login.microsoftonline.com Open in urlscan Pro
40.126.24.81  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://admin.r350d3v.cyber.gouv.qc.ca/ Page URL
2. https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US Page URL
3. https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response admin.r350d3v.cyber.gouv.qc.ca/	872 B 1 KB	245ms 56ms	Document text/html	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9ba805f56cd27eb720a6348c0944dff5f214e3a823a30300897e7c9f0193b3e3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes content-length 872 content-md5 pDQ+HA8Y/FmxP8YV5lTs2A== content-type text/html date Fri, 10 Feb 2023 17:58:19 GMT etag "0x8DB0B7F315E7E32" last-modified Fri, 10 Feb 2023 15:55:12 GMT x-azure-ref 0u4XmYwAAAAB4O8gRuOOUQqrmWgIwxF40WVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== x-cache CONFIG_NOCACHE x-ms-request-id 794d7a67-001e-00a8-7079-3d0f2c000000 x-ms-version 2018-03-28
GET H2	200	main.95fbd684.js Show response admin.r350d3v.cyber.gouv.qc.ca/static/js/	2 MB 571 KB	102ms 101ms	Script application/javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f4b4c9d49ff05d8b115d4dc035d03d2a10516515b1c70c634d35efbf48b27cdd Request headers accept-language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT content-encoding br last-modified Fri, 10 Feb 2023 15:55:29 GMT content-md5 IrlQy3/NoWZ2+nVOH/Yxxw== etag W/"0x8DB0B7F3BECE282" vary Accept-Encoding x-azure-ref 0u4XmYwAAAABxSgDbv99ZSYp0EMOJXyocWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== content-type application/javascript x-ms-request-id d2980b6c-f01e-003a-3679-3d8bfa000000 x-cache CONFIG_NOCACHE x-ms-version 2018-03-28
GET H2	200	main.712f7a0e.css admin.r350d3v.cyber.gouv.qc.ca/static/css/	1 KB 860 B	32ms 31ms	Stylesheet text/css	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/static/css/main.712f7a0e.css Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 80901e04ff9db05908cfa4741e49918466c9a0d3a2b8e76273f9f906e5c26768 Request headers accept-language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT content-encoding br last-modified Fri, 10 Feb 2023 15:55:28 GMT content-md5 iy9qWul6zH/kIp22NLKuLg== etag W/"0x8DB0B7F3B0E1659" vary Accept-Encoding x-azure-ref 0u4XmYwAAAAD3aeUyoof+S6EK7BpvCiouWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== content-type text/css x-ms-request-id 794d7a9d-001e-00a8-2179-3d0f2c000000 x-cache CONFIG_NOCACHE x-ms-version 2018-03-28
GET H2	200	admin.json Show response admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/	3 KB 1 KB	51ms 28ms	Fetch application/json	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/admin.json?mkt=fr-CA&v=1.3.5 Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 14138f35bd052a946b4dacd7e6def56a49e90ec545cc734d6dd66c916af10fcf Request headers Accept-Language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT content-encoding br last-modified Fri, 10 Feb 2023 15:55:34 GMT content-md5 erE2p8xACNeFFGXa5FQNhQ== etag W/"0x8DB0B7F3EA381C8" vary Accept-Encoding x-azure-ref 0u4XmYwAAAACzBkghhnNcTpGyAXGgShuyWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== content-type application/json x-ms-request-id 794d7db1-001e-00a8-7779-3d0f2c000000 x-cache CONFIG_NOCACHE x-ms-version 2018-03-28
GET H2	200	globals.json Show response admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/	321 B 544 B	116ms 93ms	Fetch application/json	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/globals.json?mkt=fr-CA&v=1.3.5 Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4f5aa27d78b047d9fdb084d32455e0255561e0a7b23de3220e73a657513cb670 Request headers Accept-Language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT last-modified Fri, 10 Feb 2023 15:55:34 GMT content-md5 MUkz99Gea1kIfYgbFhJBnQ== etag "0x8DB0B7F3EB4BD37" x-azure-ref 0u4XmYwAAAADw8pWDoJVqS6D7d5kKzZS7WVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== x-cache CONFIG_NOCACHE content-type application/json x-ms-request-id 71a7fb77-c01e-001e-4179-3d7d5a000000 x-ms-version 2018-03-28 accept-ranges bytes content-length 321
GET H2	200	admin.json admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/	2 KB 1 KB	129ms 106ms	Fetch application/json	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/admin.json?mkt=en-US&v=1.3.5 Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT content-encoding br last-modified Fri, 10 Feb 2023 15:55:34 GMT content-md5 5+ZU0zVEZQ7hNqotR5rjpg== etag W/"0x8DB0B7F3E8835C6" vary Accept-Encoding x-azure-ref 0u4XmYwAAAACl99O2RjlWSK5urZRTk0hcWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== content-type application/json x-ms-request-id d2980d11-f01e-003a-2779-3d8bfa000000 x-cache CONFIG_NOCACHE x-ms-version 2018-03-28
GET H2	200	globals.json Show response admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/	317 B 538 B	76ms 59ms	Fetch application/json	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/globals.json?mkt=en-US&v=1.3.5 Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 31182161179e50906df487c9fd54493d023ae899882fbc601c379b36bb5b959f Request headers Accept-Language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT last-modified Fri, 10 Feb 2023 15:55:34 GMT content-md5 2tjicyWEchru2XrHBIcaiw== etag "0x8DB0B7F3E9357A8" x-azure-ref 0u4XmYwAAAAAmDND2VMq9RYw2rcYRsn0gWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== x-cache CONFIG_NOCACHE content-type application/json x-ms-request-id c9145792-101e-009b-4e79-3d5087000000 x-ms-version 2018-03-28 accept-ranges bytes content-length 317
GET H2	404	edfdffe6-2243-474b-bf5d-bc2cd8791d30.webp admin.r350d3v.cyber.gouv.qc.ca/images/	872 B 872 B	80ms 33ms	Image text/html	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://admin.r350d3v.cyber.gouv.qc.ca/images/edfdffe6-2243-474b-bf5d-bc2cd8791d30.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT x-ms-error-code WebContentNotFound x-azure-ref 0vIXmYwAAAABTb4GFpLWHQoTRb2njehEoWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== x-cache CONFIG_NOCACHE content-type text/html x-ms-request-id 794d7ef2-001e-00a8-2179-3d0f2c000000 x-ms-version 2018-03-28 content-length 872
GET H2	200	logo.png admin.r350d3v.cyber.gouv.qc.ca/images/	10 KB 10 KB	94ms 47ms	Image image/png	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://admin.r350d3v.cyber.gouv.qc.ca/images/logo.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://admin.r350d3v.cyber.gouv.qc.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:19 GMT last-modified Fri, 10 Feb 2023 15:55:12 GMT content-md5 NeC9Ync0onQaHXgmtiBDsQ== etag "0x8DB0B7F31E1A3D4" x-azure-ref 0vIXmYwAAAAAC8Z1QXTHTTpysGGv8fDSDWVRPMjIxMDkwODE3MDExAGI4NjdiNDllLTkzYTAtNDVkZS1iY2JlLTMyMTFkYmYwZmYxNQ== x-cache CONFIG_NOCACHE content-type image/png x-ms-request-id c914580e-101e-009b-4379-3d5087000000 x-ms-version 2018-03-28 accept-ranges bytes content-length 9955
GET H/1.1	200 OK	openid-configuration login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/v2.0/.well-known/	2 KB 3 KB	321ms 143ms	Fetch application/json	40.126.24.81 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/v2.0/.well-known/openid-configuration Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.24.81 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/jwk-set+json, application/json Referer https://admin.r350d3v.cyber.gouv.qc.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Fri, 10 Feb 2023 17:58:20 GMT X-Content-Type-Options nosniff Referrer-Policy strict-origin-when-cross-origin nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} Access-Control-Allow-Methods GET, OPTIONS P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Access-Control-Allow-Origin * x-ms-request-id bcdb1706-c97c-4c2b-9beb-903d92e80e00 Content-Type application/json; charset=utf-8 Cache-Control max-age=86400, private report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} Content-Length 1753 x-ms-ests-server 2.1.14526.6 - NCUS ProdSlices X-XSS-Protection 0
