urlscan.io logo urlscan.io
SecurityTrails logo

securefed.desjardins.com Open in urlscan Pro
23.10.141.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://admin.cartesdevoeuxdesjardins.com/
Effective URL: https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREAS...
Submission: On April 02 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 23.10.141.42, located in Secaucus, United States and belongs to AKAMAI-AS, US. The main domain is securefed.desjardins.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 2nd 2021. Valid for: a year.
This is the only time securefed.desjardins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2604:a880:400... 14061 (DIGITALOC...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 6 23.10.141.42 16625 (AKAMAI-AS)
10 2
Domain Requested by
7 admin.cartesdevoeuxdesjardins.com 1 redirects admin.cartesdevoeuxdesjardins.com
6 securefed.desjardins.com 2 redirects admin.cartesdevoeuxdesjardins.com
securefed.desjardins.com
1 api.cartesdevoeuxdesjardins.com 1 redirects
10 3

This site contains no links.

Subject Issuer Validity Valid
admin.cartesdevoeuxdesjardins.com
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
id.desjardins.com
Entrust Certification Authority - L1K		 2021-09-02 -
2022-09-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
Frame ID: 25D4FBD9809E217482A55DB3284DE309
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login RSA

Page URL History Show full URLs

  1. http://admin.cartesdevoeuxdesjardins.com/ HTTP 301
    https://admin.cartesdevoeuxdesjardins.com/ Page URL
  2. https://api.cartesdevoeuxdesjardins.com/oidc/auth?origin=bo HTTP 302
    https://securefed.desjardins.com/affwebservices/CASSO/oidc/Client-Cloudraker/authorize?client_id=000186c4-388... HTTP 302
    https://securefed.desjardins.com/affwebservices/secure/secureredirect/oidcext?client_id=000186c4-3880-1ddd-87... HTTP 302
    https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

172 kB
Transfer

506 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://admin.cartesdevoeuxdesjardins.com/ HTTP 301
    https://admin.cartesdevoeuxdesjardins.com/ Page URL
  2. https://api.cartesdevoeuxdesjardins.com/oidc/auth?origin=bo HTTP 302
    https://securefed.desjardins.com/affwebservices/CASSO/oidc/Client-Cloudraker/authorize?client_id=000186c4-3880-1ddd-8701-416a0afa0000&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fapi.cartesdevoeuxdesjardins.com%2Foidc%2Fcallback-bo HTTP 302
    https://securefed.desjardins.com/affwebservices/secure/secureredirect/oidcext?client_id=000186c4-3880-1ddd-8701-416a0afa0000&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fapi.cartesdevoeuxdesjardins.com%2Foidc%2Fcallback-bo&SMPORTALURL=EQ5DEponRauG9JqgFRfSLArXABNj%2F0%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ%2FR7yxmT7h7Qb3OzCA2PjK%2FEq%2F0EgBo%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN%2Be73Bn0zP HTTP 302
    https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://admin.cartesdevoeuxdesjardins.com/ HTTP 301
  • https://admin.cartesdevoeuxdesjardins.com/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.cartesdevoeuxdesjardins.com/
Redirect Chain
  • http://admin.cartesdevoeuxdesjardins.com/
  • https://admin.cartesdevoeuxdesjardins.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
79fdb7555b986844e88e17b353f6f12d3aa87eab69d56893c4a0fdd85ec149f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 15:02:19 GMT
etag
"175a67822b74cb0e690e19043493e709-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01FZNCRTSTZ8WMQB0EF0E396K9

Redirect headers

Age
0
Cache-Control
public, max-age=0, must-revalidate
Content-Length
57
Content-Type
text/plain
Date
Sat, 02 Apr 2022 15:02:19 GMT
Location
https://admin.cartesdevoeuxdesjardins.com/
Server
Netlify
X-Nf-Request-Id
01FZNCRTMGSED96CXX09H3SFE3
2.0489f21e.chunk.css
admin.cartesdevoeuxdesjardins.com/static/css/ 		2 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/static/css/2.0489f21e.chunk.css
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
f99ffdd4245fe55197723a1bd2c65b2a2141fa605a6ccddc1ebda8c6a21d92e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://admin.cartesdevoeuxdesjardins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZNCRTW3S38Q10BFQXAABFAV
date
Sat, 02 Apr 2022 15:02:19 GMT
content-encoding
br
server
Netlify
age
0
etag
"775d7b99f3df5def42517c7ea0317fda-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
542
main.b5cceddd.chunk.css
admin.cartesdevoeuxdesjardins.com/static/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/static/css/main.b5cceddd.chunk.css
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
c5218657a70ee95903727a1e1fd40e8cb4bd80b42709b1e45e2a819a8508fd79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://admin.cartesdevoeuxdesjardins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZNCRTW4VV9YX5JN6JD5ZHSH
date
Sat, 02 Apr 2022 15:02:19 GMT
content-encoding
br
server
Netlify
age
0
etag
"ab136464fbb0b541afb85c3feb3de542-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
2.d36d6cac.chunk.js
admin.cartesdevoeuxdesjardins.com/static/js/ 		291 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/static/js/2.d36d6cac.chunk.js
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
457f0b7d79266b323d7ce2d5c1069efc8f0d6abfa1d8aeeaf88324cfddbd3c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://admin.cartesdevoeuxdesjardins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZNCRTW4VGBQBN6DCR0DFBT3
date
Sat, 02 Apr 2022 15:02:19 GMT
content-encoding
br
server
Netlify
age
0
etag
"eab909f82d6136abfc63da4e21afb109-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
main.1a409d31.chunk.js
admin.cartesdevoeuxdesjardins.com/static/js/ 		48 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/static/js/main.1a409d31.chunk.js
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
e33ae3b6998982cb7fc68c58e7cc3ea4eb0b7d2efcf5508766414267616c534d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://admin.cartesdevoeuxdesjardins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZNCRTW588K2WXTFHETEN93G
date
Sat, 02 Apr 2022 15:02:19 GMT
content-encoding
br
server
Netlify
age
0
etag
"4eab31508cf915ba830a6e35a85d9268-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
averta-regular-webfont.8f55baf9.woff2
admin.cartesdevoeuxdesjardins.com/static/media/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.cartesdevoeuxdesjardins.com/static/media/averta-regular-webfont.8f55baf9.woff2
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/static/css/main.b5cceddd.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::1757:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://admin.cartesdevoeuxdesjardins.com/static/css/main.b5cceddd.chunk.css
Origin
https://admin.cartesdevoeuxdesjardins.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZNCRV4AG6663CE48VJKMVXZ
date
Sat, 02 Apr 2022 15:02:20 GMT
server
Netlify
age
0
etag
"23de9701215fab5cd54d98018c5e1b70-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26200
Primary Request mfaext.fcc
securefed.desjardins.com/login/
Redirect Chain
  • https://api.cartesdevoeuxdesjardins.com/oidc/auth?origin=bo
  • https://securefed.desjardins.com/affwebservices/CASSO/oidc/Client-Cloudraker/authorize?client_id=000186c4-3880-1ddd-8701-416a0afa0000&scope=openid%20profile%20email&response_type=code&redirect_uri=...
  • https://securefed.desjardins.com/affwebservices/secure/secureredirect/oidcext?client_id=000186c4-3880-1ddd-8701-416a0afa0000&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%...
  • https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%...
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
Requested by
Host: admin.cartesdevoeuxdesjardins.com
URL: https://admin.cartesdevoeuxdesjardins.com/static/js/main.1a409d31.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.141.42 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-141-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04eb62c85571f7ecff2d0d1a37aa45f3ece7f36508cee3fbc38413e38bccc7d8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://admin.cartesdevoeuxdesjardins.com/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE
access-control-allow-method
POST, GET, OPTIONS, DELETE, PUT, TRACE
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
3920
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 15:02:20 GMT
expires
Sat, 02 Apr 2022 15:02:20 GMT
pragma
no-cache
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE
access-control-allow-method
POST, GET, OPTIONS, DELETE, PUT, TRACE
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Sat, 02 Apr 2022 15:02:20 GMT
expires
Sat, 02 Apr 2022 15:02:20 GMT
location
https://securefed.desjardins.com:443/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
pragma
no-cache
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
apm2.css
securefed.desjardins.com/public/include/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securefed.desjardins.com/public/include/css/apm2.css
Requested by
Host: securefed.desjardins.com
URL: https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.141.42 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-141-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8e52f2853f7228de7bf4d3f242f2e96abf7e5e21938fea9cf3e4eea1f837533
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 15:02:20 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2017 14:55:01 GMT
etag
"7270-556f432645b40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=200847
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE
content-length
5710
access-control-allow-method
POST, GET, OPTIONS, DELETE, PUT, TRACE
jquery.min.js
securefed.desjardins.com/public/include/lib/externe/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securefed.desjardins.com/public/include/lib/externe/jquery/3.2.1/jquery.min.js
Requested by
Host: securefed.desjardins.com
URL: https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.141.42 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-141-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 15:02:20 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2017 14:51:20 GMT
etag
"15283-559c857888f69"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=314892
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE
content-length
30178
access-control-allow-method
POST, GET, OPTIONS, DELETE, PUT, TRACE
image00.gif
securefed.desjardins.com/public/images/customization/DESJPA-SRV/ad_sso_act_logon_page_ag/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securefed.desjardins.com/public/images/customization/DESJPA-SRV/ad_sso_act_logon_page_ag/image00.gif
Requested by
Host: securefed.desjardins.com
URL: https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.141.42 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-141-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1398c36548cb5438d1047a2147dcf589421fb25fd7ce144877d7ceed331dd929
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://securefed.desjardins.com/login/mfaext.fcc?TYPE=33554432&REALMOID=06-0006b6c2-971a-1d83-8d3f-416a0afa0000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-m2%2baayZUiHwuy9SWzq%2bBGF%2bYIOC5S%2bZt6MAwI2dnKQ9G52%2fIq%2bqwr%2bOPXFAtEIRx&TARGET=-SM-HTTPS%3a%2f%2fsecurefed%2edesjardins%2ecom%2faffwebservices%2fsecure%2fsecureredirect%2foidcext%3fclient_id%3d000186c4--3880--1ddd--8701--416a0afa0000%26scope%3dopenid-%20profile-%20email%26response_type%3dcode%26redirect_uri%3dhttps-%3A-%2F-%2Fapi%2ecartesdevoeuxdesjardins%2ecom-%2Foidc-%2Fcallback--bo%26SMPORTALURL%3dEQ5DEponRauG9JqgFRfSLArXABNj-%2F0-%2FaY7ejWOGlfQadmHazIhOmQbdpCrO6BZ-%2FR7yxmT7h7Qb3OzCA2PjK-%2FEq-%2F0EgBo-%2BEyPi3DcgRbGGP5xOpFdHJg2myV51brEeLJOmdtwNDkG7oYSNg7IhsehoBN-%2Be73Bn0zP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 15:02:20 GMT
last-modified
Fri, 27 Feb 2015 16:42:46 GMT
etag
"bfc-510148ee02d80"
access-control-max-age
1000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=344037
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE
content-length
3068
access-control-allow-method
POST, GET, OPTIONS, DELETE, PUT, TRACE

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery string| LOCALE string| LOCALE_CODE_LANGUE string| LOCALE_CODE_PAYS string| URL_PREPARATION_IA string| SM_MODE function| getCookie function| toF function| toE function| checkForm object| el string| lang object| question object| headerText object| usernameLabel object| passwordLabel object| newPasswordLabel object| login object| disclaimer

1 Cookies

Domain/Path Name / Value
.desjardins.com/ Name: ak_bmsc
Value: 1F45B011490E46469B8D4D3B456086FF~000000000000000000000000000000~YAAQrpEvF9V1jrl/AQAAgm7M6g/XilAjkyONIx8CL0GBIX4hyPt826ZVYrrjGR0OaW35GIRoUomLbkUzlZD0mHMpuam+3sqiKCvaM2xj2KqWe7LHbfq2grnZj2aX+yg/ZgbdjF4Rwmk8ZJf6QMfS7FBE78jA0FxPD1LrPVdwrvQj64s6B40ne4//S8Mc4kVKDSwMWdMtIHe6AHzjixZPuJyp97/BQMDNNFd4Qejwu374wfkE5EWoyPJDt8Zm5TNmbWWwn20P8Kl8RnAEemV6VY/xXEN8yHiyCuviZm48yjTykqQfMiaVX3XIM6dSHAFqEMnYixUIFnZjcMmRSqI/0Y2nByj1Ftj3WWN7vmELQWjrYqIFWiSYAj1/OSgGdS2hHW/i1tBPzAwnl0e/0XMl

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000