login.costing-tool.renoassistance.ca

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 35.234.248.49, located in Montreal, Canada and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is login.costing-tool.renoassistance.ca.
TLS certificate: Issued by R3 on June 17th 2022. Valid for: 3 months.

This is the only time login.costing-tool.renoassistance.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	35.234.248.49 35.234.248.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
5	3

4 35.234.248.49 (Montreal, Canada) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.248.234.35.bc.googleusercontent.com

login.costing-tool.renoassistance.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	renoassistance.ca 1 redirects login.costing-tool.renoassistance.ca	145 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
5	3

	Domain	Requested by
4	login.costing-tool.renoassistance.ca	1 redirects login.costing-tool.renoassistance.ca
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	login.costing-tool.renoassistance.ca
5	3

This site contains no links.

Subject Issuer	Validity	Valid
login.costing-tool.renoassistance.ca R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.costing-tool.renoassistance.ca/login
Frame ID: 1F2717C2EEFBF5552D8532EF2E08709C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Costing Tool

Page URL History Show full URLs

https://login.costing-tool.renoassistance.ca/ HTTP 302
https://login.costing-tool.renoassistance.ca/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

180 kB
Transfer

768 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.costing-tool.renoassistance.ca/ HTTP 302
https://login.costing-tool.renoassistance.ca/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
login.costing-tool.renoassistance.ca/
Redirect Chain

https://login.costing-tool.renoassistance.ca/
https://login.costing-tool.renoassistance.ca/login

6 KB
4 KB

24ms
23ms

Document
text/html

35.234.248.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.costing-tool.renoassistance.ca/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.234.248.49 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.248.234.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b91fd40a2527ea542ea6d2c638a9bfd8c10286d1531764451844af28c7dd1eba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Jun 2022 09:45:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Jun 2022 09:45:19 GMT
Location: https://login.costing-tool.renoassistance.ca/login
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 80ms
35ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap

Requested by

Host: login.costing-tool.renoassistance.ca
URL: https://login.costing-tool.renoassistance.ca/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bd74a64616e1bd368aa08e0576ecd57aed273300c4660ae3ebc0be0e802f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.costing-tool.renoassistance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 08:42:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Jun 2022 09:45:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Jun 2022 09:45:19 GMT

GET
H/1.1 200
OK app.css
login.costing-tool.renoassistance.ca/css/ 30 KB
7 KB 14ms
13ms Stylesheet
text/css 35.234.248.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.costing-tool.renoassistance.ca/css/app.css
Requested by: Host: login.costing-tool.renoassistance.ca
URL: https://login.costing-tool.renoassistance.ca/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.234.248.49 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.248.234.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f8dd15fb6be856748d09a0622fe556ba074820f5e28d928e35f956b025c9e987

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.costing-tool.renoassistance.ca/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 09:45:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 17:50:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"628bc954-7601"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app.js Show response
login.costing-tool.renoassistance.ca/js/ 693 KB
133 KB 20ms
20ms Script
application/javascript 35.234.248.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.costing-tool.renoassistance.ca/js/app.js
Requested by: Host: login.costing-tool.renoassistance.ca
URL: https://login.costing-tool.renoassistance.ca/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.234.248.49 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.248.234.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0c54761234d9b52469e4cb45d230cd43ce19f0265f4fa4ea1f1335db2ee6c2c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.costing-tool.renoassistance.ca/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 09:45:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 17:50:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"628bc954-ad407"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v24/ 35 KB
36 KB 70ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v24/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.costing-tool.renoassistance.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:16:15 GMT
x-content-type-options: nosniff
age: 304144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:23:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 21:16:15 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.costing-tool.renoassistance.ca/	1970-01-20 03:51:06	Name: XSRF-TOKEN Value: eyJpdiI6Im5KTHRQT0lWaEphTnorV1psd0ErWEE9PSIsInZhbHVlIjoiQzVXb0Q3Und1aThPKzlSdTgrSDNOdHBXeDZFVkMrQU5ybTlRZUVOOFRndVNrQWZEWlRSTmxBMDRvNnpDSTdmVDl4YkNGaURoL2ZCYnVkMGNKUVNvekxaYkdIYVdDcnBOVW1ObnJKMk1lUUx4Ty9jaTNWVGR4cG90d1ZJVnlDc0QiLCJtYWMiOiI3M2I3YzY3NzUxZmQ3MTkyZGQzYTMzNjFmNGNhYzQyNTk4NTBkY2M0MjJhMDY2MTFiNzU3Zjc1NjQyZTE3YTFhIiwidGFnIjoiIn0%3D
			login.costing-tool.renoassistance.ca/	1970-01-20 03:51:06	Name: costing_tool_session Value: eyJpdiI6IkNGdC9EL09Kc1h4MXpnVW56VjVIZkE9PSIsInZhbHVlIjoiVEJKKzZSeDdTREo4c09rdzdqSTRGSW9rM1IwYVFkVUlvNGJrQjVpazB1OXJ3OXlPZWtNbHl1clhZZlRyczJlSWRuckZHKzdTUWhwSXNhMjlJcGdqYk10amc5QUI1VWd1eHNuSEJmNzlhTUl2QXA5SHBGQUV1RGUrY3o1SzcrNm0iLCJtYWMiOiI2ZDFjZGQ2MjQyZGE4ZGE0NjM3Yzk4OWU0MWFlYzczNDdhY2E0Y2JhYmRjMTBlOWY3NjgwMjQ3ZmUyYWRkYmI0IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.costing-tool.renoassistance.ca
2607:f8b0:4006:816::2003
2607:f8b0:4006:824::200a
35.234.248.49
0c54761234d9b52469e4cb45d230cd43ce19f0265f4fa4ea1f1335db2ee6c2c0
69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2
8bd74a64616e1bd368aa08e0576ecd57aed273300c4660ae3ebc0be0e802f218
b91fd40a2527ea542ea6d2c638a9bfd8c10286d1531764451844af28c7dd1eba
f8dd15fb6be856748d09a0622fe556ba074820f5e28d928e35f956b025c9e987

login.costing-tool.renoassistance.ca Open in urlscan Pro 35.234.248.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

180 kBTransfer

768 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Indicators

login.costing-tool.renoassistance.ca Open in urlscan Pro
35.234.248.49 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

180 kB
Transfer

768 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions