urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.24.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apps.powerapps.com/play/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Effective URL: https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad...
Submission: On September 06 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 13 HTTP transactions. The main IP is 40.126.24.82, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.107.253.40 8075 (MICROSOFT...)
2 52.146.73.136 ()
2 20.190.152.22 ()
1 40.126.24.82 ()
1 13.89.179.13 ()
2 152.195.19.97 ()
13 7
2    13.107.253.40 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
apps.powerapps.com
2    52.146.73.136 (None, )

ASN- ()
static.powerapps.com
2    20.190.152.22 (None, )

ASN- ()
login.microsoftonline.com
1    40.126.24.82 (None, )

ASN- ()
login.microsoftonline.com
1    13.89.179.13 (None, )

ASN- ()
browser.pipe.aria.microsoft.com
2    152.195.19.97 (None, )

ASN- ()
aadcdn.msftauth.net
Domain Requested by
3 login.microsoftonline.com static.powerapps.com
2 aadcdn.msftauth.net login.microsoftonline.com
2 static.powerapps.com apps.powerapps.com
2 apps.powerapps.com 1 redirects
1 browser.pipe.aria.microsoft.com static.powerapps.com
0 login.live.com Failed login.microsoftonline.com
0 content.powerapps.com Failed apps.powerapps.com
13 7

This site contains no links.

Subject Issuer Validity Valid
apps.powerapps.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-08-23 -
2025-08-18		 a year crt.sh
static.powerapps.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-08-11 -
2025-08-06		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-08-31 -
2025-02-28		 6 months crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-29 -
2025-06-24		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=eda85cbd-d41e-4cb4-b0a7-884e53d31dfd&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=pgWciMKd7wJW6125LDgQ4Epr4Tk1nQNK5l18QqZz-5g&code_challenge_method=S256&nonce=39fbc4e3-1264-4267-8e46-ad621cbeedb6&state=eyJpZCI6ImY1MmEwMjFiLTM3NGMtNDE2ZS1hZTNlLTcyMzA2OTUwY2M4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Frame ID: 31FC9BE61934BCE02BB498D5AFBDCE67
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Power Apps

Page URL History Show full URLs

  1. https://apps.powerapps.com/play/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a... HTTP 302
    https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db... Page URL
  2. https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81... Page URL

Page Statistics

13
Requests

69 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

1
Countries

248 kB
Transfer

1676 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apps.powerapps.com/play/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9 HTTP 302
    https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9 Page URL
  2. https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=eda85cbd-d41e-4cb4-b0a7-884e53d31dfd&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=pgWciMKd7wJW6125LDgQ4Epr4Tk1nQNK5l18QqZz-5g&code_challenge_method=S256&nonce=39fbc4e3-1264-4267-8e46-ad621cbeedb6&state=eyJpZCI6ImY1MmEwMjFiLTM3NGMtNDE2ZS1hZTNlLTcyMzA2OTUwY2M4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://apps.powerapps.com/play/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9 HTTP 302
  • https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a9424151-06e2-42e1-8db0-c7c361c8c9c4
apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/
Redirect Chain
  • https://apps.powerapps.com/play/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
  • https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
217 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
caabbdd41da0f966dc50d4863f40363ece330b71ba614f8d63086c7bf626bd7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 06 Sep 2024 14:56:08 GMT
link
<https://content.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js>; rel=preload; as=script; crossorigin=anonymous; nopush
referrer-policy
strict-origin
server-code-repo-name
PowerApps-PowerApps-WebPlayer
server-timing
x-ms-igw-upstream-headers;dur=10.1,x-ms-igw-req-overhead;dur=0.7
service-worker-allowed
/
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Headers Access-Control-Request-Method Accept-Encoding
x-azure-ref
20240906T145608Z-154fc9b58c8xxp9dbpbpgzdg440000000bv0000000002gpa
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-activity-vector
00.01.00
x-ms-correlation-id
4ddf5561-e6c4-44ed-9b3f-6457c87dcbab
x-ms-gateway-clusters
prdcm001cca
x-ms-islandgateway
GA000005O
x-ms-ppapigateway
GA000005Q
x-ms-service-request-id
72160c9d-6e9a-494d-ae10-0b2c9e21908d
x-servicefabric
NoRetry

Redirect headers

content-length
0
date
Fri, 06 Sep 2024 14:56:08 GMT
location
https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
referrer-policy
strict-origin
server-code-repo-name
PowerApps-PowerApps-WebPlayer
server-timing
x-ms-igw-upstream-headers;dur=17.8,x-ms-igw-req-overhead;dur=0.9
service-worker-allowed
/
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Headers Access-Control-Request-Method Accept-Encoding
x-azure-ref
20240906T145608Z-154fc9b58c8xxp9dbpbpgzdg440000000bv0000000002gp7
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-activity-vector
00.01.00
x-ms-correlation-id
db0212ac-569c-4fcf-a463-4c0d33cd3a8d
x-ms-gateway-clusters
prdcm001cca
x-ms-islandgateway
GA000005S
x-ms-ppapigateway
GA000005Q
x-ms-service-request-id
e9b6cd19-672e-4abb-a8d3-59a038024cf5
x-servicefabric
NoRetry
es6.player-boot.js
content.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/ 		0
0
base.host.js
content.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/ 		0
0
base.host.js
static.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/base.host.js
Requested by
Host: apps.powerapps.com
URL: https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.146.73.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4ef36039750839f07a14caa53090cf13a5a76079679d05becd65f116c281fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.powerapps.com/
Origin
https://apps.powerapps.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
server-timing
x-ms-igw-upstream-headers;dur=166.7,x-ms-igw-req-overhead;dur=0.4
content-length
15641
x-ms-islandgateway
GA0000034
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control
public, max-age=31536000
x-ms-correlation-id
dc1bf83d-8704-4aae-a2c6-56b544a6538c
x-ms-activity-vector
00.01.00
x-ms-service-request-id
756b4159-d0c6-4d8e-934c-ee9f99bb2580
x-ms-static-content
ZE000000H
timing-allow-origin
*
es6.player-boot.js
static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/ 		794 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Requested by
Host: apps.powerapps.com
URL: https://apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/a/a9424151-06e2-42e1-8db0-c7c361c8c9c4?tenantId=0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.146.73.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
adb740721089781575c4ae0491379f0afecea89065d7348f6a87f6d1e86da088
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.powerapps.com/
Origin
https://apps.powerapps.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 14:56:14 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
server-timing
x-ms-igw-upstream-headers;dur=280.4,x-ms-igw-req-overhead;dur=0.3
content-length
129621
x-ms-islandgateway
GA0000034
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control
public, max-age=31536000
x-ms-correlation-id
b077742b-d7f8-4c32-82b8-f57ecb531161
x-ms-activity-vector
00.01.00
x-ms-service-request-id
054641ee-5abd-4c27-9e29-8825b4f5f1f7
x-ms-static-content
NR000000R
timing-allow-origin
*
instance
login.microsoftonline.com/common/discovery/ 		980 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize
Requested by
Host: static.powerapps.com
URL: https://static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.152.22 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c40ba52d190d4214fe81ea29d104621b3816b3290c91ccd3a66339f17ffc1cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 06 Sep 2024 14:56:14 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
980
X-XSS-Protection
0
x-ms-srs
1.P
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
33d00e95-f574-48fe-8e51-d3e228939000
Access-Control-Expose-Headers
x-ms-srs
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.18841.2 - EUS ProdSlices
openid-configuration
login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/v2.0/.well-known/openid-configuration
Requested by
Host: static.powerapps.com
URL: https://static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.152.22 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 06 Sep 2024 14:56:14 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
1753
X-XSS-Protection
0
x-ms-srs
1.P
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
1a53c826-5034-41ed-b0bc-ce15744f1100
Access-Control-Expose-Headers
x-ms-srs
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.18841.2 - NCUS ProdSlices
Primary Request authorize
login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/ 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=eda85cbd-d41e-4cb4-b0a7-884e53d31dfd&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=pgWciMKd7wJW6125LDgQ4Epr4Tk1nQNK5l18QqZz-5g&code_challenge_method=S256&nonce=39fbc4e3-1264-4267-8e46-ad621cbeedb6&state=eyJpZCI6ImY1MmEwMjFiLTM3NGMtNDE2ZS1hZTNlLTcyMzA2OTUwY2M4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Requested by
Host: static.powerapps.com
URL: https://static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.24.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apps.powerapps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15646
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Sep 2024 14:56:22 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18841.2 - WUS3 ProdSlices
x-ms-request-id
703b7716-403c-4bb5-b4a4-24bb08aa4500
x-ms-srs
1.P
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=5c3a61f48d7c4522912765ae7465ab5c-fb3d6606-fe59-4d6b-9bb1-5e993d889672-7138&client-time-epoch-millis=1725634576380&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: static.powerapps.com
URL: https://static.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.13 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Sep 2024 14:56:16 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
268
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
kill-tokens, kill-duration-seconds, time-delta-millis
access-control-allow-headers
Accept, Content-Type, Content-Encoding, Client-Id
content-length
0
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=eda85cbd-d41e-4cb4-b0a7-884e53d31dfd&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=pgWciMKd7wJW6125LDgQ4Epr4Tk1nQNK5l18QqZz-5g&code_challenge_method=S256&nonce=39fbc4e3-1264-4267-8e46-ad621cbeedb6&state=eyJpZCI6ImY1MmEwMjFiLTM3NGMtNDE2ZS1hZTNlLTcyMzA2OTUwY2M4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 -, , ASN (),
Reverse DNS
Software
ECAcc (chd/0746) /
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 14:56:23 GMT
content-encoding
gzip
content-md5
SJgdPPV+fFjKfj6FHvk1Tg==
age
2061681
x-cache
HIT
content-length
20414
x-ms-lease-status
unlocked
last-modified
Wed, 03 Jul 2024 21:49:46 GMT
server
ECAcc (chd/0746)
etag
0x8DC9BAA0E5931F9
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b666af6e-a01e-0081-27ac-ed21bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		439 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=eda85cbd-d41e-4cb4-b0a7-884e53d31dfd&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=pgWciMKd7wJW6125LDgQ4Epr4Tk1nQNK5l18QqZz-5g&code_challenge_method=S256&nonce=39fbc4e3-1264-4267-8e46-ad621cbeedb6&state=eyJpZCI6ImY1MmEwMjFiLTM3NGMtNDE2ZS1hZTNlLTcyMzA2OTUwY2M4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 -, , ASN (),
Reverse DNS
Software
ECAcc (chd/076A) /
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 14:56:23 GMT
content-encoding
gzip
content-md5
oV6jW3nBAiXnyi0hpysSuA==
age
1494706
x-cache
HIT
content-length
122174
x-ms-lease-status
unlocked
last-modified
Fri, 16 Aug 2024 22:51:50 GMT
server
ECAcc (chd/076A)
etag
0x8DCBE4604122A4D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fc396ae3-a01e-00dc-02d4-f22b39000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_rgcif7wynvabuyx5tqtpsw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0
Me.htm
login.live.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.powerapps.com
URL
https://content.powerapps.com/resource/webplayerbus/hashedresources/dtd14p1294ua1/js/es6.player-boot.js
Domain
content.powerapps.com
URL
https://content.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/base.host.js
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_rgcif7wynvabuyx5tqtpsw2.js
Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webPlayerServerConfig object| HostResourcesHashPaths object| globalScopeObject object| WebPlayerViews object| AppV2 object| webPlayerLocalization object| loaderScriptSrcs string| appFrameLoadFromCacheError object| ScriptLoader

3 Cookies

Domain/Path Name / Value
apps.powerapps.com/apphost/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/ Name: PA_GeoRegion_default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Value: unitedstates
apps.powerapps.com/play/e/default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9/ Name: PA_GeoRegion_default-0ab4cbbf-4bc7-4826-b52c-a14fed5286b9
Value: unitedstates
apps.powerapps.com/ Name: PACookieRolloutBucketProd
Value: HostServiceWorkerStandalone%3A8%26EnableCustomScopesForAuthFlowProxy%3A13%26CSPForceReportViolation%3A60%26HostServiceWorkerSharedAppHost%3A61%26CopilotAdornerIFrame%3A55%26UsePowerPlatformAPI%3A44%26CopilotAdornerSharePointWebPart%3A0%26PublishedAppServiceWorkerStandalone%3A41%26UsePPUXAuthoringMetadataEndpoint%3A90%26EnforceEUDB%3A76%26HandlebarsPages%3A27%26ForceTip2InTest%3A65%26EntryPointCaching%3A90%26UpdateWebPlayerUrlInTeams%3A9%26CanvasAppHealthPage%3A94%26EnableAbortController%3A32%26CopilotAdornerNl2Query%3A81%26DraftCoPilotV2PromptSuggestions%3A65%26ModernizeLaunchAppPlayerRuntime%3A63%26EntryPointCachingStandalone%3A91%26PublishedAppServiceWorker%3A25%26MSALTeamsV2%3A98%26EnableXhrReplacement%3A66%26OnePlayerTeamsEnableAuthCAE%3A53%26EnableDraftPreview%3A18%26CopilotAdorner%3A79%26PreloadSdkInitCall%3A12%26EnableNewPublishedAppEndpoints%3A27%26CopilotSidecarRecordPicker%3A56%26EntryPointCachingSharedAppHost%3A74%26EnableModernShareButton%3A35%26CopilotSidecar%3A78%26EnableNativePromise%3A86%26EnableWebAuthResourceForMonitors%3A39%26TrustedUCIAppLifecycleV2%3A7%26DraftWithCopilotPromptVersionV2%3A17%26HostServiceWorker%3A3%26EnableInlineNsatUI%3A62%26PCFAuthCAE%3A14%26DraftCoPilotV2DefaultSkill%3A1%26TimeoutMetadataCalls%3A5%26OnePlayerEnableAuthCAE%3A98%26EnableDescriptionCallout%3A19%26EnableCatchUpCallout%3A63%26CopilotAdornerTeams%3A49%26OfficeHeaderAddToTeams%3A57%26PreloadRequestsForAppStart%3A88%26ES6Enabled%3A2%26CopilotSidecarWaitForFullEntitySync%3A39%26EnableMicrosoftGraphCustomScopes%3A63%26CopilotAdornerPowerBI%3A75%26TrialPageUrlRedirect%3A8%26CopilotAdornerNl2QueryOnHover%3A19%26UsePowerPlatformApiServer%3A67%26EnablePowerPlatformCdnNotification%3A65%26ShowTrialBanner%3A31%26CopilotSidecarLandingCard%3A63%26StrictCSPForCanvas%3A23%26UseRootMainForModelApps%3A92%26IsAppFramePreloadKillSwitchEnabled%3A77%26TeamsSettingsRedirect%3A10%26EnableCopilotUpsell%3A86%26CopilotSidecarEnforceAdminSetting%3A30%26CopilotSidecarOCVFeedback%3A86%26ModernizeLaunchApp%3A55%26CopilotAdornerSharePointForm%3A42%26EnableWebPlayerDraftPreview%3A67

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff