urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1037:1:8::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://farms-admin.citrapalu.net/
Effective URL: https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-584...
Submission: On December 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2603:1037:1:8::3, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 16.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.249.21.67 16509 (AMAZON-02)
3 2603:1037:1:8::3 8075 (MICROSOFT...)
1 2620:1ec:bdf::40 8075 (MICROSOFT...)
16 4
Apex Domain
Subdomains		 Transfer
8 citrapalu.net
farms-admin.citrapalu.net
1 MB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16
30 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 961
48 KB
0 live.com Failed
login.live.com Failed
0 msftauth.net Failed
aadcdn.msftauth.net Failed
16 5
Domain Requested by
8 farms-admin.citrapalu.net farms-admin.citrapalu.net
3 login.microsoftonline.com farms-admin.citrapalu.net
aadcdn.msauth.net
1 aadcdn.msauth.net login.microsoftonline.com
0 login.live.com Failed login.microsoftonline.com
0 aadcdn.msftauth.net Failed login.microsoftonline.com
16 5

This site contains no links.

Subject Issuer Validity Valid
*.farms-admin.citrapalu.net
Amazon RSA 2048 M02		 2023-01-27 -
2024-02-26		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-16 -
2024-11-16		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-10-29 -
2024-10-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 21798B5DCFE4CC5B5B83CDCFDA6602A1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://farms-admin.citrapalu.net/ Page URL
  2. https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f327897... Page URL
  3. https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f327897... Page URL

Page Statistics

16
Requests

75 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

1450 kB
Transfer

7299 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://farms-admin.citrapalu.net/ Page URL
  2. https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
  3. https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
farms-admin.citrapalu.net/ 		749 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
104244b99d8f68a867846b40a4ad3c121923f8a6469ff0bc9a6fef224df24f4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0, s-maxage=2
content-length
749
content-type
text/html
date
Wed, 06 Dec 2023 04:11:22 GMT
etag
"f883e690b2f57cc8b0428365c4fdc185"
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
x-amz-cf-id
2vmRoPDAl2lrRvqNOth3lN3dOnt1p9pSybxpr2-fI2dH5XMFnk3emw==
x-amz-cf-pop
IAH50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
main.8d988a25.js
farms-admin.citrapalu.net/static/js/ 		1 MB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dcf3b9f67a00e581226efc7d48ee2518edb94409b3de4b064c840d9d844c6af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:23 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"28c213ae2073ac2abed91a34cbd27d06"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
U4SoJPv4PjvsjDyZPenJMQx0pHvCDDz02b5NAI2U8eKJuv5GXi007g==
main.b062abda.css
farms-admin.citrapalu.net/static/css/ 		842 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/css/main.b062abda.css
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
423b69ec92d214c876e3e99da1c7bf363839a02d3ae011498283eb18337e784c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:22 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"e777f97298a2f06c724f9e7f7c2dbdfe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
bGFA9vewdiMN32fz-xzCRf9Ulhg6_w9wg8iGw9J-SIyQhN-0Rwjz7w==
638.1c565619.chunk.js
farms-admin.citrapalu.net/static/js/ 		128 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/js/638.1c565619.chunk.js
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b0b76c4d8fa9b2116fc34f9f11e3620f4a2d9a16d8e219ce22bf4e7e53f7ad6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:24 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"661a492ed862fed6b996b456487a9edf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
MU7imFmZKxnr_MYBzGOng0dLbpVAnO0BSS09k19b1_7xX2A_D0FoBg==
918.ba09cbf9.chunk.js
farms-admin.citrapalu.net/static/js/ 		5 MB
869 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/js/918.ba09cbf9.chunk.js
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a6f18b25447d04ea45ca3b07581eb56f914220b5f87ace9c7b95ca9244a3a38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:25 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"83a9ecb23fd321759cd5ecc8003f6eb3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
xIMPYuMv72EBnNL3QuOQgdAZTRj3pJ6w3R7rdEEoN8odGsSWmk7XRQ==
690.27547d9a.chunk.css
farms-admin.citrapalu.net/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/css/690.27547d9a.chunk.css
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c052cccb06bbc2b7aea811fa5fd772ab0ba6df454295dbb7996ae1b30995d4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:24 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"3b89da583aa003eef96da6f7ee2509ec"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
77jZCzlDD6pAnYHmiJK0joGEfCkB5Zla3VOw2HSjem89sCp5JXT_dA==
690.e0efb8e8.chunk.js
farms-admin.citrapalu.net/static/js/ 		115 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://farms-admin.citrapalu.net/static/js/690.e0efb8e8.chunk.js
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae5ecdb92480020ba8651d543cc2a83e3177810370e92be2a6138597a3fea87e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:25 GMT
content-encoding
gzip
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
W/"fb98e4cb6355b650b0159c2a19c06b2e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
KvLYSE4lbgx4OMKVi0UNNnm9oSSzwrWNFvxwVwnmScvViec9sT5k7Q==
truncated
/ 		366 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a86b069c1c0be26bc74527037afecf423e13ff12900b15cd1aa535542f18d7fe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
user.0d14c6999b4a5c8e86a7.png
farms-admin.citrapalu.net/static/media/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farms-admin.citrapalu.net/static/media/user.0d14c6999b4a5c8e86a7.png
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-67.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:11:27 GMT
via
1.1 21d7988e8123cac46b0c570da9d5cfde.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 06:10:48 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
etag
"1a817a95a42d8c43031378d122a05ffe"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
19293
x-amz-cf-id
tV00HCI96sTjDfa3VKTgF8p-qHaXMbITv8L_ARVj44CpEb5G3L5Dkw==
openid-configuration
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/v2.0/.well-known/openid-configuration
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1037:1:8::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://farms-admin.citrapalu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 06 Dec 2023 04:11:26 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
664e2b56-c4a3-467e-ac33-7f295e1d1f00
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Content-Length
1753
x-ms-ests-server
2.1.16790.9 - KRSLR1 ProdSlices
X-XSS-Protection
0
authorize
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: farms-admin.citrapalu.net
URL: https://farms-admin.citrapalu.net/static/js/main.8d988a25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1037:1:8::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4885f6f2cf71ec494c73b449663afb764f44fa985475a9b945e0ddcabf08b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://farms-admin.citrapalu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9116
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Dec 2023 04:11:25 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.16790.9 - NCUS ProdSlices
x-ms-request-id
3e738f50-277f-40ef-baf1-1820ba705200
BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0d16d925e0a818272ef0c4e3ec2009e6d10f2d7cea42f71c37a6f8733c79978

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Dec 2023 04:11:26 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
48749
x-ms-lease-status
unlocked
last-modified
Tue, 31 Oct 2023 21:22:47 GMT
etag
0x8DBDA5787B3F8D5
x-azure-ref
20231206T041126Z-kbyvyyfbnd3q53kahrs8yegx3g0000000230000000006xpz
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1e22293b-801e-0027-1275-26774e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/ 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1037:1:8::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb52b8f86e12fe05cfde2a539ed782e29c6f889440f4c6858c755f9966dc061f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15549
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Dec 2023 04:11:26 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.16790.9 - KRSLR1 ProdSlices
x-ms-request-id
0f7dd3f6-6415-4142-ac1f-d9f549092500
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0
ConvergedLogin_PCore_LRl_HOP41vTvA9IKhSqNsg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		0
0
ux.converged.login.strings-en.min_7-fvwaoy6tczdmxeczijww2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0
Me.htm
login.live.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_LRl_HOP41vTvA9IKhSqNsg2.js
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_7-fvwaoy6tczdmxeczijww2.js
Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

5 Cookies

Domain/Path Name / Value
login.microsoftonline.com/ Name: fpc
Value: AjmAvSI5NU9FtbgYKUVaN3s
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1