a0856045.xsph.ru Open in urlscan Pro
2a0a:2b43:9:ec3a:: Public Scan

Go To Rescan
Add Verdict Report

URL:
http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Submission: On September 02 via api (September 2nd 2023, 12:22:17 am UTC) from JP — Scanned from JP

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 49 HTTP transactions. The main IP is 2a0a:2b43:9:ec3a::, located in Russian Federation and belongs to SPRINTHOST, RU. The main domain is a0856045.xsph.ru.

This is the only time a0856045.xsph.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a0a:2b43:9:e... 2a0a:2b43:9:ec3a::	35278 (SPRINTHOST) (SPRINTHOST)
8 31	142.213.20.178 142.213.20.178	11489 (BACI) (BACI)
3	2404:6800:400... 2404:6800:400a:805::2008	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:400a:805::200e	15169 (GOOGLE) (GOOGLE)
49	5

17 2a0a:2b43:9:ec3a:: (Russian Federation)

ASN35278 (SPRINTHOST, RU)

a0856045.xsph.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.213.20.178 (Montreal, Canada) 8 redirects

ASN11489 (BACI, CA)

www4.prod.ramq.gouv.qc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:805::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:400a:805::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	gouv.qc.ca 8 redirects www4.prod.ramq.gouv.qc.ca	78 KB
17	xsph.ru a0856045.xsph.ru	224 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	42 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	214 KB
49	4

	Domain	Requested by
31	www4.prod.ramq.gouv.qc.ca	8 redirects a0856045.xsph.ru www4.prod.ramq.gouv.qc.ca
17	a0856045.xsph.ru	a0856045.xsph.ru
5	www.google-analytics.com	a0856045.xsph.ru www.googletagmanager.com
3	www.googletagmanager.com	a0856045.xsph.ru www.googletagmanager.com
49	4

This site contains no links.

Subject Issuer	Validity	Valid
*.PROD.RAMQ.GOUV.QC.CA Entrust Certification Authority - L1K	`2022-10-25` - `2023-11-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Frame ID: D83AFF58A4E9811CB79921C1D6D75116
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion | RAMQ

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

49
Requests

51 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

552 kB
Transfer

1149 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=1z5Inj-BHev3-56RxTAxlEYrGOryQmllOTwBCfDxG-1GeTqxBWV7ah7GjrhmxYEpvSNvtaAKEcSeNY5RP8To5UTOiwMJqkCeMNhC_Ld5iR0b7aUG-CYAOJfBJ0GDbnld0Kfb1CvJYsBtZx35vseeg5wJdcr02BAUztfYFx1rvw4WydOY1kXgewcQllPZx4rKK-a3PHEaYRrknZ2X_UndDA2&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=1z5Inj-BHev3-56RxTAxlEYrGOryQmllOTwBCfDxG-1GeTqxBWV7ah7GjrhmxYEpvSNvtaAKEcSeNY5RP8To5UTOiwMJqkCeMNhC_Ld5iR0b7aUG-CYAOJfBJ0GDbnld0Kfb1CvJYsBtZx35vseeg5wJdcr02BAUztfYFx1rvw4WydOY1kXgewcQllPZx4rKK-a3PHEaYRrknZ2X_UndDA2&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

Request Chain 19

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=7oxuSzEg6tCUSroQrBmXATJCRCFJJ_N1rK2q0cWIgFq1eTgOKarD7DiqEKsi7fD-yL76_T0rIEFUwZ2UZiMEiCCjGMbZkWmUOG6tN5OX8WeIWZhyt75Qhu3FH7T755IwpaXEKZHTqYxNaikVh_m-68_--YduM7aEevnqLf8BX2sbs2HNJuv9BT0Gtdhf_F-i4vyXVmGuORCmqoowxyhLdQ2&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=7oxuSzEg6tCUSroQrBmXATJCRCFJJ_N1rK2q0cWIgFq1eTgOKarD7DiqEKsi7fD-yL76_T0rIEFUwZ2UZiMEiCCjGMbZkWmUOG6tN5OX8WeIWZhyt75Qhu3FH7T755IwpaXEKZHTqYxNaikVh_m-68_--YduM7aEevnqLf8BX2sbs2HNJuv9BT0Gtdhf_F-i4vyXVmGuORCmqoowxyhLdQ2&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

