urlscan.io logo urlscan.io
SecurityTrails logo

octlogins.b2clogin.com Open in urlscan Pro
40.126.29.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oct-oeeo.ca/p9qrcq
Effective URL: https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogin...
Submission: On April 24 via manual from SG — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 40.126.29.13, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is octlogins.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 11th 2024. Valid for: a year.
This is the only time octlogins.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 209.205.40.123 25833 (TOCT)
3 3 206.187.24.150 1746 (SIRSIDYNIXAS)
2 2 206.187.24.145 1746 (SIRSIDYNIXAS)
2 40.126.29.13 8075 (MICROSOFT...)
1 104.18.10.207 13335 (CLOUDFLAR...)
7 3
5    209.205.40.123 (United States)

ASN25833 (TOCT, CA)
oct-oeeo.ca
www.oct.ca
3    206.187.24.150 (United States)

ASN1746 (SIRSIDYNIXAS, US)
PTR: chulak.sirsidynix.net
oct.ent.sirsidynix.net
2    206.187.24.145 (United States)

ASN1746 (SIRSIDYNIXAS, US)
PTR: mtl-sdcas01.sirsidynix.net
mtl-sdcas01.sirsidynix.net
2    40.126.29.13 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
octlogins.b2clogin.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
Apex Domain
Subdomains		 Transfer
5 sirsidynix.net
oct.ent.sirsidynix.net
mtl-sdcas01.sirsidynix.net
3 KB
4 oct.ca
www.oct.ca
1015 KB
2 b2clogin.com
octlogins.b2clogin.com
210 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139
20 KB
1 oct-oeeo.ca
oct-oeeo.ca
728 B
7 5
Domain Requested by
4 www.oct.ca octlogins.b2clogin.com
3 oct.ent.sirsidynix.net 3 redirects
2 octlogins.b2clogin.com octlogins.b2clogin.com
2 mtl-sdcas01.sirsidynix.net 2 redirects
1 maxcdn.bootstrapcdn.com octlogins.b2clogin.com
1 oct-oeeo.ca 1 redirects
7 6

This site contains links to these domains. Also see Links.

Domain
apps.oct.ca
www.oct.ca
Subject Issuer Validity Valid
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-02-11 -
2025-02-11		 a year crt.sh

Sectigo RSA Organization Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Frame ID: 3A82C09FB84A2878646F4E66DEA89032
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. http://oct-oeeo.ca/p9qrcq HTTP 307
    https://oct-oeeo.ca/p9qrcq HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/results?qu=Poetry&te=&dt=list&rt=false%7C%7C%7... HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/patronlogin/https:$002f$002foct.ent.sirsidynix... HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/casrequest/https:$002f$002foct.ent.sirsidynix.... HTTP 302
    https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/login?service=https%3A%2F%2Foct.ent.sirsidynix.net%2Fclient%2Ff... HTTP 302
    https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/clientredirect?client_name=OidcClient&service=https%3A%2F%2Foct... HTTP 302
    https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+ht... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

1246 kB
Transfer

1566 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oct-oeeo.ca/p9qrcq HTTP 307
    https://oct-oeeo.ca/p9qrcq HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/results?qu=Poetry&te=&dt=list&rt=false%7C%7C%7CSERIES%7C%7C%7CSeries HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/patronlogin/https:$002f$002foct.ent.sirsidynix.net$002fclient$002ffr_FR$002fdefaultfr$002fsearch$002fresults$003fdt$003dlist$0026qu$003dPoetry$0026rt$003dfalse$00257C$00257C$00257CSERIES$00257C$00257C$00257CSeries$0026te$003d?dt=list HTTP 302
    https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/casrequest/https:$002f$002foct.ent.sirsidynix.net$002fclient$002ffr_FR$002fdefaultfr$002fsearch$002fresults$003fdt$003dlist$0026qu$003dPoetry$0026rt$003dfalse$00257C$00257C$00257CSERIES$00257C$00257C$00257CSeries$0026te$003d/CAS/$N/$N?dt=list HTTP 302
    https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/login?service=https%3A%2F%2Foct.ent.sirsidynix.net%2Fclient%2Ffr_FR%2Fdefaultfr%2Fsearch%2Fcasrequest%3Fdt%3Dlist HTTP 302
    https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/clientredirect?client_name=OidcClient&service=https%3A%2F%2Foct.ent.sirsidynix.net%2Fclient%2Ffr_FR%2Fdefaultfr%2Fsearch%2Fcasrequest%3Fdt%3Dlist HTTP 302
    https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/
Redirect Chain
  • http://oct-oeeo.ca/p9qrcq
  • https://oct-oeeo.ca/p9qrcq
  • https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/results?qu=Poetry&te=&dt=list&rt=false%7C%7C%7CSERIES%7C%7C%7CSeries
  • https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/patronlogin/https:$002f$002foct.ent.sirsidynix.net$002fclient$002ffr_FR$002fdefaultfr$002fsearch$002fresults$003fdt$003dlist$0026qu$003d...
  • https://oct.ent.sirsidynix.net/client/fr_FR/defaultfr/search/casrequest/https:$002f$002foct.ent.sirsidynix.net$002fclient$002ffr_FR$002fdefaultfr$002fsearch$002fresults$003fdt$003dlist$0026qu$003dP...
  • https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/login?service=https%3A%2F%2Foct.ent.sirsidynix.net%2Fclient%2Ffr_FR%2Fdefaultfr%2Fsearch%2Fcasrequest%3Fdt%3Dlist
  • https://mtl-sdcas01.sirsidynix.net/oct_cas_oidc/clientredirect?client_name=OidcClient&service=https%3A%2F%2Foct.ent.sirsidynix.net%2Fclient%2Ffr_FR%2Fdefaultfr%2Fsearch%2Fcasrequest%3Fdt%3Dlist
  • https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_ur...
321 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.29.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
beca6d79d1dce221f0cf48c05a45321e2bee8c6bbd8d6a0f328b2f66b48af8b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
110595
Content-Security-Policy-Report-Only
script-src 'strict-dynamic' 'self' 'nonce-sw58jm6Iqem5h+evGYGLxA==' 'report-sample'; report-uri /octlogins.onmicrosoft.com/B2C_1_Signin/client/cspreport?p=B2C_1_Signin
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Apr 2024 21:11:45 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.128.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
473d471b-c08f-4954-88d6-8b0aa275c359
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
43ffdce0-04d0-4713-abf2-1f9f9d133a12

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Language
en
Content-Length
0
Date
Wed, 24 Apr 2024 21:11:45 GMT
Expires
0
Keep-Alive
timeout=5, max=99
Location
https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN DENY
X-XSS-Protection
1; mode=block
requestId
a1d886ec-bdb8-42a6-b385-0dd6c4c3c934
jquery-bundle-1.10.2.min.js
octlogins.b2clogin.com/static/bundles/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://octlogins.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN
Requested by
Host: octlogins.b2clogin.com
URL: https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.29.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 24 Apr 2024 21:11:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Apr 2024 10:06:36 GMT
ETag
"0de239b658ada1:0"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Frame-Options
DENY
Accept-Ranges
bytes
Content-Length
101973
X-XSS-Protection
1; mode=block
unified.html
www.oct.ca/B2CPolicy/oct/en/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.oct.ca/B2CPolicy/oct/en/unified.html?ui_locales=en
Requested by
Host: octlogins.b2clogin.com
URL: https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.205.40.123 , United States, ASN25833 (TOCT, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
7891c0275380d49dc6d30351791770fbf98c85aad3fbb4b485d5459416dbe95a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 21:11:34 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorization
Content-Length
2952
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: octlogins.b2clogin.com
URL: https://octlogins.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 21:11:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718
age
4837067
cdn-cachedat
01/30/2023 12:48:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fde036789c7315304415843c399085ea
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
87991671ddcb3a06-YYZ
cdn-requestpullsuccess
True
global.css
www.oct.ca/B2CPolicy/oct/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oct.ca/B2CPolicy/oct/css/global.css
Requested by
Host: octlogins.b2clogin.com
URL: https://octlogins.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.205.40.123 , United States, ASN25833 (TOCT, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
677d1d3cc89abda8df6922747d2145b18759f23166f4facec0d09aad4f8a7e53
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 21:11:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 15:21:44 GMT
Server
Microsoft-IIS/10.0
ETag
"0b4593143d4d91:0"
X-Powered-By
XXXXXXXX
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorization
Content-Length
3094
JRR_209_JONES_2830-1420px-1080px.jpg
www.oct.ca/B2CPolicy/oct/images/ 		977 KB
978 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oct.ca/B2CPolicy/oct/images/JRR_209_JONES_2830-1420px-1080px.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.205.40.123 , United States, ASN25833 (TOCT, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
c585b4a68f5a0b593a84720e73b9f812c2da005c073cf7fe37884a7b2b3c0e03
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 21:11:34 GMT
Last-Modified
Fri, 10 Jul 2020 15:13:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0e65799cc56d61:0"
X-Powered-By
XXXXXXXX
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorization
Content-Length
1000686
L_OCT_Corp_Dark_Blue_Uncoated_B.png
www.oct.ca/B2CPolicy/oct/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oct.ca/B2CPolicy/oct/images/L_OCT_Corp_Dark_Blue_Uncoated_B.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.205.40.123 , United States, ASN25833 (TOCT, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
27dcd7ff2ecfd3429460ea6a366c7a4a79dd9912e2dbbaa8d69e015e8ab90df5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://octlogins.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 21:11:34 GMT
Last-Modified
Fri, 16 Aug 2019 16:34:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0497d7c5054d51:0"
X-Powered-By
XXXXXXXX
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorization
Content-Length
30433

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer function| sanitizeHtml object| $cors boolean| pageReady object| $i2e object| $element object| Handlebars boolean| contentReady boolean| bodyReady

7 Cookies

Domain/Path Name / Value
mtl-sdcas01.sirsidynix.net/oct_cas_oidc Name: DISSESSION
Value: 4973f500-18ca-4db6-9569-b12e74c0c7f2
oct-oeeo.ca/ Name: cookiesession1
Value: 5FA2301FQK3S0VH0GK97C4A9QTKP6D0B
oct.ent.sirsidynix.net/ Name: JSESSIONID
Value: FDA7A7F8B3953180A34B30AA95B77225.tomcat-13209
mtl-sdcas01.sirsidynix.net/ Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE
Value: en
.octlogins.b2clogin.com/ Name: x-ms-cpim-csrf
Value: N3BWaTBuWGlMMXFqUS9ENlRoM2JoTDMyYUNnVFlFK09jcHJSMzVnd3hSOUFBV0ZZU0xaN2Nab3lFVFNlaEl6RWMxcGhlRmFUK3hJZmtGcXVzQ2VWRmc9PTsyMDI0LTA0LTI0VDIxOjExOjQ1Ljc1ODkyMzVaO2Nra1cxYTJXc0EyMXJmNGZyV3JnYVE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.octlogins.b2clogin.com/ Name: x-ms-cpim-cache|g0c9r4_avemi1oskonxdwq_0
Value: m1.74mD1/DG3PCFqj1d.stKoKA6aWWXzNDviOHBoyA==.0.uAbEyO+zUxKwXwbtlbpDG1qvz8E34oTP1EoFT52FKNpo7co4LKHWwMyUJrcSKYQNoMYvq05bWwWACR7ztZ81OKdMveYYM1uvZO/doupSK0t/sQGJ/st/0i2UOR5KWt9ASXa6daB8cx/7kraWJUv2rtwUZbW9Kmselq6IoqKOaZ77rO0HV3qDyG1jWwOsErwBnNg2SqPuVxfFPZIGzMdp/X3nWLio5L07CV821+UsLQeGKqKIQXqqgF5MylY8qqf2CeScjyLugMw1Ew1jmVyHqSkjf7nMTixwY5GjADkR+bXOlWWVl3tIXEQLhKdx48hCCooblVwqyUkSowivv5rurfqQYFd1CmyTVZYJDzD7TmzMAcvH8cxqwAO1MZXiSg+p2bQxV43++WzD4hB6UhIAJv5B/UV03TgJW5mhpp+QIc3FB6HRua2MbqePgWKeZD+vJIyfs3dxOMzlxmFLeOUQUc3jA7eU0IERmoUW0IJtLU0edC3jM4f7h7KFqYtUMqHepdV/2FtosAqTDAjmBWFO36gCXN/LxtVVEzjyL4DMGq4fpROzmacMQQHN8zqYXgVmq4nsy5TeEIULTnSUEd4xwyRekijscp85C4M4m81xsZvYMTOvNBc6Z29ZSe/aryregx0oEV+9gmcNlGmDRD3U9QuuP8bpTal7Rn7KMv0J
.octlogins.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjQ3M2Q0NzFiLWMwOGYtNDk1NC04OGQ2LThiMGFhMjc1YzM1OSIsIlQiOiJvY3Rsb2dpbnMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpZ25pbiIsIkMiOiI4MmM1NmY2ZC1iYmE0LTRkYTgtODk2MC1iNjYzODIwOGFhNWYiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjQ3M2Q0NzFiLWMwOGYtNDk1NC04OGQ2LThiMGFhMjc1YzM1OSJ9

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://octlogins.b2clogin.com/octlogins.onmicrosoft.com/b2c_1_signin/oauth2/v2.0/authorize?scope=openid+https%3A%2F%2Foctlogins.onmicrosoft.com%2Fssodynix%2Fssodynix&response_type=code&redirect_uri=https%3A%2F%2Fmtl-sdcas01.sirsidynix.net%2Foct_cas_oidc%2Flogin%2FOidcClient&state=4cdf32a9a6&nonce=ODhmKeunolFcauhWk3jk_VBxt__7YFnQZn3sXWOqOpc&client_id=82c56f6d-bba4-4da8-8960-b6638208aa5f
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block