search URL Search Domain Scan URL

URL: https://www.onamae.com/domain/whois/
Title: Ｗｈｏｉｓ

Search URL Search Domain Scan URL

URL: https://www.onamae.com/sitemap/
Title: サイトマップ

Search URL Search Domain Scan URL

URL: https://www.gmo.jp/
Title: 会社概要

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://navi.discount-domain.com/ HTTP 302
https://navi.discount-domain.com/Default/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
navi.discount-domain.com/Default/
Redirect Chain

https://navi.discount-domain.com/
https://navi.discount-domain.com/Default/Login

5 KB
2 KB

361ms
361ms

Document
text/html

104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

afd5b5ba8998ee67d98425ba553002cb98cec036b55bc8b1510acc4ee343e0d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private,no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89189dba6b1c2be0-FRA
content-encoding: gzip
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 10:18:13 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private,no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89189db1ffbd2be0-FRA
content-length: 131
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 10:18:13 GMT
location: /Default/Login
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 base.css
navi.discount-domain.com/Content/mixin/ 76 KB
8 KB 387ms
386ms Stylesheet
text/css 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/Content/mixin/base.css

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

300d0302bbcda7b2a5ac2f1f611109c8e41356f33c8aa31398bcbe2fcd08c22f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: ASP.NET
content-length: 8420
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Feb 2024 10:44:32 GMT
server: cloudflare
etag: "0e8f4f6445bda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 89189dbcbdd42be0-FRA
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';

GET
H2 200 modernizr Show response
navi.discount-domain.com/bundles/ 11 KB
5 KB 1683ms
1682ms Script
text/javascript 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jun 2024 10:18:15 GMT
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache, no-store, must-revalidate
cf-ray: 89189dbcbdd52be0-FRA
expires: Tue, 10 Jun 2025 10:18:15 GMT

GET
H2 200 back.js Show response
navi.discount-domain.com/Scripts/ 116 B
237 B 1375ms
1375ms Script
application/javascript 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/Scripts/back.js

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3ffc30ee15f43973db16fa1ae688ac3f627aac344ed5ebae84d0e311e154aeb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Feb 2024 10:44:32 GMT
server: cloudflare
etag: W/"db7a7cf7445bda1:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89189dbcbdd82be0-FRA
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';

GET
H2 200 logo.gif
navi.discount-domain.com/images/ 10 KB
10 KB 1724ms
1723ms Image
image/gif 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://navi.discount-domain.com/images/logo.gif

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

df2e060b68db5446bcea8c1785a246d5d05f1c3f9aba5c8d22f3bcdc33c34d6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
x-powered-by: ASP.NET
content-length: 10289
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Feb 2024 10:44:33 GMT
server: cloudflare
etag: "259fc1f7445bda1:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 89189dbcbdd92be0-FRA
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';

GET
H2 200 com_unix_ttl01.gif
navi.discount-domain.com/images/ 16 KB
17 KB 1625ms
1625ms Image
image/gif 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://navi.discount-domain.com/images/com_unix_ttl01.gif

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

10b9538d91e9b6694be677a72c49e61684af53af0c448f8ab96389bd0575d7a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
x-powered-by: ASP.NET
content-length: 16883
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Feb 2024 10:44:33 GMT
server: cloudflare
etag: "3bdabcf7445bda1:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 89189dbcbddb2be0-FRA
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';

GET
H2 200 jquery Show response
navi.discount-domain.com/bundles/ 91 KB
33 KB 382ms
382ms Script
text/javascript 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jun 2024 10:18:15 GMT
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache, no-store, must-revalidate
cf-ray: 89189dc6daee2be0-FRA
expires: Tue, 10 Jun 2025 10:18:15 GMT

GET
H2 200 bootstrap Show response
navi.discount-domain.com/bundles/ 30 KB
9 KB 713ms
711ms Script
text/javascript 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
date: Mon, 10 Jun 2024 10:18:16 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jun 2024 10:18:15 GMT
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache, no-store, must-revalidate
cf-ray: 89189dc74b5d2be0-FRA
expires: Tue, 10 Jun 2025 10:18:15 GMT

GET main.js
lss.g-system.io/b/ 0
0

GET
H2 200 jqueryval Show response
navi.discount-domain.com/bundles/ 25 KB
8 KB 382ms
381ms Script
text/javascript 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navi.discount-domain.com/bundles/jqueryval?v=hEGG8cMxk9p0ncdRUOJ-CnKN7NezhnPnWIvn6REucZo1

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Default/Login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jun 2024 10:18:15 GMT
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache, no-store, must-revalidate
cf-ray: 89189dc74b5e2be0-FRA
expires: Tue, 10 Jun 2025 10:18:15 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
945 B 131ms
48ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Default/Login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

ce1a9b8660929c7a2de5ee020cc4984e92d8f5123e382bbaf84f3828fd3e0a1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 10 Jun 2024 10:18:15 GMT

GET
H2 200 navi_hdr_bg01.gif
navi.discount-domain.com/images/ 9 KB
9 KB 388ms
388ms Image
image/gif 104.18.19.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://navi.discount-domain.com/images/navi_hdr_bg01.gif

Requested by

Host: navi.discount-domain.com
URL: https://navi.discount-domain.com/Content/mixin/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

064dd32267c9ae49d64cdca14f4603f925f4a7dcbdb5990c2fc864f419074c05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://navi.discount-domain.com/Content/mixin/base.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 10:18:15 GMT
content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: DYNAMIC
x-powered-by: ASP.NET
content-length: 9451
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Feb 2024 10:44:33 GMT
server: cloudflare
etag: "4c1c4f7445bda1:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 89189dc75b702be0-FRA
x-content-security-policy: default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lss.g-system.io
URL: https://lss.g-system.io/b/main.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			navi.discount-domain.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: scvxbjr5vnukkuqn2mwb34jm

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.google.com www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' www.google.com www.gstatic.com lss.g-system.io 'unsafe-inline' 'unsafe-eval'; frame-src www.google.com; connect-src lss.g-system.io 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lss.g-system.io
navi.discount-domain.com
www.google.com
lss.g-system.io
104.18.19.236
142.250.186.100
064dd32267c9ae49d64cdca14f4603f925f4a7dcbdb5990c2fc864f419074c05
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
10b9538d91e9b6694be677a72c49e61684af53af0c448f8ab96389bd0575d7a4
300d0302bbcda7b2a5ac2f1f611109c8e41356f33c8aa31398bcbe2fcd08c22f
3ffc30ee15f43973db16fa1ae688ac3f627aac344ed5ebae84d0e311e154aeb2
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
afd5b5ba8998ee67d98425ba553002cb98cec036b55bc8b1510acc4ee343e0d9
ce1a9b8660929c7a2de5ee020cc4984e92d8f5123e382bbaf84f3828fd3e0a1a
df2e060b68db5446bcea8c1785a246d5d05f1c3f9aba5c8d22f3bcdc33c34d6c

navi.discount-domain.com Open in urlscan Pro 104.18.19.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

101 kBTransfer

276 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

navi.discount-domain.com Open in urlscan Pro
104.18.19.236 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

101 kB
Transfer

276 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions