login.rdmanager.ca Open in urlscan Pro
35.203.72.218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.rdmanager.ca/
Submission: On April 01 via automatic, source certstream-suspicious (April 1st 2020, 5:04:54 am UTC)

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 35.203.72.218, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is login.rdmanager.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 1st 2020. Valid for: 3 months.

This is the only time login.rdmanager.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	35.203.72.218 35.203.72.218		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a		15169 (GOOGLE) (GOOGLE)
1	35.203.115.69 35.203.115.69		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::200e		15169 (GOOGLE) (GOOGLE)
13	5

7 35.203.72.218 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 218.72.203.35.bc.googleusercontent.com

login.rdmanager.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.203.115.69 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 69.115.203.35.bc.googleusercontent.com

www.labplus.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	rdmanager.ca login.rdmanager.ca	156 KB
3	google-analytics.com www.google-analytics.com	18 KB
1	labplus.biz www.labplus.biz
1	googleapis.com ajax.googleapis.com fonts.googleapis.com Failed	33 KB
13	4

	Domain	Requested by
7	login.rdmanager.ca	login.rdmanager.ca
3	www.google-analytics.com	login.rdmanager.ca
1	www.labplus.biz	login.rdmanager.ca
1	ajax.googleapis.com	login.rdmanager.ca
0	fonts.googleapis.com Failed	login.rdmanager.ca
13	5

This site contains links to these domains. Also see Links.

Domain
www.labplus.biz

Subject Issuer	Validity	Valid
login.rdmanager.ca Let's Encrypt Authority X3	`2020-04-01` - `2020-06-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.labplus.biz Let's Encrypt Authority X3	`2020-03-03` - `2020-06-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.rdmanager.ca/
Frame ID: D14E3728ACE83921EB4005C069ED28F4
Requests: 12 HTTP requests in this frame

Frame: https://www.labplus.biz/fonctions-laboratoire-lims
Frame ID: 79F514ECCB6CE6D2510B471ECDDD3D8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

206 kB
Transfer

652 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.labplus.biz/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request Cookie set / Show response
login.rdmanager.ca/ 9 KB
4 KB 345ms
105ms Document
text/html 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c5589b5b439a11c5ec301e47262178fccad5b1e670b5f29f48500c83e74a2555

Request headers

Host: login.rdmanager.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Wed, 01 Apr 2020 05:04:35 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Language: fr-CA
Set-Cookie: cfid=16d7e9d0-29a0-4473-a5f5-caffa7352118;Path=/;Domain=.login.rdmanager.ca;Expires=Tue, 21-Apr-2020 06:42:39 UTC;HTTPOnly cftoken=0;Path=/;Domain=.login.rdmanager.ca;Expires=Tue, 21-Apr-2020 06:42:39 UTC;HTTPOnly
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.12.34.2-0
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 3021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK A.login,,_normalize.css+bootstrap,,_bootstrap.css+login,,_font-awesome.min.css+login,,_components.css+login,,_login.css,Mcc.xWxPx9UwlK.css.pagespeed.cf.NAKMH-oi_M.css
login.rdmanager.ca/css/ 358 KB
50 KB 100ms
100ms Stylesheet
text/css 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.rdmanager.ca/css/A.login,,_normalize.css+bootstrap,,_bootstrap.css+login,,_font-awesome.min.css+login,,_components.css+login,,_login.css,Mcc.xWxPx9UwlK.css.pagespeed.cf.NAKMH-oi_M.css
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e7b81bd20321a6ce6557fd1fa2c0ddba405b84e2be9989aaad819bab70fe8c88

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 01 Apr 2020 05:04:35 GMT
Content-Encoding: gzip
X-Original-Content-Length: 466436
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Last-Modified: Wed, 01 Apr 2020 05:04:35 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 50516
Expires: Thu, 01 Apr 2021 05:04:35 GMT

GET
H/1.1 200
OK modernizr-2.6.2.min.js.pagespeed.jm.HFGCZXAk6a.js Show response
login.rdmanager.ca/js/ 14 KB
6 KB 374ms
100ms Script
application/javascript 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.rdmanager.ca/js/modernizr-2.6.2.min.js.pagespeed.jm.HFGCZXAk6a.js
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6d77e62deaa43cca81560bf11cd5ccd8d3583bd4936ed1ea2d639d13d3e5c4c0

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 05:04:36 GMT
Content-Encoding: gzip
X-Original-Content-Length: 15418
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Last-Modified: Wed, 01 Apr 2020 05:04:15 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5983
Expires: Thu, 01 Apr 2021 05:04:15 GMT

GET
H/1.1 200
OK xlogin-logo.png.pagespeed.ic.fAFsLPxlj1.webp
login.rdmanager.ca/img/header/ 7 KB
8 KB 485ms
110ms Image
image/png 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.rdmanager.ca/img/header/xlogin-logo.png.pagespeed.ic.fAFsLPxlj1.webp

Requested by

Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

218.72.203.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

8feb4bc0f39ce692d2094fd55b1fa5b2a7df8016038d45c5dedc31d441e8d6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 01 Apr 2020 05:04:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 19:48:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: image/png
Cache-Control: max-age=300,private
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://login.rdmanager.ca/img/header/login-logo.png>; rel="canonical"
Content-Length: 7399
Keep-Alive: timeout=5, max=97
Expires: Wed, 01 Apr 2020 05:09:01 GMT

GET
H/1.1 200
OK xslide-1.jpg.pagespeed.ic.Dhy5pnqfT4.webp
login.rdmanager.ca/img/ 9 KB
9 KB 873ms
100ms Image
image/webp 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.rdmanager.ca/img/xslide-1.jpg.pagespeed.ic.Dhy5pnqfT4.webp
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bf6f4ab168779f24b5f34bfa23ff0e0f6f3e1565f1a45871a90292192fa20efb

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 01 Apr 2020 05:04:36 GMT
X-Original-Content-Length: 62964
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Content-Type: image/webp
Cache-Control: max-age=31536000
Last-Modified: Wed, 01 Apr 2020 05:04:15 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://login.rdmanager.ca/img/slide-1.jpg>; rel="canonical"
Content-Length: 8888
Keep-Alive: timeout=5, max=94
Expires: Thu, 01 Apr 2021 05:04:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1861794
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Mar 2021 15:54:42 GMT

GET
H/1.1 200
OK bootstrap.min.js+jquery.validate.min.js+login.js.pagespeed.jc.vbV__dmyWQ.js Show response
login.rdmanager.ca/js/ 55 KB
15 KB 382ms
100ms Script
application/javascript 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.rdmanager.ca/js/bootstrap.min.js+jquery.validate.min.js+login.js.pagespeed.jc.vbV__dmyWQ.js
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e899f4794c57090edf58c283f1bea7173327aae8497f6a021fabe0ded25d0ab1

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 05:04:36 GMT
Content-Encoding: gzip
X-Original-Content-Length: 56794
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Last-Modified: Wed, 01 Apr 2020 05:04:24 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 15191
Expires: Thu, 01 Apr 2021 05:04:24 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK fonctions-laboratoire-lims
www.labplus.biz/ Frame 79F5 0
0 515ms
191ms Document
text/html 35.203.115.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labplus.biz/fonctions-laboratoire-lims
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 35.203.115.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.115.203.35.bc.googleusercontent.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: www.labplus.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://login.rdmanager.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://login.rdmanager.ca/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetWebPages-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 01 Apr 2020 05:04:36 GMT
Content-Length: 21353

GET
H/1.1 200
OK fontawesome-webfont.woff
login.rdmanager.ca/fonts/ 64 KB
64 KB 193ms
100ms Font
application/font-woff 35.203.72.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.rdmanager.ca/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.203.72.218 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.72.203.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://login.rdmanager.ca/css/A.login,,_normalize.css+bootstrap,,_bootstrap.css+login,,_font-awesome.min.css+login,,_components.css+login,,_login.css,Mcc.xWxPx9UwlK.css.pagespeed.cf.NAKMH-oi_M.css
Origin: https://login.rdmanager.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 01 Apr 2020 05:04:36 GMT
Last-Modified: Fri, 18 May 2018 19:48:09 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "ffac-56c803b47b2f4"
Content-Type: application/font-woff
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 65452

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1864
date: Wed, 01 Apr 2020 04:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 01 Apr 2020 06:33:32 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1937971674&t=pageview&_s=1&dl=https%3A%2F%2Flogin.rdmanager.ca%2F&ul=en-us&de=UTF-8&dt=Connexion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1146592784&gjid=178525307&cid=796432009.1585717477&tid=UA-21565342-6&_gid=834401970.1585717477&_r=1&z=1485538103

Requested by

Host: login.rdmanager.ca
URL: https://login.rdmanager.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 01 Apr 2020 05:04:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1937971674&t=timing&_s=2&dl=https%3A%2F%2Flogin.rdmanager.ca%2F&ul=en-us&de=UTF-8&dt=Connexion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2683&pdt=1&dns=38&rrt=0&srt=105&tcp=201&dit=1126&clt=1126&_gst=1125&_gbt=1136&_u=IEBAAAAB~&jid=&gjid=&cid=796432009.1585717477&tid=UA-21565342-6&_gid=834401970.1585717477&z=675503234

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.rdmanager.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 03:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 349987
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| yepnope function| $ function| jQuery string| mod_pagespeed_ItsjHfSVxq string| mod_pagespeed_iwWxuEk8wU string| mod_pagespeed_WU4aSPDKKu object| jQuery11020690287505536564 object| Login string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.labplus.biz/	1970-01-20 01:59:49	Name: _ga Value: GA1.2.72465766.1585717477
			.login.rdmanager.ca/	1970-01-19 08:28:37	Name: _gat Value: 1
			.login.rdmanager.ca/	1970-01-19 08:57:31	Name: cfid Value: 16d7e9d0-29a0-4473-a5f5-caffa7352118
			.login.rdmanager.ca/	1970-01-19 08:30:03	Name: _gid Value: GA1.3.834401970.1585717477
			.labplus.biz/	1970-01-19 08:30:03	Name: _gid Value: GA1.2.427732846.1585717477
			.login.rdmanager.ca/	1970-01-20 01:59:49	Name: _ga Value: GA1.3.796432009.1585717477
			.labplus.biz/	1970-01-19 08:28:37	Name: _gat_gtag_UA_86229018_42 Value: 1
			.login.rdmanager.ca/	1970-01-19 08:57:31	Name: cftoken Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
login.rdmanager.ca
www.google-analytics.com
www.labplus.biz
fonts.googleapis.com
2a00:1450:4001:800::200a
2a00:1450:4001:81d::200e
35.203.115.69
35.203.72.218
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
6d77e62deaa43cca81560bf11cd5ccd8d3583bd4936ed1ea2d639d13d3e5c4c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8feb4bc0f39ce692d2094fd55b1fa5b2a7df8016038d45c5dedc31d441e8d6d5
bf6f4ab168779f24b5f34bfa23ff0e0f6f3e1565f1a45871a90292192fa20efb
c5589b5b439a11c5ec301e47262178fccad5b1e670b5f29f48500c83e74a2555
e7b81bd20321a6ce6557fd1fa2c0ddba405b84e2be9989aaad819bab70fe8c88
e899f4794c57090edf58c283f1bea7173327aae8497f6a021fabe0ded25d0ab1
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d