GET H2	200	segoeui-regular.woff2 res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/	35 KB 36 KB	366ms 29ms	Font font/woff2	2600:1400:d::17db:5d73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d::17db:5d73 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://admin.r350d3v.cyber.gouv.qc.ca/ Origin https://admin.r350d3v.cyber.gouv.qc.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 17:58:20 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 14 Dec 2022 21:52:42 GMT x-cdn-provider Akamai content-type font/woff2 access-control-allow-origin * x-ms-request-id 6a1ce89a-401e-0085-6130-14efdf000000 access-control-expose-headers date,Akamai-Request-BC cache-control public, max-age=630720000 timing-allow-origin * content-length 36344
GET H/1.1	200 OK	authorize Show response login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/	151 KB 55 KB	542ms 441ms	Document text/html	40.126.24.81 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US Requested by Host: admin.r350d3v.cyber.gouv.qc.ca URL: https://admin.r350d3v.cyber.gouv.qc.ca/static/js/main.95fbd684.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.24.81 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6cbc9b7517b061cfb429661c4c4ac7242d3f9fd9ccfa8916347876f82dcb1e4a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://admin.r350d3v.cyber.gouv.qc.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-store, no-cache Content-Encoding gzip Content-Length 55087 Content-Type text/html; charset=utf-8 Date Fri, 10 Feb 2023 17:58:20 GMT Expires -1 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 0 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} x-ms-ests-server 2.1.14526.6 - WUS2 ProdSlices x-ms-request-id 6b4dfae3-65b8-4d6a-9abd-d9e366a12401
GET H/1.1	200 OK	Primary Request authorize Show response login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/	196 KB 51 KB	300ms 299ms	Document text/html	40.126.24.81 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.24.81 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c5ba7972433265385ac52e181ba06529532d5680139632a32096f8f0c75ab28d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-store, no-cache Content-Encoding gzip Content-Length 50199 Content-Type text/html; charset=utf-8 Date Fri, 10 Feb 2023 17:58:21 GMT Expires -1 Link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-DNS-Prefetch-Control on X-Frame-Options DENY X-XSS-Protection 0 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} x-ms-ests-server 2.1.14526.6 - NCUS ProdSlices x-ms-request-id d609fb5f-3d89-47c7-9326-9353f7bad900
GET H2	200	ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js Show response aadcdn.msauth.net/shared/1.0/content/js/	393 KB 111 KB	109ms 21ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490 Request headers Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:20 GMT content-encoding gzip x-azure-ref-originshield 0oEXgYwAAAADpvbaap1ZQTaCxmO6Gf1T8TU5aMjIxMDYwNjExMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 2lcEQ5vglpXqxT8YZRDC3A== x-cache TCP_HIT content-length 112847 x-ms-lease-status unlocked last-modified Fri, 16 Dec 2022 22:42:00 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DADFB6BF0B914F x-azure-ref 0vYXmYwAAAAAsMXHdes/9Sp403hKsmwU+WVRPMjIxMDkwODE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type application/x-javascript access-control-allow-origin * x-ms-request-id 15a85385-101e-004e-0d8a-38467f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H/1.1	200 OK	Me.htm login.live.com/	0 0	147ms 42ms	Other text/html	40.126.24.146 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.24.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers
GET H2	200	convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	107 KB 32 KB	89ms 40ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:20 GMT content-encoding gzip x-azure-ref-originshield 0HRneYwAAAABWLCpPwn77SoB7PhmjfLsoTU5aMjIxMDYwNjEyMDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 e/EZAgcGdIaZjab5+bzwzw== x-cache TCP_HIT content-length 32186 x-ms-lease-status unlocked last-modified Wed, 07 Dec 2022 05:02:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DAD81040AAC077 x-azure-ref 0vYXmYwAAAABlSUUwivAgRoxNggqKxtjyWVRPMjIxMDkwODE5MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type application/x-javascript access-control-allow-origin * x-ms-request-id dcccfe26-601e-0005-776b-38b079000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 20 KB	55ms 38ms	Other text/css	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:20 GMT content-encoding gzip x-azure-ref-originshield 0tifeYwAAAABgos6ERcLvT4ayWjVuNW8KTU5aMjIxMDYwNjExMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 9K2/nGCj75WAmmAI9nZNCA== x-cache TCP_HIT content-length 19970 x-ms-lease-status unlocked last-modified Thu, 04 Aug 2022 19:37:00 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA7650B37ACC3D x-azure-ref 0vYXmYwAAAAA7Dm4y5GMhR5F955p00QYrWVRPMjIxMDkwODE5MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type text/css access-control-allow-origin * x-ms-request-id 9d2670e4-b01e-0000-6e7a-383773000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 14 KB	36ms 21ms	Other application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:20 GMT content-encoding gzip x-azure-ref-originshield 04A7eYwAAAADqyJv+O5TaQqI9fMaO6EL5TU5aMjIxMDYwNjEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 tqbkP+PhqXwMAMOVpaJEcg== x-cache TCP_HIT content-length 13882 x-ms-lease-status unlocked last-modified Sat, 17 Dec 2022 08:38:03 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DAE00A033630F3 x-azure-ref 0vYXmYwAAAAA5+D16HlWBRLDtPlDUtaJyWVRPMjIxMDkwODE5MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type application/x-javascript access-control-allow-origin * x-ms-request-id c327ca1f-101e-0036-015f-38ec6e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	illustration aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/	233 KB 233 KB	139ms 24ms	Image image/*	152.199.4.73 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/illustration?ts=638002433063294811 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.4.73 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/788A) / Resource Hash d1165d337f36d0055db56c99252fa7ad0db9ef33582968761e129ddc4f4f8c2f Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:21 GMT last-modified Sat, 01 Oct 2022 17:48:26 GMT server ECAcc (nya/788A) content-md5 nxSS8h4Jse1fzXs/mBcEig== age 10438 etag 0x8DAA3D5249B9587 x-cache HIT content-type image/* x-ms-request-id 0538dfc6-701e-00a2-5160-3d4dc5000000 cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes content-length 238523
GET H2	200	bannerlogo aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/	10 KB 10 KB	137ms 22ms	Image image/*	152.199.4.73 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/bannerlogo?ts=638002433065745743 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.4.73 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/1C56) / Resource Hash 2cf019cc983c437a44778d667ce5073f82674b196090d8f90d26b49366d7c033 Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:21 GMT last-modified Sat, 01 Oct 2022 17:48:26 GMT server ECAcc (nya/1C56) content-md5 NeC9Ync0onQaHXgmtiBDsQ== age 10438 etag 0x8DAA3D524DB7F5D x-cache HIT content-type image/* x-ms-request-id c9a58eb1-901e-002b-6a60-3df4e1000000 cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes content-length 9955