Request Chain 20

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/css/YRM.css HTTP 302
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/css/YRM.css HTTP 302
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

Request Chain 21

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=nAUNoIe-JlwsP7RPczmGdk590MJYQG2vuXLSz4CFlPJB-VUkjlxPdvO82V08kkK6SHQswnvs6-YiQg1p3WhG8R-ut-f9CoUMpKnZZlQKKMdXnpfTZVthjhLcPNnfBbIm2R5sC2O15_3uEt6kgZeiS-jyYytNs5ZCUGU5YV7REP52onW3ruuS_DYALuS7Bn6rjVGyRR1NlmnXvhC_37GJv9dsd26BkWl0t_dVht3VOMA1&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=nAUNoIe-JlwsP7RPczmGdk590MJYQG2vuXLSz4CFlPJB-VUkjlxPdvO82V08kkK6SHQswnvs6-YiQg1p3WhG8R-ut-f9CoUMpKnZZlQKKMdXnpfTZVthjhLcPNnfBbIm2R5sC2O15_3uEt6kgZeiS-jyYytNs5ZCUGU5YV7REP52onW3ruuS_DYALuS7Bn6rjVGyRR1NlmnXvhC_37GJv9dsd26BkWl0t_dVht3VOMA1&t=637557594958999261 HTTP 302
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

Request Chain 31

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 43

http://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=60750567.1693614125&tid=UA-115080125-2&_gid=1422478655.1693614125&gtm=45He38u0n81WP59ZRR&z=962218152 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=60750567.1693614125&tid=UA-115080125-2&_gid=1422478655.1693614125&gtm=45He38u0n81WP59ZRR&z=962218152

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request IntrfAuth.htm Show response
a0856045.xsph.ru/YRM_GestAuthn/ 27 KB
7 KB 483ms
241ms Document
text/html 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: d64fabb4624f4f25a14176d607c5e0155881692758e462c7206cc49fc66ddf91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 02 Sep 2023 00:22:03 GMT
ETag: W/"64e7a5f9-6caf"
Expires: Sat, 09 Sep 2023 00:22:03 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:25 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 49 KB
21 KB 242ms
242ms Script
application/x-javascript 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/analytics.js
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 18:48:27 GMT
Server: openresty
ETag: W/"64e7a5fb-c41d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Sat, 09 Sep 2023 00:22:03 GMT

GET
H/1.1 200
OK gtm.js Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 93 KB
38 KB 829ms
242ms Script
application/x-javascript 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/gtm.js
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 7db240359ea429aef1efed6991e01177ec6d00e76d84ff4d16dfa341653c2a04

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 18:48:28 GMT
Server: openresty
ETag: W/"64e7a5fc-173e2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Sat, 09 Sep 2023 00:22:04 GMT

GET
H/1.1 200
OK corps-ancien-piv.css
www4.prod.ramq.gouv.qc.ca/com/co/commun/css/ 17 KB
6 KB 1530ms
178ms Stylesheet
text/css 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

b7b3082a20512f790e662490355e37520610bc8c3089b171f598de8df87e6c2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "61ebe0c3cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 5144
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK typo.css
www4.prod.ramq.gouv.qc.ca/com/co/commun/css/ 4 KB
2 KB 1537ms
183ms Stylesheet
text/css 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/typo.css

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

83ae948b9d7350376d4e02ce1f9d49fd54fb9bdf11c49b53f6125ff3fa9af243

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "11b0e5c3cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 1327
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK Navigation.css
www4.prod.ramq.gouv.qc.ca/com/co/commun/css/ 2 KB
1 KB 1573ms
218ms Stylesheet
text/css 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/Navigation.css

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

dc16a9488607f9109058488aa0d21c7cb18e9b520ef6368ee35b8b43660520de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:04 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "11b0e5c3cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 737
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found jquery-ui-1.css
www4.prod.ramq.gouv.qc.ca/com/co/commun/ThemeJquery/Ramq/jquery-ui-1.8.4.custom.cssdisplay/ 0
0 1546ms
182ms Stylesheet
text/html 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/ThemeJquery/Ramq/jquery-ui-1.8.4.custom.cssdisplay/jquery-ui-1.css
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 200
OK modernizr.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/javascript/ 12 KB
6 KB 1734ms
185ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/javascript/modernizr.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

