urlscan.io logo urlscan.io
SecurityTrails logo

login.r350d3v.cyber.gouv.qc.ca Open in urlscan Pro
13.107.246.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.r350d3v.cyber.gouv.qc.ca/
Effective URL: https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74...
Submission: On September 12 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 13.107.246.40, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.r350d3v.cyber.gouv.qc.ca.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 12th 2024. Valid for: 6 months.
This is the only time login.r350d3v.cyber.gouv.qc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 13.107.246.40 8075 (MICROSOFT...)
3 23.209.72.7 20940 (AKAMAI-ASN1)
6 20.220.1.65 8075 (MICROSOFT...)
23 4
13    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.r350d3v.cyber.gouv.qc.ca
js.monitor.azure.com
login.r350d3v.cyber.gouv.qc.ca
openid.r350d3v.cyber.gouv.qc.ca
aadcdn.msftauthimages.net
3    23.209.72.7 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-72-7.deploy.static.akamaitechnologies.com
res.cdn.office.net
res-1.cdn.office.net
6    20.220.1.65 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
canadacentral-1.in.applicationinsights.azure.com
Apex Domain
Subdomains		 Transfer
10 gouv.qc.ca
www.r350d3v.cyber.gouv.qc.ca
login.r350d3v.cyber.gouv.qc.ca
openid.r350d3v.cyber.gouv.qc.ca
1 MB
7 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1932
canadacentral-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 142495
1 KB
3 office.net
res.cdn.office.net — Cisco Umbrella Rank: 405
res-1.cdn.office.net — Cisco Umbrella Rank: 606
85 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6330
150 KB
23 4
Domain Requested by
6 canadacentral-1.in.applicationinsights.azure.com www.r350d3v.cyber.gouv.qc.ca
6 www.r350d3v.cyber.gouv.qc.ca www.r350d3v.cyber.gouv.qc.ca
3 login.r350d3v.cyber.gouv.qc.ca www.r350d3v.cyber.gouv.qc.ca
login.r350d3v.cyber.gouv.qc.ca
2 aadcdn.msftauthimages.net
2 res-1.cdn.office.net
1 openid.r350d3v.cyber.gouv.qc.ca login.r350d3v.cyber.gouv.qc.ca
1 res.cdn.office.net
1 js.monitor.azure.com www.r350d3v.cyber.gouv.qc.ca
23 8

This site contains no links.

Subject Issuer Validity Valid
www.r350d3v.cyber.gouv.qc.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-06 -
2025-02-06		 6 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-20 -
2025-08-15		 a year crt.sh
login.r350d3v.cyber.gouv.qc.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-12 -
2025-02-12		 6 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-30 -
2025-06-25		 a year crt.sh
openid.r350d3v.cyber.gouv.qc.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-12 -
2025-02-12		 6 months crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-08-04 -
2025-07-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA
Frame ID: 658A67FE1396F3833049CAC6925792EA
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Choose your account

Page URL History Show full URLs

  1. https://www.r350d3v.cyber.gouv.qc.ca/ Page URL
  2. https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?cli... Page URL

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

4
IPs

2
Countries

1451 kB
Transfer

1443 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.r350d3v.cyber.gouv.qc.ca/ Page URL
  2. https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.r350d3v.cyber.gouv.qc.ca/ 		843 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d7789e49234769a8cd4db3c00eb6a02f0eed0816c4e853e015c03c1eb6ac2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
843
content-md5
Gj1hB4faLPnn9VRLrIh+yw==
content-type
text/html
date
Thu, 12 Sep 2024 02:40:24 GMT
etag
"0x8DC8BB379458871"
last-modified
Thu, 13 Jun 2024 14:16:52 GMT
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9vr
x-cache
CONFIG_NOCACHE
x-ms-request-id
6effd827-d01e-0052-6bbd-04035a000000
x-ms-version
2018-03-28
main.db2a0386.js
www.r350d3v.cyber.gouv.qc.ca/static/js/ 		1016 KB
1018 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a04a63cf68a584cb1da7017424be43678ec96156eee75000cfab62734dbc6bd7

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
last-modified
Thu, 13 Jun 2024 14:16:53 GMT
content-md5
PQumX9VfaXaaoACdGuaw4w==
etag
"0x8DC8BB379DE08C3"
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9vv
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-ms-request-id
6effd84d-d01e-0052-0dbd-04035a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1040614
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		1 KB
904 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
x-ms-meta-aijssdkver
1.0.0
vary
Accept-Encoding
x-azure-ref
20240912T024024Z-1799c87bc7bjg5bfcg3bx8g9h80000000qd0000000002bga
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0fadf0b4-301e-003f-7615-f5e5e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
x-fd-int-roxy-purgeid
0
default.json
www.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/ 		984 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/default.json?mkt=fr-CA&v=1.3.5
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab790dd82e2ce5a0fc9b908c63b2b8118f4855ca090a5cdf1a56f41e2359dd2b

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
traceparent
00-b641d6ee371a4ec0b4f410d7925d4d5c-7156aaf5b0164c41-01
accept-language
fr-CA
request-id
|b641d6ee371a4ec0b4f410d7925d4d5c.7156aaf5b0164c41
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
last-modified
Thu, 13 Jun 2024 14:16:54 GMT
content-md5
W1Gq8r90I0QHyrtckJigmQ==
etag
"0x8DC8BB37A0BA1C8"
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9yx
x-cache
CONFIG_NOCACHE
content-type
application/json
x-ms-request-id
6effd9b9-d01e-0052-49bd-04035a000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
984
default.json
www.r350d3v.cyber.gouv.qc.ca/locales/en-US/ 		933 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/locales/en-US/default.json?mkt=en-US&v=1.3.5
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
896ec16dea94e29e7a1a28511a6d066644cb721021d3c81fe185babe88eec5c4

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
traceparent
00-b641d6ee371a4ec0b4f410d7925d4d5c-61038876b8a34119-01
accept-language
fr-CA
request-id
|b641d6ee371a4ec0b4f410d7925d4d5c.61038876b8a34119
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
last-modified
Thu, 13 Jun 2024 14:16:54 GMT
content-md5
7vi0Wva4dSgOIv4klddJlQ==
etag
"0x8DC8BB37A06997D"
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9yy
x-cache
CONFIG_NOCACHE
content-type
application/json
x-ms-request-id
a31e674d-301e-0017-18bd-04d6b9000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
933
favicon.ico
www.r350d3v.cyber.gouv.qc.ca/ 		7 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7b32e4e6442778f60b0a5ec9414727f4baf9de3186a7553ce6810491bd4cedf

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
last-modified
Thu, 13 Jun 2024 14:16:52 GMT
content-md5
Zy51sZnJdenfeMUl1sFu6w==
etag
"0x8DC8BB379400AF9"
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9yz
x-cache
CONFIG_NOCACHE
content-type
image/vnd.microsoft.icon
x-ms-request-id
c3823660-701e-0016-42bd-048965000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
7406
logo.png
www.r350d3v.cyber.gouv.qc.ca/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.r350d3v.cyber.gouv.qc.ca/images/logo.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cf019cc983c437a44778d667ce5073f82674b196090d8f90d26b49366d7c033