GET H2	200	convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	111 KB 35 KB	21ms 21ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2 Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:21 GMT content-encoding gzip x-azure-ref-originshield 06YDlYwAAAADIJz8/Hh4YSLvNhH6cPLCMTU5aMjIxMDYwNjEyMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 x+Nhj00unyDBcQ40kWZ5lw== x-cache TCP_HIT content-length 35786 x-ms-lease-status unlocked last-modified Tue, 15 Nov 2022 20:12:21 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DAC745B3E8CFA6 x-azure-ref 0vYXmYwAAAADUVzAS5QAzRbdFl0ZwBUzqWVRPMjIxMDkwODE5MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type application/x-javascript access-control-allow-origin * x-ms-request-id dccd04fc-601e-0005-676b-38b079000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	signin-options_4e48046ce74f4b89d45037c90576bfac.svg aadcdn.msauth.net/shared/1.0/content/images/	2 KB 971 B	20ms 20ms	Image image/svg+xml	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 Request headers accept-language en-CA,en;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 10 Feb 2023 17:58:21 GMT content-encoding gzip x-azure-ref-originshield 0MTPeYwAAAABkL2bQO19GRq+F46oVd/2STU5aMjIxMDYwNjEyMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-md5 R2FAVxfpONfnQAuxVxXbHg== x-cache TCP_HIT content-length 621 x-ms-lease-status unlocked last-modified Tue, 10 Nov 2020 03:41:24 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D8852A7FA6B761 x-azure-ref 0voXmYwAAAABbcXpOwvGtS6OGygwJyYMbWVRPMjIxMDkwODE5MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== content-type image/svg+xml access-control-allow-origin * x-ms-request-id e8eeab29-501e-008a-476f-386e33000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f3782014f3739160dbfd boolean| __convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA|NoExtension
			login.microsoftonline.com/	1970-01-20 09:34:11	Name: SSOCOOKIEPULLED Value: 1
			login.microsoftonline.com/	1970-01-20 10:17:23	Name: buid Value: 0.ARUAwFQ3uvcCH0O_w0PjfJbz0ZKTo24axF1Gq_ePWr07-zIVAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevra4Fo8yWWSeOJ7rQ9SLhgDAVk0WYSpA3xny1KM2XP9Igg5MQqjLuYL77yFJIPw7lXIPy-JhWX78oCcgfYlFieFnHWL9B1STdqsd_EwjsF4HwgAA
			login.microsoftonline.com/	1970-01-20 10:17:23	Name: fpc Value: AnLuyAQdyAtMh5lfkhZd_s4wxYlRAQAAALx8eNsOAAAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr-nEAWzRjY8sKuyq5tshboGRUeF3-o17U9KfxtZzj9ebm-ez2Ky9FiaTeHrZjubA7Ji8uw8gYGJUL-dcpjxLZ8U9Usw17plX6CUke5XWqAvgZ7HPJvA-afDcJUblmt847E8uJ9J6d4WhbJO0gqhxRo4GqBWhK_l2YnO7rdwCq-HYgAA
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 95ac7b11fac340968dbdef1d48da3bf2
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1676051901&co=1
			.login.microsoftonline.com/	1970-01-20 18:55:47	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://admin.r350d3v.cyber.gouv.qc.ca/images/edfdffe6-2243-474b-bf5d-bc2cd8791d30.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
admin.r350d3v.cyber.gouv.qc.ca
login.live.com
login.microsoftonline.com
res-1.cdn.office.net
152.199.4.73
2600:1400:d::17db:5d73
2620:1ec:48:1::40
40.126.24.146
40.126.24.81
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
14138f35bd052a946b4dacd7e6def56a49e90ec545cc734d6dd66c916af10fcf
2cf019cc983c437a44778d667ce5073f82674b196090d8f90d26b49366d7c033
31182161179e50906df487c9fd54493d023ae899882fbc601c379b36bb5b959f
4f5aa27d78b047d9fdb084d32455e0255561e0a7b23de3220e73a657513cb670
6cbc9b7517b061cfb429661c4c4ac7242d3f9fd9ccfa8916347876f82dcb1e4a
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
80901e04ff9db05908cfa4741e49918466c9a0d3a2b8e76273f9f906e5c26768
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9ba805f56cd27eb720a6348c0944dff5f214e3a823a30300897e7c9f0193b3e3
c5ba7972433265385ac52e181ba06529532d5680139632a32096f8f0c75ab28d
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
d1165d337f36d0055db56c99252fa7ad0db9ef33582968761e129ddc4f4f8c2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4b4c9d49ff05d8b115d4dc035d03d2a10516515b1c70c634d35efbf48b27cdd