34ddc9b5e12aecde36dbf12bd77c8bd92bf96fb22a74aa5a6153b605f666ce34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 30 Sep 2023 09:28:49 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "95fc31c4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 5460
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK WebResource_019.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 93 KB
93 KB 585ms
345ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource_019.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:48 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1727b-603afadb21043"
Content-Length: 94843

GET
H/1.1 200
OK WebResource_016.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 4 KB
4 KB 585ms
345ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource_016.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 864140ee4b7eee4ba736cd9937e337654c9bc29027d2a8adb6da3bc9c188128d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:47 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "10c6-603afada26491"
Content-Length: 4294

GET
H/1.1 200
OK WebResource_020.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 38 KB
38 KB 585ms
335ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource_020.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 72a8389de1a90bd1e08c082c98bd8c51e176f8f484b211f6eff6213b7dbf0083

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:48 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "9612-603afadb540aa"
Content-Length: 38418

GET
H/1.1 200
OK WebResource.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 3 KB
4 KB 596ms
345ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 6082321fa006c2afea53132ac86165e4a598f3e53b2721cc8dedcbeacb667e54

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:36 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "d6c-603afacf5b9b6"
Content-Length: 3436

GET
H/1.1 200
OK WebResource_006.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 4 KB
4 KB 596ms
345ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource_006.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 8f2adc3b20b01a6a05e0c4609016073fd7171658e1d2aa7625c8a39ba7e400f9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:43 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "104c-603afad672899"
Content-Length: 4172

GET
H/1.1 200
OK WebResource_003.axd Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 496 B
711 B 722ms
241ms Script
text/plain 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource_003.axd
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: ba505d597c34cc6c822b6517b5bfaf091212ceac6229b3d312b19d52a32c5da2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:04 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:41 GMT
Server: openresty
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1f0-603afad4cd65b"
Content-Length: 496

GET
H/1.1 200
OK jquery.cookie.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/ 4 KB
2 KB 1732ms
182ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/jquery.cookie.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

864140ee4b7eee4ba736cd9937e337654c9bc29027d2a8adb6da3bc9c188128d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "95fc31c4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 1801
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK Ramq.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/ 4 KB
2 KB 1917ms
182ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/Ramq.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

f3903412ffd96a7cf59ccbba5b6b3f26bb51b23ad5e001f3ed0eeec16f44781d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "cb495fc4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 1626
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK jquery.corner.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/ 10 KB
4 KB 1946ms
177ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/jquery.corner.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

ccb76cf402c0c01d2bc41dbd54d00ea287df1f3bac9c487a8f8f0c15e0778927

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "95fc31c4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 3938
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK MenuRamq.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/ 4 KB
2 KB 2075ms
176ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/MenuRamq.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

606a82a9d79163900f8ad539f7f97580da8ba63231753771680ddd293a0c82b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "f15d53c4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 1515
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK PIV2021.js Show response
www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/ 3 KB
2 KB 2101ms
179ms Script
application/javascript 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/Javascript/PIV2021.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

ea9c824a7846aeb6599b42a369cb279e41ac51ea0c6ce91191bf06f85b67e861

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "2a994ec4cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 1340
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

PageErr.aspx
www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/
Redirect Chain

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=1z5Inj-BHev3-56RxTAxlEYrGOryQmllOTwBCfDxG-1GeTqxBWV7ah7GjrhmxYEpvSNvtaAKEcSeNY5RP8To5UTOiwMJqkCeMNhC_Ld5iR0...
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=1z5Inj-BHev3-56RxTAxlEYrGOryQmllOTwBCfDxG-1...
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

0
0

277ms
258ms

Stylesheet
text/html

142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma: No-Cache
content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
location: /AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
cache-control: Private, No-Cache, No-Store
content-length: 380
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

PageErr.aspx
www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/
Redirect Chain

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=7oxuSzEg6tCUSroQrBmXATJCRCFJJ_N1rK2q0cWIgFq1eTgOKarD7DiqEKsi7fD-yL76_T0rIEFUwZ2UZiMEiCCjGMbZkWmUOG6tN5OX8We...
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=7oxuSzEg6tCUSroQrBmXATJCRCFJJ_N1rK2q0cWIgFq...
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

0
0

372ms
252ms

Stylesheet
text/html

142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma: No-Cache
content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
location: /AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
cache-control: Private, No-Cache, No-Store
content-length: 380
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

PageErr.aspx
www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/
Redirect Chain

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/css/YRM.css
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/css/YRM.css
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

0
0

279ms
267ms

Stylesheet
text/html

142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma: No-Cache
content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
location: /AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
cache-control: Private, No-Cache, No-Store
content-length: 380
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

PageErr.aspx
www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/
Redirect Chain

https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=nAUNoIe-JlwsP7RPczmGdk590MJYQG2vuXLSz4CFlPJB-VUkjlxPdvO82V08kkK6SHQswnvs6-YiQg1p3WhG8R-ut-f9CoUMpKnZZlQKKMd...
https://www4.prod.ramq.gouv.qc.ca/ags/yr/yrm_gestauthn/yrm3_cookieauthn_iut/fr/cookie.aspx?redir=/AGS/YR/YRM_GestAuthn/YRM1_V4Authn_iut/WebResource.axd?d=nAUNoIe-JlwsP7RPczmGdk590MJYQG2vuXLSz4CFlPJ...
https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke

0
0

280ms
266ms

Stylesheet
text/html

142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.prod.ramq.gouv.qc.ca/AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma: No-Cache
content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
location: /AGS/YR/YR_Commun/YR_V4PageErr_iut/PageErr.aspx?id=idRubrErrcke&idTrx=idTrxPageErrCke
cache-control: Private, No-Cache, No-Store
content-length: 380
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK Logo_Ramq.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 1 KB
2 KB 241ms
239ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/Logo_Ramq.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 5cd64bac25e6ef40c1e00bb31f8270f0cd771d64a0dbb18d9f6124fb34aca51f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:05 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:30 GMT
Server: openresty
ETag: "64e7a5fe-5a1"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1441
Expires: Sat, 09 Sep 2023 00:22:05 GMT

GET connexion.png
a0856045.xsph.ru/YRM_GestAuthn/display/ 0
0

GET
H/1.1 200
OK lien_externe.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 2 KB
2 KB 241ms
240ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/lien_externe.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: f837ccddc5ce58181e6acc4726e2670ecf5854bec60602e872b9e11deccaf3fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:05 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:30 GMT
Server: openresty
ETag: "64e7a5fe-76d"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1901
Expires: Sat, 09 Sep 2023 00:22:05 GMT

GET
H/1.1 200
OK quebw1.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 701 B
1007 B 252ms
251ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/quebw1.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 55c96c0212e2ffd1f864d738db2fc5988ee12e8d05a92560f1d1cdf2b4a95e00

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:05 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:33 GMT
Server: openresty
ETag: "64e7a601-2bd"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 701
Expires: Sat, 09 Sep 2023 00:22:05 GMT

GET
H/1.1 200
OK googleAnalytics.js Show response
a0856045.xsph.ru/YRM_GestAuthn/display/ 18 KB
4 KB 239ms
238ms Script
application/x-javascript 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/googleAnalytics.js
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: b3e99a68f61e715ab87de11f13cde9bb6ba9adfdec6749b024a5bf071c830c8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 18:48:28 GMT
Server: openresty
ETag: W/"64e7a5fc-464b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Sat, 09 Sep 2023 00:22:05 GMT

GET
H/1.1 200
OK WebResource.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 167 B
472 B 251ms
250ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: d93989c603f6900a452bbcf1c8f158093f07c256868cbb7c91021027deef9a4c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:05 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:36 GMT
Server: openresty
ETag: "64e7a604-a7"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167
Expires: Sat, 09 Sep 2023 00:22:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
64 KB 111ms
57ms Script
application/javascript 2404:6800:400a:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WP59ZRR

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bb801bc0edf9e69573619dda556fec88fde338e42cd2964e49e8249e71ad6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:22:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64973
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Sep 2023 00:22:05 GMT

GET
H/1.1 200
OK corps_imp.css
www4.prod.ramq.gouv.qc.ca/com/co/commun/css/ 686 B
883 B 178ms
177ms Stylesheet
text/css 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps_imp.css

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

cc4b522bf30b0ea9a1e8682424d8374550c5d4c8a6cee68048bf4d04c40d8a1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
date: Sat, 02 Sep 2023 00:22:05 GMT
last-modified: Thu, 03 Nov 2022 22:01:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
etag: "f89dec3cfefd81:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 386
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
312 B 99ms
48ms XHR
text/plain 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=354387947&gjid=2141049255&cid=60750567.1693614125&tid=UA-115080125-2&_gid=1422478655.1693614125&_r=1&gtm=2wg220WP59ZRR&z=1409828403

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://a0856045.xsph.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Sep 2023 00:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a0856045.xsph.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

9ms
9ms

Script
text/javascript

2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Sep 2023 23:39:17 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Sep 2023 01:39:17 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK lien_externe.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 2 KB
2 KB 345ms
238ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/lien_externe.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: f837ccddc5ce58181e6acc4726e2670ecf5854bec60602e872b9e11deccaf3fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:06 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:30 GMT
Server: openresty
ETag: "64e7a5fe-76d"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1901
Expires: Sat, 09 Sep 2023 00:22:06 GMT

GET
H/1.1 200
OK bg_header.gif
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/entete/ 297 B
749 B 177ms
176ms Image
image/gif 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/entete/bg_header.gif

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

a6dfd1eaf9d2fb5e164efbdb180dbb7de61a237f3bb8687e94e64f0a0e415c87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "cbe116c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: private
accept-ranges: bytes
content-length: 297
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_header_centre_access.jpg
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/entete/ 32 KB
33 KB 534ms
180ms Image
image/jpeg 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/entete/bg_header_centre_access.jpg

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

cabf973706cc3452febb25990ea84e68e8d17811bcb1225483372787dd995e69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "231d12c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
content-length: 33079
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_centre_haut.gif
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/ 262 B
714 B 538ms
184ms Image
image/gif 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/bg_centre_haut.gif

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

9d78b3045163b539264f9cd7bd4bac4f8821f357f2f4a27de64cb53b6868e093

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "679227c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: private
accept-ranges: bytes
content-length: 262
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_centre_bas.gif
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/ 262 B
714 B 348ms
177ms Image
image/gif 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/bg_centre_bas.gif

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

e5b6559935cc7bc40b4e05a431ab260bfdf3435e2e9fc7259679b286a7ffc619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "679227c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: private
accept-ranges: bytes
content-length: 262
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_col_droite_haut.jpg
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/colonne_droite/ 3 KB
3 KB 519ms
179ms Image
image/jpeg 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/contenu_milieu/colonne_droite/bg_col_droite_haut.jpg

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

fec4b2d43ab144dbd702663aec302cc00cc925d41aa5c630832c7137afad8515

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 30 Sep 2023 09:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "5a1c31c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
content-length: 2674
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_footer.gif
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/pied_de_page/ 498 B
950 B 234ms
184ms Image
image/gif 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/pied_de_page/bg_footer.gif

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

bcdff9307b8abf3936cba9eca411bbff72d3884dd01fac8c92bf0ba3663fd299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 30 Sep 2023 09:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "8ea53ac5cfefd81:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: private
accept-ranges: bytes
content-length: 498
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bg_footer_centre.jpg
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/pied_de_page/ 4 KB
5 KB 430ms
196ms Image
image/jpeg 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ModelPage/pied_de_page/bg_footer_centre.jpg

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

0d3bb0a04d168b0419d3781af61ad7ff3906e221d9a14e144a1a5c333e4af7f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 02 Sep 2023 00:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:05 GMT
etag: "11f529c5cfefd81:0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
content-length: 4522
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK connexion.png
a0856045.xsph.ru/YRM_GestAuthn/display/ 1 KB
1 KB 241ms
239ms Image
image/png 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/connexion.png
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 06d3a95b9e26a83b9ed4cb3c6591ac260f5a9a39d44edb0b0dcbc313aabc8db8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:06 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:26 GMT
Server: openresty
ETag: "64e7a5fa-439"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1081
Expires: Sat, 09 Sep 2023 00:22:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 13ms
9ms Script
text/javascript 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP59ZRR

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Sep 2023 23:39:17 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Sep 2023 01:39:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 71ms
63ms Script
application/javascript 2404:6800:400a:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T696Q0CG7C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP59ZRR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c829db97d15df421b5871ea306ddd751bfe0d0b19999ff488ded2ba7550eb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:22:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Sep 2023 00:22:05 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bi...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-b...

35 B
55 B

13ms
9ms

Image
image/gif

2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=60750567.1693614125&tid=UA-115080125-2&_gid=1422478655.1693614125&gtm=45He38u0n81WP59ZRR&z=962218152

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 12:12:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43805
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=60750567.1693614125&tid=UA-115080125-2&_gid=1422478655.1693614125&gtm=45He38u0n81WP59ZRR&z=962218152
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
63 KB 61ms
61ms Script
application/javascript 2404:6800:400a:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T89FTCJ

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97c3683f287d3aeb0843defa1e38f488190c015da142fbcfff9eb30697f2255c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64199
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Sep 2023 00:22:06 GMT

GET
H/1.1 200
OK WebResource.gif
a0856045.xsph.ru/YRM_GestAuthn/display/ 167 B
472 B 240ms
240ms Image
image/gif 2a0a:2b43:9:ec3a::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/WebResource.gif
Requested by: Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
Protocol: HTTP/1.1
Server: 2a0a:2b43:9:ec3a:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: d93989c603f6900a452bbcf1c8f158093f07c256868cbb7c91021027deef9a4c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://a0856045.xsph.ru/YRM_GestAuthn/IntrfAuth.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sat, 02 Sep 2023 00:22:06 GMT
Last-Modified: Thu, 24 Aug 2023 18:48:36 GMT
Server: openresty
ETag: "64e7a604-a7"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167
Expires: Sat, 09 Sep 2023 00:22:06 GMT

GET
H/1.1 200
OK erreur_ico.gif
www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/ 167 B
619 B 413ms
181ms Image
image/gif 142.213.20.178
BACI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.prod.ramq.gouv.qc.ca/com/co/commun/RAMQ/images/erreur_ico.gif

Requested by

Host: www4.prod.ramq.gouv.qc.ca
URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.213.20.178 Montreal, Canada, ASN11489 (BACI, CA),

Reverse DNS

Software

Resource Hash

d93989c603f6900a452bbcf1c8f158093f07c256868cbb7c91021027deef9a4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/css/corps-ancien-piv.css?v=20150723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 30 Sep 2023 09:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 03 Nov 2022 22:01:04 GMT
etag: "5495cac4cfefd81:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: private
accept-ranges: bytes
content-length: 167
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 46ms
46ms XHR
text/plain 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1050030547&t=pageview&_s=1&dl=http%3A%2F%2Fa0856045.xsph.ru%2FYRM_GestAuthn%2FIntrfAuth.htm&ul=en-us&de=UTF-8&dt=Connexion%20%7C%20RAMQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAAC~&jid=857083759&gjid=1350576769&cid=60750567.1693614125&tid=UA-115080125-1&_gid=1422478655.1693614125&_r=1&gtm=45He38u0n81T89FTCJ&z=1727500237

