urlscan.io logo urlscan.io
SecurityTrails logo

tax.microsoft.ca Open in urlscan Pro
52.228.84.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tax.microsoft.ca/
Effective URL: https://tax.microsoft.ca/user-access.aspx
Submission: On March 25 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 52.228.84.34, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is tax.microsoft.ca.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on December 29th 2022. Valid for: a year.
This is the only time tax.microsoft.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 52.228.84.34 8075 (MICROSOFT...)
2 2600:1400:900... 20940 (AKAMAI-ASN1)
1 152.199.4.33 15133 (EDGECAST)
3 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 104.117.182.57 20940 (AKAMAI-ASN1)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
14 7
6    52.228.84.34 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tax.microsoft.ca
2    2600:1400:9000:1ab::2957 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.onestore.ms
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2600:1400:d:594::356e (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
1    104.117.182.57 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-57.deploy.static.akamaitechnologies.com
statics-marketingsites-eus-ms-com.akamaized.net
1    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
1    2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
Apex Domain
Subdomains		 Transfer
6 microsoft.ca
tax.microsoft.ca
54 KB
3 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 259
151 KB
2 onestore.ms
assets.onestore.ms — Cisco Umbrella Rank: 13235
125 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1527
34 KB
1 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 2006
10 KB
1 akamaized.net
statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 12282
926 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1587
19 KB
14 7
Domain Requested by
6 tax.microsoft.ca 1 redirects tax.microsoft.ca
3 www.microsoft.com tax.microsoft.ca
2 assets.onestore.ms tax.microsoft.ca
1 js.monitor.azure.com mem.gfx.ms
1 mem.gfx.ms tax.microsoft.ca
1 statics-marketingsites-eus-ms-com.akamaized.net tax.microsoft.ca
1 ajax.aspnetcdn.com tax.microsoft.ca
14 7

This site contains links to these domains. Also see Links.

Domain
support.microsoft.com
go.microsoft.com
www.microsoft.com
choice.microsoft.com
Subject Issuer Validity Valid
tax.microsoft.ca
Microsoft Azure TLS Issuing CA 01		 2022-12-29 -
2023-12-24		 a year crt.sh
wildcard.onestore.ms
Microsoft Azure TLS Issuing CA 05		 2022-09-22 -
2023-09-17		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
www.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-10-04 -
2023-09-29		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 05		 2023-01-04 -
2023-12-30		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tax.microsoft.ca/user-access.aspx
Frame ID: 29E2172E302355EE6C5B09EAEA00235B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tax Helper - User Access

Page URL History Show full URLs

  1. https://tax.microsoft.ca/ HTTP 301
    https://tax.microsoft.ca/user-access.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

393 kB
Transfer

2270 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tax.microsoft.ca/ HTTP 301
    https://tax.microsoft.ca/user-access.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request user-access.aspx
tax.microsoft.ca/
Redirect Chain
  • https://tax.microsoft.ca/
  • https://tax.microsoft.ca/user-access.aspx
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
577c2f10607b5b8e976b6fdf3fb6add327f306751ff623ec55265d3d86b60bd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
4054
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Mar 2023 21:19:13 GMT
Expires
0
Pragma
no-cache
Request-Context
appId=cid-v1:e1b4c960-1324-4669-a218-1c06b55454bb
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Content-Length
164
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Mar 2023 21:19:13 GMT
Expires
0
Location
https://tax.microsoft.ca/user-access.aspx
Pragma
no-cache
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
site.css
tax.microsoft.ca/Styles/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tax.microsoft.ca/Styles/site.css
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01b49e33ee1630956a6f67e65afd83cdb2212bd1783d02ae2f277312d71b5542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/user-access.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 21:19:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
2787
Pragma
no-cache
Last-Modified
Thu, 16 Mar 2023 09:53:15 GMT
Server
ETag
"80779a20ed57d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Accept-Ranges
bytes
X-Robots-Tag
noindex
Expires
0
mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.20.1/css/ 		474 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.20.1/css/mwf-west-european-default.min.css
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:9000:1ab::2957 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1e2721304ec0d5b6bed26c898b03d5f7719095d1f29501336812c61c51f33271
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 21:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Mar 2017 17:35:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
oEG+uvNpd86QdicIZjVg6A==
etag
"0x8D46C92CACD6004"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
x-ms-lease-state
available
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.6/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B2) /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 21:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25013154
x-cache
HIT
content-length
19631
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:16 GMT
server
ECAcc (nya/78B2)
etag
"0bce3f0cb33d21:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
mwf-main.min.css
www.microsoft.com/mwf/css/bundle/1.57.0/west-european/default/ 		807 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/css/bundle/1.57.0/west-european/default/mwf-main.min.css?apiVersion=1.0
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:594::356e New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cd71494aaf026e74b27f258a3518f0d43bb199f1c2df6e9b5b9b8bd208de6ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ms-operation-id
0dd82ec031cf0a4c9a4d14522b1337ca
date
Sat, 25 Mar 2023 21:19:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-03-25T21:19:15
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
973ffe3b-4a96-4418-93a7-85d94f819817
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1de522d4.0
ms-cv
CASMicrosoftCV1de522d4.0
x-xss-protection
1; mode=block
last-modified
Sat, 25 Mar 2023 21:19:13 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-03-10T08:58:24.0000000Z}
x-s1
2023-03-25T21:19:15
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8468.43152
expires
Sun, 24 Mar 2024 21:19:15 GMT
74-888e54
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/ 		167 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:594::356e New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ms-operation-id
e2c77b9e7aec994eba4fdc7d526b2655
date
Sat, 25 Mar 2023 21:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-12-13T21:49:51
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
8e60f3a1-c8ab-4b99-8fec-f5cef416f6e8
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1de522d5.0
ms-cv
CASMicrosoftCV1de522d5.0
content-length
22729
x-xss-protection
1; mode=block
last-modified
Tue, 13 Dec 2022 21:49:51 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-12-08T12:39:44.0000000Z}
x-s1
2022-12-13T21:49:51
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=25207203
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8377.8392
expires
Thu, 11 Jan 2024 15:19:16 GMT
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ 		1 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.57 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-57.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Unused62
8096267
Content-Encoding
gzip
Date
Sat, 25 Mar 2023 21:19:13 GMT
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
83be1b72-e01e-0001-1258-3c0bf7000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
jquery-3.3.1.min.js
tax.microsoft.ca/Scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax.microsoft.ca/Scripts/jquery-3.3.1.min.js
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/user-access.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 21:19:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
30401
Pragma
no-cache
Last-Modified
Thu, 16 Mar 2023 09:53:00 GMT
Server
ETag
"0a6a917ed57d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Accept-Ranges
bytes
X-Robots-Tag
noindex
Expires
0
RE1Mu3b.png
tax.microsoft.ca/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax.microsoft.ca/images/RE1Mu3b.png
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/user-access.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Mar 2023 21:19:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Mar 2023 09:50:07 GMT
Server
ETag
"eb1feeb0ec57d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
4054
Expires
0
mwf-auto-init-main.var.min.js
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 		303 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-auto-init-main.var.min.js
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:9000:1ab::2957 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 21:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Feb 2018 02:22:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
12go4t01WZJhAGBag3beKQ==
etag
"0x8D5691AA4A3D407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71611
x-ms-lease-state
available
bootstrap.min.js
tax.microsoft.ca/Scripts/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax.microsoft.ca/Scripts/bootstrap.min.js
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fad66aabd093cd3ae4c344a8773da9b756ba3589080cc31cfa48d61e7db4855e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/user-access.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 21:19:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
10045
Pragma
no-cache
Last-Modified
Thu, 16 Mar 2023 09:52:55 GMT
Server
ETag
"80b5ae14ed57d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Accept-Ranges
bytes
X-Robots-Tag
noindex
Expires
0
a2-598841
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23... 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:594::356e New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ms-operation-id
0556d6420b148345b0bdc837cb0ce00f
date
Sat, 25 Mar 2023 21:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-01-24T18:49:48
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
4acfdf53-d9d4-49b7-a7f4-ee5e3692f1c3
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1de52797.0
ms-cv
CASMicrosoftCV1de52797.0
content-length
35900
x-xss-protection
1; mode=block
last-modified
Tue, 24 Jan 2023 18:49:47 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
x-s1
2023-01-24T18:49:48
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=26343078
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8405.38376
expires
Wed, 24 Jan 2024 18:50:32 GMT
meversion
mem.gfx.ms/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSTechnical&market=en-ca&uhf=1
Requested by
Host: tax.microsoft.ca
URL: https://tax.microsoft.ca/user-access.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf8878a6842700000c94fb4b648430bb2ac5c16a085e9eae3c2ce77716aa7634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tax.microsoft.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 25 Mar 2023 21:19:14 GMT
x-azure-ref-originshield
0UmUfZAAAAAAW+CWZjku7RJ6IArfziafRTU5aMjIxMDYwNjExMDA5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref
0UmUfZAAAAAA26F5CT0/fQJeapIBEirKJWVRPMjIxMDkwODIwMDExAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_REMOTE_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
expires
Sun, 26 Mar 2023 02:04:25 GMT
ms.shared.analytics.mectrl-3.2.6.gbl.min.js
js.monitor.azure.com/scripts/c/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSTechnical&market=en-ca&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer
https://tax.microsoft.ca/
Origin
https://tax.microsoft.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 21:19:14 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Thu, 18 Aug 2022 21:40:45 GMT
x-azure-ref-originshield
0qB4cZAAAAADlHMI8xu01RatKL1QnBmBcTU5aMjIxMDYwNjExMDIxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
RlzwH95FOkmm6gksZWAC+w==
etag
0x8DA81624EF9033C
x-azure-ref
0U2UfZAAAAADF01efB39LQrBJMGAoY19NWVRPMjIxMDkwODE3MDMzAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ac5dc40b-501e-0057-288e-592ab6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| theForm function| __doPostBack object| mwfAutoInit object| html5 object| Modernizr object| picturefillCFG function| picturefill object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| oneDsMeControl

4 Cookies

Domain/Path Name / Value
.tax.microsoft.ca/ Name: ARRAffinity
Value: 63995d25f48e1ae329d94d56f78f963bebcfdec0bf2164c5175c25d1a9b15940
.tax.microsoft.ca/ Name: ARRAffinitySameSite
Value: 63995d25f48e1ae329d94d56f78f963bebcfdec0bf2164c5175c25d1a9b15940
tax.microsoft.ca/ Name: ASP.NET_SessionId
Value: soqhd0qrpyg2tcfwqdoeu3xp
tax.microsoft.ca/ Name: MSCATAXLOCALE
Value: Name=en-CA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN