urlscan.io logo urlscan.io
SecurityTrails logo

ctonlineconnect.b2clogin.com Open in urlscan Pro
2603:1026:3000:148::e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ctonline.fr/
Effective URL: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 11 via api from IT — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2603:1026:3000:148::e, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ctonlineconnect.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time ctonlineconnect.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.252.238.24 49028 (D-LAKE)
1 2603:1027:1:1... 8075 (MICROSOFT...)
5 2603:1026:300... 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
2 2620:1ec:bdf::64 8075 (MICROSOFT...)
15 6
4    185.252.238.24 (France)

ASN49028 (D-LAKE, FR)
ctonline.fr
1    2603:1027:1:158::8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ctonlineconnect.b2clogin.com
5    2603:1026:3000:148::e (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ctonlineconnect.b2clogin.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
6 b2clogin.com
ctonlineconnect.b2clogin.com
990 KB
4 ctonline.fr
ctonline.fr
1005 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3220
14 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1903
20 KB
15 4
Domain Requested by
6 ctonlineconnect.b2clogin.com ctonline.fr
ctonlineconnect.b2clogin.com
4 ctonline.fr ctonline.fr
2 aadcdn.msftauthimages.net
1 ajax.aspnetcdn.com ctonlineconnect.b2clogin.com
15 4

This site contains no links.

Subject Issuer Validity Valid
*.ctonline.fr
R10		 2024-09-11 -
2024-12-10		 3 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-12 -
2025-09-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: 7448D5C0281FB0BDB210A840D2F59DC0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Choisir votre compte

Page URL History Show full URLs

  1. https://ctonline.fr/ Page URL
  2. https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edf... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

15
Requests

87 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

2029 kB
Transfer

2427 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ctonline.fr/ Page URL
  2. https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ctonline.fr/ 		735 B
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ctonline.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.252.238.24 , France, ASN49028 (D-LAKE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0b1de7f56cb268229eb789c2a8b76ad15208ba1485a8709cfc53a270c99d43fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-store, must-revalidate, no-cache, max-age=0
content-length
735
content-type
text/html
date
Fri, 11 Oct 2024 01:50:38 GMT
etag
"1da955ca6dece5f"
last-modified
Tue, 23 Apr 2024 09:00:13 GMT
server
Microsoft-IIS/10.0
main.54e8e3b7.js
ctonline.fr/static/js/ 		1001 KB
1003 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctonline.fr/static/js/main.54e8e3b7.js
Requested by
Host: ctonline.fr
URL: https://ctonline.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.252.238.24 , France, ASN49028 (D-LAKE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonline.fr/

Response headers

cache-control
public, max-age=30672000
etag
"1da955ca6d16fc7"
accept-ranges
bytes
content-length
1024839
date
Fri, 11 Oct 2024 01:50:38 GMT
content-type
application/javascript
last-modified
Tue, 23 Apr 2024 09:00:13 GMT
server
Microsoft-IIS/10.0
main.c56a6cd6.css
ctonline.fr/static/css/ 		436 B
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctonline.fr/static/css/main.c56a6cd6.css
Requested by
Host: ctonline.fr
URL: https://ctonline.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.252.238.24 , France, ASN49028 (D-LAKE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
292f43c9ecfdb337f752c2fa08aee4c8c33de2552aea1c9d6bbc9e087e230e8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonline.fr/

Response headers

cache-control
public, max-age=30672000
etag
"1da955de659e934"
accept-ranges
bytes
content-length
436
date
Fri, 11 Oct 2024 01:50:38 GMT
content-type
text/css
last-modified
Tue, 23 Apr 2024 09:09:09 GMT
server
Microsoft-IIS/10.0
favicon.ico
ctonline.fr/icons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ctonline.fr/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.252.238.24 , France, ASN49028 (D-LAKE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonline.fr/

Response headers

cache-control
public, max-age=30672000
etag
"1da955ca6dec8fe"
accept-ranges
bytes
content-length
1150
date
Fri, 11 Oct 2024 01:50:38 GMT
content-type
image/x-icon
last-modified
Tue, 23 Apr 2024 09:00:13 GMT
server
Microsoft-IIS/10.0
openid-configuration
ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/v2.0/.well-known/openid-configuration
Requested by
Host: ctonline.fr
URL: https://ctonline.fr/static/js/main.54e8e3b7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonline.fr/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
274525cb-9ccf-4575-afb8-c24caf09ec74
Public
OPTIONS,TRACE,GET,HEAD,POST
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Access-Control-Allow-Origin
https://ctonline.fr
Content-Length
1467
X-XSS-Protection
1; mode=block
Date
Fri, 11 Oct 2024 01:50:39 GMT
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
Primary Request authorize
ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/ 		441 KB
160 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: ctonline.fr
URL: https://ctonline.fr/static/js/main.54e8e3b7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
087c7858df9c296d4989a58392908435111404480fefe83cc45cb42f44bdc480
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-hR2SvQI/MJlEeJbhYZp8cg==' 'report-sample'; report-uri /ctonlineconnect.onmicrosoft.com/B2C_1_si/client/cspreport?p=B2C_1_si
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ctonline.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
159931
Content-Security-Policy
script-src 'strict-dynamic' 'self' 'nonce-hR2SvQI/MJlEeJbhYZp8cg==' 'report-sample'; report-uri /ctonlineconnect.onmicrosoft.com/B2C_1_si/client/cspreport?p=B2C_1_si
Content-Type
text/html; charset=utf-8
Date
Fri, 11 Oct 2024 01:50:40 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.266.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
c3de534e-95ad-46a2-83d3-69e9610f07cf
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
755db1ac-e0e9-49cf-8453-3e307409fe8b
idpSelector.cshtml
ctonlineconnect.b2clogin.com/static/tenant/templates/AzureBlue/ 		61 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/static/tenant/templates/AzureBlue/idpSelector.cshtml?ui_locales=fr&slice=001-000&dc=AM3
Requested by
Host: ctonlineconnect.b2clogin.com
URL: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2aac776542b07216185fcb93f4d315bce1a09883138b27783d96f0c55ad365f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Max-Age
3600
Cache-Control
private
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
38849
X-XSS-Protection
1; mode=block
Date
Fri, 11 Oct 2024 01:50:40 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
DENY
1-1.png
ctonlineconnect.b2clogin.com/static/tenant/templates/backgrounds/ 		0
0
logo.svg
ctonlineconnect.b2clogin.com/static/tenant/templates/images/ 		0
0
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: ctonlineconnect.b2clogin.com
URL: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F6C) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonlineconnect.b2clogin.com/

Response headers

content-encoding
gzip
etag
"80254bf0cb33d21:0"
age
17277232
x-content-type-options
nosniff
x-cache
HIT
date
Fri, 11 Oct 2024 01:50:41 GMT
content-type
text/css
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
19759
x-xss-protection
1; mode=block
server
ECAcc (paa/6F6C)
illustration
aadcdn.msftauthimages.net/c1c6b6c8-siyfzmdeekc8cwy9so516kzabyoskfh-wkhjfgmxm-4/logintenantbranding/0/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-siyfzmdeekc8cwy9so516kzabyoskfh-wkhjfgmxm-4/logintenantbranding/0/illustration?ts=638108340922941715
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e57ade43e75e956e0c206598ab12dd9e5b34634505a6722dd2d09d85f98da418
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonlineconnect.b2clogin.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB0427BD1543A6
x-fd-int-roxy-purgeid
50755578
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Fri, 11 Oct 2024 01:50:41 GMT
content-type
image/*
last-modified
Wed, 01 Feb 2023 07:41:32 GMT
cache-control
public, max-age=86400
x-ms-request-id
f0125fbd-001e-0018-6942-1984cb000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
8501
x-azure-ref
20241011T015041Z-er1f76b5c6chg4cl2dkfwktmsg00000004k0000000001pay
x-ms-blob-type
BlockBlob
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-siyfzmdeekc8cwy9so516kzabyoskfh-wkhjfgmxm-4/logintenantbranding/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-siyfzmdeekc8cwy9so516kzabyoskfh-wkhjfgmxm-4/logintenantbranding/0/bannerlogo?ts=638194040769676842
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0530d0f44e1275a47f5d93a5e32e2945b89c9deadd954b810834fe4456fc3438
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ctonlineconnect.b2clogin.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB521949F5ADE0
x-fd-int-roxy-purgeid
50755578
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Fri, 11 Oct 2024 01:50:41 GMT
content-type
image/*
last-modified
Thu, 11 May 2023 12:14:37 GMT
cache-control
public, max-age=86400
x-ms-request-id
c3cd1e77-b01e-0032-2742-195bdb000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
5033
x-azure-ref
20241011T015041Z-er1f76b5c6chg4cl2dkfwktmsg00000004k0000000001paz
x-ms-blob-type
BlockBlob
segoeui.WOFF
ctonlineconnect.b2clogin.com/static/tenant/templates/fonts/ 		399 KB
400 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/static/tenant/templates/fonts/segoeui.WOFF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ctonlineconnect.b2clogin.com
Referer
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Max-Age
3600
ETag
"0ba8ffc7b15db1:0"
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
408688
X-XSS-Protection
1; mode=block
Date
Fri, 11 Oct 2024 01:50:40 GMT
Content-Type
font/x-woff
Last-Modified
Thu, 03 Oct 2024 10:07:00 GMT
X-Frame-Options
DENY
segoeui_bold.WOFF
ctonlineconnect.b2clogin.com/static/tenant/templates/fonts/ 		389 KB
389 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/static/tenant/templates/fonts/segoeui_bold.WOFF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ctonlineconnect.b2clogin.com
Referer
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Max-Age
3600
ETag
"0ba8ffc7b15db1:0"
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
398176
X-XSS-Protection
1; mode=block
Date
Fri, 11 Oct 2024 01:50:41 GMT
Content-Type
font/x-woff
Last-Modified
Thu, 03 Oct 2024 10:07:00 GMT
X-Frame-Options
DENY
perftrace
ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/B2C_1_si/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/B2C_1_si/client/perftrace?tx=StateProperties=eyJUSUQiOiJjM2RlNTM0ZS05NWFkLTQ2YTItODNkMy02OWU5NjEwZjA3Y2YifQ&p=B2C_1_si
Requested by
Host: ctonlineconnect.b2clogin.com
URL: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
TmpwZzJ6SXVHNU54aEFlQXJtSTNRQlk2QklQZGRiRktHOVZENFI1bkF5aFBKWUhORVpCZUowK1N0dmovZ3k1VnVoRlJyYWNJU0lLSUVqUTVHOFJUMEE9PTsyMDI0LTEwLTExVDAxOjUwOjQwLjU4OTc5MjZaO2I2K3d0c083NjkyUVl0V3dJRitpTnc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
Referer
https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
7d5914cd-0799-41da-a87a-dd99ecd7d9e2
Public
OPTIONS,TRACE,GET,HEAD,POST
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Fri, 11 Oct 2024 01:50:41 GMT
X-Frame-Options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ctonlineconnect.b2clogin.com
URL
https://ctonlineconnect.b2clogin.com/static/tenant/templates/backgrounds/1-1.png
Domain
ctonlineconnect.b2clogin.com
URL
https://ctonlineconnect.b2clogin.com/static/tenant/templates/images/logo.svg

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| sanitizeHtml function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

4 Cookies

Domain/Path Name / Value
.ctonlineconnect.b2clogin.com/ Name: x-ms-cpim-sso:ctonlineconnect.onmicrosoft.com_0
Value: m1.DfbN8RqmXIov8tvM.otFMNQuUX6XFADjGtWz0vg==.0.P23r2JWL/dP5GNwPGVkM3Jn0Tkx2Bp5+tc7cH3TWGHbrS1wzOJ2UgVkKxvDVzgx+ijYJysLUFR23jUk40lBTYI9Iebwh04M0rQmyKMvZIZtt5Qx6kSCAAsPKnLI2zANR3AoevZ/MjQkbMvoCocu3aS4kSk0QdiW52L35fJ41pOC9za055luMeOoqlWnAWWEDzMovYw17BgvHuXh4KgVzAXRxPizhhpyW9V4FlFdVU00IQSQvlyYJiqDM/Et/yxEAfRCWV7fPk6mraMozZqfYMYUgc+PoENGOdMBS6Zjc7LpM16VKDqKkFZt4xkNB1pk+Et3RxfuFo3Yq1zN9sGRC5dTaUT0ioJa3Hw==
.ctonlineconnect.b2clogin.com/ Name: x-ms-cpim-csrf
Value: TmpwZzJ6SXVHNU54aEFlQXJtSTNRQlk2QklQZGRiRktHOVZENFI1bkF5aFBKWUhORVpCZUowK1N0dmovZ3k1VnVoRlJyYWNJU0lLSUVqUTVHOFJUMEE9PTsyMDI0LTEwLTExVDAxOjUwOjQwLjU4OTc5MjZaO2I2K3d0c083NjkyUVl0V3dJRitpTnc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.ctonlineconnect.b2clogin.com/ Name: x-ms-cpim-cache|tlpew62vokad02npyq8hzw_0
Value: m1.qtz/7X5o6LIbmWo1.bVtZQHIj3F1VZHMabLklqw==.0.CSTamLsFmVEmrvdOssTmnJaBLi9xyVX81+WcAjX39yidGD5C+AnDYXcq2OZROvVZc1lIEPo0gE+C/oBLHGTyfUszaR4y1CO8Oar7eyTG4XVTeEKHeG01uAI/5OtgIJyFmpwiHbUuSm+UHIxuKHQ+qdP44BkfIR6nQo+f6wuihXSsoPC2nnTL+vcblBoEOz1yr/i7yrTRGCbKaWVodcOT8EVamoTResfC8JTdktQLLPsNozbCOJrX7nQyT+GZ5y6sFMK4/zBfXo8Q5NH6C+N+f5AJxGmPDN3neARIyg+SsYxsyyydTgl9dbeINqyyFHVpipwME3RnFNe7fEDk3T9P48B6oYNexzWRvujYf6cc7eKlszCMSnAa6KPPfT2Cmv6l993O1vrRjzg/xSQd5PFvshnSLHYfiO2RtoDaR9MNZAxuCzGDw5USCElgHkhNaUtUGn1J1RdzXwNN8rHofVjAh/R3AZ98nnH9wTcutL32FdIIowqyQ8D+j5g05FO1jZj0GXBuK31e1RjvVY9VWKRrcgiK02wE2HD44lCm0UstMc3WHDC7t18NepXWS5ghU655kcZVLz//YLD6XxSUJs0nGqEfITZS0SUnvtx9dqblFc/JQKT7HPr8PQ8gtdB5wo4H7do3xNqWzOr/EjnquFqx6Jqdx3BZLJFF47UTbTDuxE13EzfYxK65JhQWJGujDUiOw8m83CdtKNLW2tq4fkVMHazvZctui6FXome8y0dj/+J1jEK0ZGiyjBjxDGKWUtTlttaQTv2SotU/4hSeNK9JkfuvVqTZ5pAEq4sJX04hLKVuBENYPZVUgiKfPMmH5lg0ABtAn9QEOIXjPVQm6Sx2i4mFSAIza1ggJY7RjmwrKkngI4Zel87V/GjMAEodAxq51j7UbJleJ9KzeRRvOHVKIfO+VDPQc7DbFpaHw55AqdQRoKcy7G0kHZJkmDaYZXCDDlOpd6iwd+xZjqPYS7yMOhDCXIvCr/sSvTD0HmNdx+IVBu7gsVqInjBFR0N8zyinRJJVWVMizaBIwM2VATrvzrn/HBNimRrRpH5/FgLXQ2rIb1IyY/5hUFng3EyA7Kvd4+cwK0HVncXAaagkuLXuURs2xR/hJlf8haYzFYGd6/AESV30VwjzDuNe1XqkjY6azf+jQsevQRfvrTJM6Zwwk6C/pWADC3VZr+t+ONX9F3CN8fdJnMV/ntsYepLwdg8ZF5+yhWw/M3EUP2y4aUXTOXEucMXEWBmPBdSY3ymlpHwgAT9/MjkPibWbeQaSsU+/Qn2rEEZLInLyXaqHJKb2NxafnHMaqPwXyVUm+JN+Rz9WPkxHicNc6qiXnSm1tCqPIhJql+LP2b3MhjInlLnQFfZrCwkaLGymsi0FZKhXf+aLOYDjPlqXnzSc6eC5pthVOmjiNcyNqjiGux9yHuCMPLCyJBV6iyAepFuFUkaOHBZdevLDzfatMtNqtxt+uDDZ
.ctonlineconnect.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImMzZGU1MzRlLTk1YWQtNDZhMi04M2QzLTY5ZTk2MTBmMDdjZiIsIlQiOiJjdG9ubGluZWNvbm5lY3Qub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpIiwiQyI6ImVkZmVhNTBlLTI1MmYtNGM1ZS04YjY1LWY2MDQxYTRkNWU3OSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiYzNkZTUzNGUtOTVhZC00NmEyLTgzZDMtNjllOTYxMGYwN2NmIn0=

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ctonlineconnect.b2clogin.com/ctonlineconnect.onmicrosoft.com/b2c_1_si/oauth2/v2.0/authorize?client_id=edfea50e-252f-4c5e-8b65-f6041a4d5e79&scope=https%3A%2F%2Fctonlineconnect.onmicrosoft.com%2F85fc9b28-fb2f-4a8f-9e6c-971cf1f4d563%2Fprotech%20openid%20offline_access%20profile&redirect_uri=https%3A%2F%2Fctonline.fr%2F&client-request-id=5c01636c-d04a-48fb-b9e7-3d1a046265eb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=zvhE7UWInsjVgTL2wNGAc5rqZj1eOtHZYmR8gZba640&code_challenge_method=S256&nonce=09827bc1-06f8-40f2-9d39-62413c4d71ee&state=eyJpZCI6IjQ5OTdlMjhiLWRlNjAtNGU5OC1hYzlkLWZhYjMzODc0ZjQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o