![](/screenshots/3077bfab-3045-4e31-a2a6-c0a77ab262e1.png)
navi2.hdweb.com
Open in
urlscan Pro
67.210.196.68
Public Scan
Effective URL: https://navi2.hdweb.com/login.html
Submission Tags: phishingrod
Submission: On July 09 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 30th 2024. Valid for: 3 months.
This is the only time navi2.hdweb.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 67.210.196.68 67.210.196.68 | 25899 (LSNET) (LSNET) | |
7 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
hdweb.com
1 redirects
navi2.hdweb.com |
117 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
8 | navi2.hdweb.com |
1 redirects
navi2.hdweb.com
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
navi.hdweb.com R3 |
2024-04-30 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://navi2.hdweb.com/login.html
Frame ID: 33C9EC63986E12537F8C05E343F926A4
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/3077bfab-3045-4e31-a2a6-c0a77ab262e1.png)
Page Title
navi :: Login :: LoginPage URL History Show full URLs
-
https://navi2.hdweb.com/
HTTP 302
https://navi2.hdweb.com/login.html Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://navi2.hdweb.com/
HTTP 302
https://navi2.hdweb.com/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
navi2.hdweb.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
navi2.hdweb.com/js/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
navi2.hdweb.com/static/css/navi3/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
navi2.hdweb.com/static/css/navi3/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
navi2.hdweb.com/static/css/print/ |
478 B 807 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hdi_logo.png
navi2.hdweb.com/static/css/navi3/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
navi2.hdweb.com/ |
3 KB 4 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
navi2.hdweb.com/ | Name: webhammer_session Value: 99e0fb0404f479d546f6cdf6c710c04944030071 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
navi2.hdweb.com
67.210.196.68
1e8f03669b7e706149fb32902e6b7771e695f96b4a6b99e20ec8d8594989234a
1ec1e9377e1a96b13254fbf8d16c733990c24277bf20f0ae2c4118a1f66c5130
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
7f73e001edb128cb664c193e7f36c0536dc9c2afa897554d745a501e716399ae
8e795c9e5f8e3295c7657e06f24dc7cd53b73a31bf433d45bd9c547f46e6eff1
a011bb0115b2c628df747e4296b186e8323b9842c81ed2cc88346bf0a4712084
b5a6084f98457876eaad974127e6254b807f959f36cf24a73965733b42c7a02e