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:24 GMT
last-modified
Thu, 13 Jun 2024 14:16:53 GMT
content-md5
NeC9Ync0onQaHXgmtiBDsQ==
etag
"0x8DC8BB379C2205B"
x-azure-ref
20240912T024024Z-1799c87bc7b4tvlxerpfu78zy80000000a7g00000000d9zf
x-cache
CONFIG_NOCACHE
content-type
image/png
x-ms-request-id
c382369c-701e-0016-7abd-048965000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
9955
openid-configuration
login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/B2C_1A_SignIn/v2.0/.well-known/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/B2C_1A_SignIn/v2.0/.well-known/openid-configuration
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a677c6458fc6227ff6227463f1996a7b742cf2d7472acdda0d723f38a349f5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/jwk-set+json, application/json
Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
public
OPTIONS,TRACE,GET,HEAD,POST
x-ms-gateway-requestid
e9420e75-1b0e-4d53-97e0-5a89aa299f64
content-length
1609
x-xss-protection
1; mode=block
x-azure-ref
20240912T024025Z-1799c87bc7bspl947fu1zqqt6c0000000q7g00000000cne0
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.r350d3v.cyber.gouv.qc.ca
cache-control
no-store, must-revalidate, no-cache
allow
OPTIONS, TRACE, GET, HEAD, POST
accept-ranges
bytes
fabric-icons-13-c3989a02.woff
res.cdn.office.net/files/fabric-cdn-prod_20240129.001/assets/icons/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/files/fabric-cdn-prod_20240129.001/assets/icons/fabric-icons-13-c3989a02.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8142d2d6eb5e2ff94e1455a9f5816a763e8f565482b9f8e1ff48a81649f3380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
Origin
https://www.r350d3v.cyber.gouv.qc.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:25 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=31, clienttt; dur=, origin; dur=0 , cdntime; dur=0
content-length
16144
last-modified
Mon, 29 Jan 2024 20:38:59 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SECAUCUS&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.a904d217.1726108825.20ef8613&TotalRTCDNTime=31&CompressionType=&FileSize=16144"}],"include_subdomains ":true}
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
23706b80-b01e-0065-5735-546c46000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
akamai-request-bc
[a=23.210.4.169,b=552568339,c=g,n=US_NJ_SECAUCUS,o=20940]
timing-allow-origin
*
segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
Origin
https://www.r350d3v.cyber.gouv.qc.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:25 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=31, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
31824
last-modified
Tue, 15 Aug 2023 21:20:26 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SECAUCUS&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.a904d217.1726108825.20ef85ec&TotalRTCDNTime=31&CompressionType=&FileSize=31824"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
aed718ae-001e-0084-5c65-d0b003000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
akamai-request-bc
[a=23.210.4.169,b=552568300,c=g,n=US_NJ_SECAUCUS,o=20940]
timing-allow-origin
*
segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
Origin
https://www.r350d3v.cyber.gouv.qc.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:25 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=31, clienttt; dur=, origin; dur=0 , cdntime; dur=0
content-length
36344
last-modified
Tue, 15 Aug 2023 21:20:37 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SECAUCUS&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.a904d217.1726108825.20ef85ed&TotalRTCDNTime=31&CompressionType=&FileSize=36344"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
3908c64d-101e-0043-1b40-d0245e000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
akamai-request-bc
[a=23.210.4.169,b=552568301,c=g,n=US_NJ_SECAUCUS,o=20940]
timing-allow-origin
*
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		62 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 12 Sep 2024 02:40:25 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.r350d3v.cyber.gouv.qc.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Sep 2024 02:40:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.r350d3v.cyber.gouv.qc.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Sep 2024 02:40:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		62 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 12 Sep 2024 02:40:25 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.r350d3v.cyber.gouv.qc.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Sep 2024 02:40:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
Primary Request authorize
login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/ 		138 KB
141 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b234e69bb91c991d7bc0cb5f1ead952e67a7bcf43d454c4d03a7e74e4690d8ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
allow
OPTIONS TRACE GET HEAD POST
cache-control
no-store, must-revalidate, no-cache
content-length
141368
content-type
text/html; charset=utf-8
date
Thu, 12 Sep 2024 02:40:27 GMT
expires
-1
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20240912T024025Z-1799c87bc7bsxfz92uh2nzctvc0000000qa0000000000qu1
x-build
1.1.248.0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-gateway-requestid
9824c95a-ec25-4a0c-b548-db97f07112e2
x-request-id
908ceaae-7068-4bec-b18d-f18478439856
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
track
canadacentral-1.in.applicationinsights.azure.com/v2/ 		62 B
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://canadacentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: www.r350d3v.cyber.gouv.qc.ca
URL: https://www.r350d3v.cyber.gouv.qc.ca/static/js/main.db2a0386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.220.1.65 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 12 Sep 2024 02:40:25 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
idpSelector.html
openid.r350d3v.cyber.gouv.qc.ca/templates/default/ 		31 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://openid.r350d3v.cyber.gouv.qc.ca/templates/default/idpSelector.html
Requested by
Host: login.r350d3v.cyber.gouv.qc.ca
URL: https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9c784f4b91ef51ff5e6a034e83e07041f36d81c5880ed8437dcb607010c64782

Request headers

Referer
https://login.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 02:40:27 GMT
last-modified
Fri, 22 Sep 2023 12:14:13 GMT
content-md5
iNoG++0P0yiLHXxkiELbgg==
etag
"0x8DBBB656F448335"
x-azure-ref
20240912T024027Z-1799c87bc7b8tws5edf9e7p7mc0000000q70000000007216
x-cache
CONFIG_NOCACHE
content-type
text/html
access-control-allow-origin
*
x-ms-request-id
936ae575-b01e-0066-53bd-04dea2000000
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
31605
default_signin_illustration.png
openid.r350d3v.cyber.gouv.qc.ca/templates/default/img/ 		0
0
illustration
aadcdn.msftauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/illustration?ts=638176864464849067
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
082595044d114f78941578e87743ec92147e7f69d2bd2364affc14ab31ff6d49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 12 Sep 2024 02:40:28 GMT
x-content-type-options
nosniff
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
50755578
content-length
145898
x-ms-lease-status
unlocked
last-modified
Fri, 21 Apr 2023 15:07:26 GMT
etag
0x8DB427A1E8D1168
x-azure-ref
20240912T024027Z-1799c87bc7bzb5q8f0ukstgrw80000000q6g00000000bygc
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
39b3476f-401e-0069-0fbd-043e1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/bannerlogo?ts=638176864430388162
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25defc5fb950a0fb03b515e9220dd5b093451cfc09e2fc76df1e54fccf775d25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.r350d3v.cyber.gouv.qc.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 12 Sep 2024 02:40:27 GMT
x-content-type-options
nosniff
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
50755578
content-length
6917
x-ms-lease-status
unlocked
last-modified
Fri, 21 Apr 2023 15:07:23 GMT
etag
0x8DB427A1C6A0D91
x-azure-ref
20240912T024027Z-1799c87bc7bzb5q8f0ukstgrw80000000q6g00000000bygd
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
b286d121-901e-0008-36bd-041d5c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1e12ab060b69196fc0403e37c99fdfcec7cf0261d28b642d7c7a09005b6010

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		446 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bda5879abc5413fa6c4c069cfade446cf608553e4d84dd04c4f052ce4a50b678

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
perftrace
login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/B2C_1A_SignIn/client/ 		0
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/B2C_1A_SignIn/client/perftrace?tx=StateProperties=eyJUSUQiOiI5MDhjZWFhZS03MDY4LTRiZWMtYjE4ZC1mMTg0Nzg0Mzk4NTYifQ&p=B2C_1A_SignIn
Requested by
Host: login.r350d3v.cyber.gouv.qc.ca
URL: https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login.r350d3v.cyber.gouv.qc.ca/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/b2c_1a_signin/oauth2/v2.0/authorize?client_id=eb75e7a5-8f74-4cbf-9b25-8b9df2bfed1e&redirect_uri=https%3A%2F%2Fwww.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+offline_access&state=cfc93e5c5a5e494c81ec6cc03a4b926c&code_challenge=MCCQXL-cSnzDW2CHfQeCsfDAaWuL2KB4L52Ocugd_BQ&code_challenge_method=S256&response_mode=query&ui_locales=fr&locale=fr-CA
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
VFBuWGxsWk1RaFlSNFFYTnFPbnBDU0V2N3cxanB0TkFXUVlpWFg3N3gwbDNTYkZmYmNTNlFkVzgyNkZQcFA3WnZYd0grS1AyMU5aNkxZZHkxckUwL0E9PTsyMDI0LTA5LTEyVDAyOjQwOjI2LjkwODE4MTFaO3NPTnI0ZVhaZWlxVjdBY01vSVkvcXc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 12 Sep 2024 02:40:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
allow
OPTIONS, TRACE, GET, HEAD, POST
x-cache
CONFIG_NOCACHE
x-azure-ref
20240912T024027Z-1799c87bc7bsxfz92uh2nzctvc0000000qa0000000000qux
public
OPTIONS,TRACE,GET,HEAD,POST
cache-control
no-store, must-revalidate, no-cache
accept-ranges
bytes
x-ms-gateway-requestid
f6d0fa24-6d4b-4559-8f1c-f6485a571b88
content-length
0
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
openid.r350d3v.cyber.gouv.qc.ca
URL
https://openid.r350d3v.cyber.gouv.qc.ca/templates/default/img/default_signin_illustration.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $modal object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

5 Cookies

Domain/Path Name / Value
www.r350d3v.cyber.gouv.qc.ca/ Name: ai_user
Value: +KyCqhIIQSk+ryitr5q0EY|2024-09-12T02:40:24.696Z
www.r350d3v.cyber.gouv.qc.ca/ Name: ai_session
Value: ajo4Be3WXPIWzh1pstqMyU|1726108824800|1726108824800
.login.r350d3v.cyber.gouv.qc.ca/ Name: x-ms-cpim-csrf
Value: VFBuWGxsWk1RaFlSNFFYTnFPbnBDU0V2N3cxanB0TkFXUVlpWFg3N3gwbDNTYkZmYmNTNlFkVzgyNkZQcFA3WnZYd0grS1AyMU5aNkxZZHkxckUwL0E9PTsyMDI0LTA5LTEyVDAyOjQwOjI2LjkwODE4MTFaO3NPTnI0ZVhaZWlxVjdBY01vSVkvcXc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
.login.r350d3v.cyber.gouv.qc.ca/ Name: x-ms-cpim-cache|ruqmkghw7euxjfgeeeoyvg_0
Value: m1.Rx7TpFfx3rUt6kBE.J9f0B/AT457tuYPvghhxtA==.0.U0s7pwHfZp4oVlyrEJXOIdNd482HafCsYVpj4i9YLHT/NOm2ppUzmBjYs6zGg6RdyFyDQl6XtpwxQDFjttAy6oh41jckAUmhuMwwbHFfb3TEa+zTyv+2n2TUUiqmbbdOa5C8S8sACga9rSnOYBYDuV3rCM+05KijtgGMRvuIDaJdw+ww/7Np2s66pA3asFyYBCxOeo0F2VQkoQQjN1cvQpl1QrMN4OP1AD1B5OKD8hi9TzyoHB+TZW14pXqV7SttcimoqGF/pqluhe0JN+1LMdU8X9kb0D0Sa2YNaGVjktZvrH2avWKVVcgBpOu466ZsIVl5Q+f7mv3QoZBqjTPJ7l8DQcwz+ICq/DLwFSqWamQYrf3+bYz1ZpeNKOnI4N2f4WH1dhbpcMsu2OpWYCbEMHTIjETapCCdcVPAtf1mPhdzS0cBN9tqbawYhVZEWaiiNCRS/BGjIGBkOMozwStEAG2EHBGwOvBbcemFPZ38gQL6/GN8Fq3ErWuSCtECi1q4+L9bfJ67A+1JcJ01j8mCndBa3KPrqL9fcIZ7DRxw5buUuD4MPBeYMHCMYJPP9t+0dzhgWqKSLbbThunogJj8WpCKXPWioyx/dZZgN/2fOr6/DIuokcFLt9IbmX4B6GY5I60+JBF44gZO1G3wePvNLVjLGc21NLsFBQKHF9cZMjSD1qMRQN5nG3I5YWzm8Qqpagk5T1gVip2GXaX7t7AVcnVycd0omj/hDIm+R7xli+SdX9XE/ZM0sNBiV5DjAZz8/vvHz+itLpO0JtrNCOe8b1XZolCDNxM+Dxr8t9ouyefz1Ek390sKZXIpQ+K32CZk+EgB8S6TzGYxJbI/R23dQio0LQldszLL935J+8bZ6tENQCJz9SycUFgwpXqAMCAb1IZ2N5aTAG1yS4jU0e4SkgFAlIbw8jmQCehsQytp69U7iss4Xra2kDhir6xyygsFcj57ZB/w+XJ2zdjHEVbbrYUYqd6RUO30z44AIpuSe+nOjioCd59nAgGtSKZLrGKXzKJ+nz+t3vcQIQEU0RiQHcRVX4kHQ+2/1qecAn/CbAtJxjq52sXOh7YYdKuryuAwrBz0CuDTeAkeGnSOec0d5VzOWAh4TIw8cw85eCN2wZmCjEGKrF8sNf7R3e2DfWtnxrU9xj++oYJlI+G3a8y8M8a3ULRlVPPg0yhqTnHtvewfJ/2MYnTMwRsBv6aBfoY35M2DdSw2+cbH37wfzYrtsZXjmgXbdSbC5ZcrcR5hUc6fMCE6+tkvYB0YD8/jf9UD7Bh+U0D2mK7nSwSzJROJgh0BQB5AAPOztmQL2O1j/EdIvoXoZwSeMnh4vL4erXcurDoEJ9UrvX2OCRYEpTzzQo/7pgqMe0W/BcqTDpwC0qf0IrXhSGtwiiAKrSRHrB1b2CkylAovWzY0l1fAGy/f8JuonWoER5e25UAwEQF36cLYeEbaxfDxLdCYhMUxiH15/vUX49glycg/854OrtD/Hrmb/zLg/y66z4B0irAsDCflCw+SzW5CJYySix8okYXBPNTHR0KQlJl9c4E6UI71VGVhUiwsMbcd8LufMsxkZq3BOyWagJssxSUzcpsIXfKgbg/gTXxAhjD8yFw99ktrQUWDe0iJTSe+fOT2TmbtiXfk8HBYphfzfPndOYCEa2KV+3BadbnShMjMw7tlYgEzPlJC0D5alxuCEZ1KfnHGIUo7DJxFXDG0kYJ8UN7v7AnR9r5FYARIerGPDEszGM8/9djiN++KY+fmnO4IUIS2+iO5hjiQ2nulfcPqm+XCHtS7M8kU9Wde3mQCk5+iMAXJtMSEn9q9TnaC0IGqy12vXE2KKElwAuHMrFXAwM6WoMma6KiX9HvVkOTi0XI4yFjj91ZyPNeNaWL6fUhuUoB2pjg8I6R/LejXlYFppM4MZYdueJhwpT56DZGO68lVPLHVzZUf/Z3gFha2f6VWpJkApNVSgaQDG0uv3n3JLwdt7b+qjyCi4pkIzOjGrCSfr9bebaruOfJxStJ1Q6exgV60loTKoFCPCNfo6OlCMp5dVEWHAGyk3m5UCCdXHlQiF/OsXDuy1YnXEijA6/ytEOgq2OApv5LAbrBgWXKnZwNhnTrUimGAP3bF+zlRRUWF7OPkI/DL16qndZQHE359GrLbvsNfsW5E2rrbuC9jF/wo2tFTVdj4J9705w==
.login.r350d3v.cyber.gouv.qc.ca/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjkwOGNlYWFlLTcwNjgtNGJlYy1iMThkLWYxODQ3ODQzOTg1NiIsIlQiOiJjZ2NkcG9jYjJjLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfc2lnbmluIiwiQyI6ImViNzVlN2E1LThmNzQtNGNiZi05YjI1LThiOWRmMmJmZWQxZSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiOTA4Y2VhYWUtNzA2OC00YmVjLWIxOGQtZjE4NDc4NDM5ODU2In0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauthimages.net
canadacentral-1.in.applicationinsights.azure.com
js.monitor.azure.com
login.r350d3v.cyber.gouv.qc.ca
openid.r350d3v.cyber.gouv.qc.ca
res-1.cdn.office.net
res.cdn.office.net
www.r350d3v.cyber.gouv.qc.ca
openid.r350d3v.cyber.gouv.qc.ca
13.107.246.40
20.220.1.65
23.209.72.7
04d7789e49234769a8cd4db3c00eb6a02f0eed0816c4e853e015c03c1eb6ac2a
082595044d114f78941578e87743ec92147e7f69d2bd2364affc14ab31ff6d49
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
25defc5fb950a0fb03b515e9220dd5b093451cfc09e2fc76df1e54fccf775d25
2cf019cc983c437a44778d667ce5073f82674b196090d8f90d26b49366d7c033
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
896ec16dea94e29e7a1a28511a6d066644cb721021d3c81fe185babe88eec5c4
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9c784f4b91ef51ff5e6a034e83e07041f36d81c5880ed8437dcb607010c64782
a04a63cf68a584cb1da7017424be43678ec96156eee75000cfab62734dbc6bd7
a677c6458fc6227ff6227463f1996a7b742cf2d7472acdda0d723f38a349f5d5
ab1e12ab060b69196fc0403e37c99fdfcec7cf0261d28b642d7c7a09005b6010
ab790dd82e2ce5a0fc9b908c63b2b8118f4855ca090a5cdf1a56f41e2359dd2b
b234e69bb91c991d7bc0cb5f1ead952e67a7bcf43d454c4d03a7e74e4690d8ce
b8142d2d6eb5e2ff94e1455a9f5816a763e8f565482b9f8e1ff48a81649f3380
bda5879abc5413fa6c4c069cfade446cf608553e4d84dd04c4f052ce4a50b678
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b32e4e6442778f60b0a5ec9414727f4baf9de3186a7553ce6810491bd4cedf