Requested by

Host: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://a0856045.xsph.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Sep 2023 00:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a0856045.xsph.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a0856045.xsph.ru
URL: http://a0856045.xsph.ru/YRM_GestAuthn/display/connexion.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xsph.ru/	1970-01-21 00:02:54	Name: _ga Value: GA1.2.60750567.1693614125
.xsph.ru/	1970-01-20 14:28:20	Name: _gid Value: GA1.2.1422478655.1693614125
.xsph.ru/	1970-01-20 14:26:54	Name: _gat_UA-115080125-2 Value: 1
.xsph.ru/	1970-01-20 14:26:54	Name: _gat_UA-115080125-1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www4.prod.ramq.gouv.qc.ca/com/co/commun/ThemeJquery/Ramq/jquery-ui-1.8.4.custom.cssdisplay/jquery-ui-1.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0856045.xsph.ru
www.google-analytics.com
www.googletagmanager.com
www4.prod.ramq.gouv.qc.ca
a0856045.xsph.ru
142.213.20.178
2404:6800:400a:805::2008
2404:6800:400a:805::200e
2a0a:2b43:9:ec3a::
06d3a95b9e26a83b9ed4cb3c6591ac260f5a9a39d44edb0b0dcbc313aabc8db8
0d3bb0a04d168b0419d3781af61ad7ff3906e221d9a14e144a1a5c333e4af7f0
34ddc9b5e12aecde36dbf12bd77c8bd92bf96fb22a74aa5a6153b605f666ce34
55c96c0212e2ffd1f864d738db2fc5988ee12e8d05a92560f1d1cdf2b4a95e00
5bb801bc0edf9e69573619dda556fec88fde338e42cd2964e49e8249e71ad6c7
5cd64bac25e6ef40c1e00bb31f8270f0cd771d64a0dbb18d9f6124fb34aca51f
606a82a9d79163900f8ad539f7f97580da8ba63231753771680ddd293a0c82b0
6082321fa006c2afea53132ac86165e4a598f3e53b2721cc8dedcbeacb667e54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72a8389de1a90bd1e08c082c98bd8c51e176f8f484b211f6eff6213b7dbf0083
7c829db97d15df421b5871ea306ddd751bfe0d0b19999ff488ded2ba7550eb2a
7db240359ea429aef1efed6991e01177ec6d00e76d84ff4d16dfa341653c2a04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ae948b9d7350376d4e02ce1f9d49fd54fb9bdf11c49b53f6125ff3fa9af243
864140ee4b7eee4ba736cd9937e337654c9bc29027d2a8adb6da3bc9c188128d
8f2adc3b20b01a6a05e0c4609016073fd7171658e1d2aa7625c8a39ba7e400f9
97c3683f287d3aeb0843defa1e38f488190c015da142fbcfff9eb30697f2255c
9d78b3045163b539264f9cd7bd4bac4f8821f357f2f4a27de64cb53b6868e093
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6dfd1eaf9d2fb5e164efbdb180dbb7de61a237f3bb8687e94e64f0a0e415c87
b3e99a68f61e715ab87de11f13cde9bb6ba9adfdec6749b024a5bf071c830c8d
b7b3082a20512f790e662490355e37520610bc8c3089b171f598de8df87e6c2d
ba505d597c34cc6c822b6517b5bfaf091212ceac6229b3d312b19d52a32c5da2
bcdff9307b8abf3936cba9eca411bbff72d3884dd01fac8c92bf0ba3663fd299
cabf973706cc3452febb25990ea84e68e8d17811bcb1225483372787dd995e69
cc4b522bf30b0ea9a1e8682424d8374550c5d4c8a6cee68048bf4d04c40d8a1e
ccb76cf402c0c01d2bc41dbd54d00ea287df1f3bac9c487a8f8f0c15e0778927
d64fabb4624f4f25a14176d607c5e0155881692758e462c7206cc49fc66ddf91
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
d93989c603f6900a452bbcf1c8f158093f07c256868cbb7c91021027deef9a4c
dc16a9488607f9109058488aa0d21c7cb18e9b520ef6368ee35b8b43660520de
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b6559935cc7bc40b4e05a431ab260bfdf3435e2e9fc7259679b286a7ffc619
ea9c824a7846aeb6599b42a369cb279e41ac51ea0c6ce91191bf06f85b67e861
f3903412ffd96a7cf59ccbba5b6b3f26bb51b23ad5e001f3ed0eeec16f44781d
f837ccddc5ce58181e6acc4726e2670ecf5854bec60602e872b9e11deccaf3fb
fec4b2d43ab144dbd702663aec302cc00cc925d41aa5c630832c7137afad8515

a0856045.xsph.ru Open in urlscan Pro 2a0a:2b43:9:ec3a:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

51 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

552 kBTransfer

1149 kBSize

4 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a0856045.xsph.ru Open in urlscan Pro
2a0a:2b43:9:ec3a:: Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

51 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

552 kB
Transfer

1149 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions