one.hvac-portal.com Open in urlscan Pro
138.197.166.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one.hvac-portal.com/
Effective URL:
https://one.hvac-portal.com/login?logout=true
Submission Tags: @phish_report
Submission: On January 05 via api (January 5th 2024, 2:08:36 am UTC) from FI — Scanned from NZ

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 138.197.166.221, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is one.hvac-portal.com.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.

This is the only time one.hvac-portal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	138.197.166.221 138.197.166.221	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2404:6800:400... 2404:6800:4006:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4006:809::2003	15169 (GOOGLE) (GOOGLE)
16	6

9 138.197.166.221 (Toronto, Canada) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

one.hvac-portal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

webrtc.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:812::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hvac-portal.com 2 redirects one.hvac-portal.com	349 KB
4	gstatic.com fonts.gstatic.com	59 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	4 KB
1	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 12245	666 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	862 B
1	github.io webrtc.github.io — Cisco Umbrella Rank: 115841	29 KB
16	6

	Domain	Requested by
9	one.hvac-portal.com	2 redirects one.hvac-portal.com
4	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	one.hvac-portal.com
1	fonts.cdnfonts.com	one.hvac-portal.com
1	cdn.jsdelivr.net	one.hvac-portal.com
1	webrtc.github.io	one.hvac-portal.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
one.hvac-portal.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://one.hvac-portal.com/login?logout=true
Frame ID: FFB41BC8831B96B4B045DD29EA43BDF8
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://one.hvac-portal.com/ HTTP 301
https://one.hvac-portal.com/ HTTP 302
https://one.hvac-portal.com/login?logout=true Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

440 kB
Transfer

1832 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one.hvac-portal.com/ HTTP 301
https://one.hvac-portal.com/ HTTP 302
https://one.hvac-portal.com/login?logout=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
one.hvac-portal.com/
Redirect Chain

http://one.hvac-portal.com/
https://one.hvac-portal.com/
https://one.hvac-portal.com/login?logout=true

4 KB
2 KB

270ms
270ms

Document
text/html

138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/login?logout=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c8c0a859db1a18575f2c9523c393668c3807d86f2a444ed18561936fb6ab6e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Fri, 05 Jan 2024 02:08:26 GMT
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Fri, 05 Jan 2024 02:08:26 GMT
location: https://one.hvac-portal.com/login?logout=true
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 adapter-latest.js Show response
webrtc.github.io/adapter/ 135 KB
29 KB 114ms
35ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://webrtc.github.io/adapter/adapter-latest.js
Requested by: Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/login?logout=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: ebc5d3d0eb9e6bcdae666c9aa4d45a8e9c66b936201ed136025ff6a3a56bbed9

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-fastly-request-id: 192bf01d4b9897c389e1484b66105138c948859a
date: Fri, 05 Jan 2024 02:08:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 474
age: 211
x-cache: HIT
x-proxy-cache: HIT
content-length: 28875
x-served-by: cache-akl10321-AKL
last-modified: Thu, 23 Mar 2023 09:31:32 GMT
server: GitHub.com
x-github-request-id: 4AFE:27B2ED:36CA6D:3ACFCE:6596BC6E
x-timer: S1704420507.925020,VS0,VE1
etag: W/"641c1c74-21cdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 04 Jan 2024 14:19:28 GMT

GET
H2 200 index-sUYnQqxL.js Show response
one.hvac-portal.com/build/assets/ 1 MB
294 KB 3415ms
3414ms Script
application/javascript 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/build/assets/index-sUYnQqxL.js

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/login?logout=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5a8a22d169fc148d654f6776214d0c82e0f04e76f6ed00563eed12ea734f9083

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://one.hvac-portal.com/login?logout=true
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 04 Jan 2024 01:44:24 GMT
server: nginx
cross-origin-opener-policy: same-origin
content-encoding: br
etag: W/"65960d78-1236c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:08:26 GMT

GET
H2 200 index-9OMtD0AN.css
one.hvac-portal.com/build/assets/ 385 KB
47 KB 1228ms
1227ms Stylesheet
text/css 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/build/assets/index-9OMtD0AN.css

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/login?logout=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

672b5d3d795209a39295a18610d39c391681b03897222e1fe564cf76e7e7827f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.hvac-portal.com/login?logout=true
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 04 Jan 2024 01:44:24 GMT
server: nginx
cross-origin-opener-policy: same-origin
content-encoding: br
etag: W/"65960d78-605db"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:08:26 GMT

GET
H2 200 material-icons.css
cdn.jsdelivr.net/npm/@quasar/extras/material-icons/ 802 B
862 B 388ms
314ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@quasar/extras/material-icons/material-icons.css

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/login?logout=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ca115180686da139b7c233cb295db578f3ee2794b63d33fc5826e5d3fea4b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 02:08:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12278
x-jsd-version: 1.16.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 412
x-served-by: cache-fra-etou8220026-FRA, cache-akl10323-AKL
x-jsd-version-type: version
etag: W/"322-IM6s8DV2x9Np21D29o5V3Mo4LUQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 699 B
752 B 647ms
247ms Stylesheet
text/css 2404:6800:4006:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,1,0

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/login?logout=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7414c732ec8f87057363f7eb479ab0bc5cd5b6d1a39b8dee733bfa921bc87e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 05 Jan 2024 02:08:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 80 KB
3 KB 264ms
263ms Stylesheet
text/css 2404:6800:4006:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Coda&family=Taprom&family=Fasthand&family=PT+MonoBarlow:wght@100;200;300;400;500;600;700;800;900&family=Roboto:wght@100;200;300;400;500;600;700;800;900&family=Source+Sans+Pro:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@100;200;300;400;500;600;700;800;900&family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-9OMtD0AN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89bc9201d5998a4a932db6c95a3beeb87b2466f773c344464fc01593a85f3d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 02:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 05 Jan 2024 02:08:28 GMT

GET
H2 200 rage-italic
fonts.cdnfonts.com/css/ 161 B
666 B 495ms
166ms Stylesheet
text/css 2606:4700:e2::ac40:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/rage-italic
Requested by: Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-9OMtD0AN.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d03a22e66ca58a98bc66325b41524e0ddd10342078b7a2741821c1652d6e0f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4581732
cf-polished: origSize=196
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Nov 2023 01:26:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNPQxQ7zu5SYyTIuECo0PXnmNQxQWr4A%2BbLIE%2BYWinHoSc7IVTOyFvYn3Z72Bv%2BK6DWlm5to5WCYVty%2FndNOAb4j57rZbUIbqyYkAPSZYhjmiSla6fQxFjstB4lLqvmNJ5MoMmrHjcQpks35ZonBU%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84082c737a989e40-SIN

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 14 KB
14 KB 551ms
153ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Coda&family=Taprom&family=Fasthand&family=PT+MonoBarlow:wght@100;200;300;400;500;600;700;800;900&family=Roboto:wght@100;200;300;400;500;600;700;800;900&family=Source+Sans+Pro:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@100;200;300;400;500;600;700;800;900&family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07f829b982f6cd9fffea053209fe0d55cb9e6d72ec8573db6ee5041a6f5dd2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 10:09:04 GMT
x-content-type-options: nosniff
age: 230365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14120
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 10:09:04 GMT

GET
H2 200 logout Show response
one.hvac-portal.com/ 62 B
1 KB 1631ms
1139ms Fetch
application/json 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/logout

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-sUYnQqxL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3c68014d46c1dc0b3049242edc07dcaf34efa09d1a4976c60d8d0d7b7c4f4069

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://one.hvac-portal.com/login?logout=true
X-CSRF-TOKEN: ca6weaKlSvapRMKzayMjBx0muWnMGnfqBgmuRhkN
X-Requested-With: XMLHttpRequest
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: br
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 login-k6cj6IW1.js Show response
one.hvac-portal.com/build/assets/ 2 KB
1 KB 716ms
254ms Script
application/javascript 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/build/assets/login-k6cj6IW1.js

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-sUYnQqxL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ed4b8fb2455c838246f167c088b42b07db0322930e7bdb781afd75cb1a881db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 04 Jan 2024 01:44:24 GMT
server: nginx
cross-origin-opener-policy: same-origin
content-encoding: br
etag: W/"65960d78-8a1"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:08:31 GMT

GET
H2 200 auto-row-zGnSP2aG.js Show response
one.hvac-portal.com/build/assets/ 450 B
640 B 711ms
249ms Script
application/javascript 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/build/assets/auto-row-zGnSP2aG.js

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-sUYnQqxL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

64f6a7e2584d4b118cd015134ca82081fa2a34a1d2eff8d9f948e0dfac6003f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 04 Jan 2024 01:44:24 GMT
server: nginx
cross-origin-opener-policy: same-origin
content-encoding: br
etag: W/"65960d78-1c2"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:08:31 GMT

GET
H2 200 useTitle-8uh51eCS.js Show response
one.hvac-portal.com/build/assets/ 195 B
513 B 709ms
247ms Script
application/javascript 138.197.166.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://one.hvac-portal.com/build/assets/useTitle-8uh51eCS.js

Requested by

Host: one.hvac-portal.com
URL: https://one.hvac-portal.com/build/assets/index-sUYnQqxL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.166.221 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f0b1f506c73bd2e3acf0789bf2787a77b00e002e7b8dc1495e3c2156ec02820b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 05 Jan 2024 02:08:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 04 Jan 2024 01:44:24 GMT
server: nginx
cross-origin-opener-policy: same-origin
content-encoding: br
etag: W/"65960d78-c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:08:31 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 15 KB
15 KB 155ms
154ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdP3pBms.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c578c605589348af2d18ad5cda84e81815b644251be6290756da0cd112bf2f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 29 Dec 2023 03:30:09 GMT
x-content-type-options: nosniff
age: 599902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15308
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 03:30:09 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 15 KB
15 KB 200ms
200ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c740f1101a18950b45ef3ebb857e342fd61344a3bacffb74e4fd7a1f9be6439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 31 Dec 2023 16:35:01 GMT
x-content-type-options: nosniff
age: 380010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Dec 2024 16:35:01 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 242ms
242ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.hvac-portal.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 03:58:34 GMT
x-content-type-options: nosniff
age: 252597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 03:58:34 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
one.hvac-portal.com/	1970-01-20 17:37:48	Name: __ga4 Value: b9TRXwPNmIH5JlIVDdLbND8zEfQotuaVyYfmuD8w
one.hvac-portal.com/	1970-01-20 17:37:48	Name: XSRF-TOKEN Value: eyJpdiI6Ik05ZHNBaVhLenhGeTFIaHRtSkRWY3c9PSIsInZhbHVlIjoia2VzT05IZVdGQ1U4cHNnQVNaWjZxcjJYWCtHbHdkcDBYWHZqcjFuN1A2RUxHcmt2S2ZZQWVTR2I5OC9oeWlVTU50TUU0QXFkNmFqbk82a2ZtOG5wczdTTEdpMW1jSE45dWMwNXFFKzRnbWxrZytlTVdxYlJ4NnJUeXU0UlVrbjQiLCJtYWMiOiJmNjlkMjQ2MGI2YzAyZmY1YTk5NjY2OTQ0NjA1MDA2Yjc3YzVmN2RlOTZjYTJmMzhkYTc2OTUwZmVjYWFmN2M4IiwidGFnIjoiIn0%3D
one.hvac-portal.com/	1970-01-20 17:37:48	Name: b9TRXwPNmIH5JlIVDdLbND8zEfQotuaVyYfmuD8w Value: %7B%22data%22%3A%22eyJpdiI6ImRwM2xSQWRqaURiSzVjQkJiVW5aV0E9PSIsInZhbHVlIjoiRXBuUVUrUVpaeHZ3eVl6c0IzRE5ESEtCWHA3WWR2RUNVSWdMWGdud2k3bm1sWjRyZHBTS292S2U4N1V2cmxjWkwvS0k0ZGEvVTdrRW5QMm8vZEl0UnBkQUpLYWNYQmtyTDVYZCs0SHVmdWpoeHdEZWpvMDZlQ1lUQ1Z6N0NINWl4UElUd3kwNGs2ajF6dEE3R1hRSmtFN1FaOVRzMVFFM2sxZXQwR2ZrNkR3OGdETXBIUk4raTllRkcxOVRPc1VSUU9ha1pwUEczRUV2VU9zUkZTWFJiZEJXdTV5cU5GQjIvQk9OdlhpbFk2MjBJa3dpL0hCUkJudEZqMDM4a0M3bmxUaktKMGlKaGJTRkFaangvcHdmdW0wQ1VyV2ducWdNb3Vwdmt2NTBWVEE9IiwibWFjIjoiYTAxYmZlYThhOTI1ZjQ1YzM0YTQyYjA0MTc2ODcwMjU5ZTJkYzcwMjU4Nzk2MDllNWUyNGMwNGFhOTU4ZmE1ZSIsInRhZyI6IiJ9%22%2C%22expires%22%3A1705068511%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
one.hvac-portal.com
webrtc.github.io
138.197.166.221
2404:6800:4006:809::2003
2404:6800:4006:812::200a
2606:4700:e2::ac40:8516
2606:50c0:8003::153
2a04:4e42:200::485
0c740f1101a18950b45ef3ebb857e342fd61344a3bacffb74e4fd7a1f9be6439
3c68014d46c1dc0b3049242edc07dcaf34efa09d1a4976c60d8d0d7b7c4f4069
5a8a22d169fc148d654f6776214d0c82e0f04e76f6ed00563eed12ea734f9083
64f6a7e2584d4b118cd015134ca82081fa2a34a1d2eff8d9f948e0dfac6003f4
672b5d3d795209a39295a18610d39c391681b03897222e1fe564cf76e7e7827f
84d03a22e66ca58a98bc66325b41524e0ddd10342078b7a2741821c1652d6e0f
89bc9201d5998a4a932db6c95a3beeb87b2466f773c344464fc01593a85f3d1b
9ca115180686da139b7c233cb295db578f3ee2794b63d33fc5826e5d3fea4b88
b07f829b982f6cd9fffea053209fe0d55cb9e6d72ec8573db6ee5041a6f5dd2d
b7414c732ec8f87057363f7eb479ab0bc5cd5b6d1a39b8dee733bfa921bc87e2
c578c605589348af2d18ad5cda84e81815b644251be6290756da0cd112bf2f1e
c8c0a859db1a18575f2c9523c393668c3807d86f2a444ed18561936fb6ab6e2b
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ebc5d3d0eb9e6bcdae666c9aa4d45a8e9c66b936201ed136025ff6a3a56bbed9
ed4b8fb2455c838246f167c088b42b07db0322930e7bdb781afd75cb1a881db7
f0b1f506c73bd2e3acf0789bf2787a77b00e002e7b8dc1495e3c2156ec02820b

one.hvac-portal.com Open in urlscan Pro 138.197.166.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

440 kBTransfer

1832 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

one.hvac-portal.com Open in urlscan Pro
138.197.166.221 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

440 kB
Transfer

1832 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions