login.microsoftonline.com
Open in
urlscan Pro
2603:1037:1:8::3
Public Scan
Effective URL: https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-584...
Submission: On December 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 13.249.21.67 13.249.21.67 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2603:1037:1:8::3 2603:1037:1:8::3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::40 2620:1ec:bdf::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
16 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-21-67.iah50.r.cloudfront.net
farms-admin.citrapalu.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
citrapalu.net
farms-admin.citrapalu.net |
1 MB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16 |
30 KB |
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 961 |
48 KB |
0 |
live.com
Failed
login.live.com Failed |
|
0 |
msftauth.net
Failed
aadcdn.msftauth.net Failed |
|
16 | 5 |
Domain | Requested by | |
---|---|---|
8 | farms-admin.citrapalu.net |
farms-admin.citrapalu.net
|
3 | login.microsoftonline.com |
farms-admin.citrapalu.net
aadcdn.msauth.net |
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
0 | login.live.com Failed |
login.microsoftonline.com
|
0 | aadcdn.msftauth.net Failed |
login.microsoftonline.com
|
16 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.farms-admin.citrapalu.net Amazon RSA 2048 M02 |
2023-01-27 - 2024-02-26 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-16 - 2024-11-16 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-10-29 - 2024-10-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 21798B5DCFE4CC5B5B83CDCFDA6602A1
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://farms-admin.citrapalu.net/ Page URL
- https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f327897... Page URL
- https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f327897... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://farms-admin.citrapalu.net/ Page URL
- https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
- https://login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/authorize?client_id=f3278975-2312-4dfb-ad42-5844e00fecc0&scope=User.Read%20User.Read.All%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ffarms-admin.citrapalu.net&client-request-id=5744a329-ec16-42e8-be1d-1262936dbf29&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.5.0&client_info=1&code_challenge=6WjUMo4SMCwM1ZhdIFvkU7ulYnzI0NoZieIl78AZGfY&code_challenge_method=S256&nonce=d6270bb4-f49d-4ace-aff3-a13ecf51e79d&state=eyJpZCI6Ijk5MTRiMmFjLWZkNGQtNDZiOC05ZGZhLTYwMTc0ZTc4NmIxYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
farms-admin.citrapalu.net/ |
749 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.8d988a25.js
farms-admin.citrapalu.net/static/js/ |
1 MB 318 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b062abda.css
farms-admin.citrapalu.net/static/css/ |
842 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638.1c565619.chunk.js
farms-admin.citrapalu.net/static/js/ |
128 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
918.ba09cbf9.chunk.js
farms-admin.citrapalu.net/static/js/ |
5 MB 869 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
690.27547d9a.chunk.css
farms-admin.citrapalu.net/static/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
690.e0efb8e8.chunk.js
farms-admin.citrapalu.net/static/js/ |
115 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
366 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.0d14c6999b4a5c8e86a7.png
farms-admin.citrapalu.net/static/media/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/v2.0/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/2c7e9c06-e422-400b-8d0e-e833d0211b7a/oauth2/v2.0/ |
42 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ConvergedLogin_PCore_LRl_HOP41vTvA9IKhSqNsg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ux.converged.login.strings-en.min_7-fvwaoy6tczdmxeczijww2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
login.live.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msftauth.net
- URL
- https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
- Domain
- aadcdn.msftauth.net
- URL
- https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_LRl_HOP41vTvA9IKhSqNsg2.js
- Domain
- aadcdn.msftauth.net
- URL
- https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_7-fvwaoy6tczdmxeczijww2.js
- Domain
- login.live.com
- URL
- https://login.live.com/Me.htm?v=3
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.microsoftonline.com/ | Name: fpc Value: AjmAvSI5NU9FtbgYKUVaN3s |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
farms-admin.citrapalu.net
login.live.com
login.microsoftonline.com
aadcdn.msftauth.net
login.live.com
13.249.21.67
2603:1037:1:8::3
2620:1ec:bdf::40
028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36
104244b99d8f68a867846b40a4ad3c121923f8a6469ff0bc9a6fef224df24f4b
1dcf3b9f67a00e581226efc7d48ee2518edb94409b3de4b064c840d9d844c6af
2a6f18b25447d04ea45ca3b07581eb56f914220b5f87ace9c7b95ca9244a3a38
423b69ec92d214c876e3e99da1c7bf363839a02d3ae011498283eb18337e784c
7c052cccb06bbc2b7aea811fa5fd772ab0ba6df454295dbb7996ae1b30995d4c
8b0b76c4d8fa9b2116fc34f9f11e3620f4a2d9a16d8e219ce22bf4e7e53f7ad6
a0d16d925e0a818272ef0c4e3ec2009e6d10f2d7cea42f71c37a6f8733c79978
a86b069c1c0be26bc74527037afecf423e13ff12900b15cd1aa535542f18d7fe
ae5ecdb92480020ba8651d543cc2a83e3177810370e92be2a6138597a3fea87e
f4885f6f2cf71ec494c73b449663afb764f44fa985475a9b945e0ddcabf08b07
fb52b8f86e12fe05cfde2a539ed782e29c6f889440f4c6858c755f9966dc061f