myapplications.microsoft.com Open in urlscan Pro
2603:1027:1:148::b  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response myapplications.microsoft.com/	956 B 2 KB	395ms 30ms	Document text/html	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b453225e27cab7c2fed5d9a9dfa5ee0324c1b276b6a7923d89ef7c3813af6ce5 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control max-age=600 Content-Length 956 Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Content-Type text/html Date Thu, 28 Nov 2024 14:35:53 GMT ETag 0x8DD02A7E28ABD68 Last-Modified Mon, 11 Nov 2024 23:23:44 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Cache TCP_HIT x-azure-ref 20241128T143554Z-16c84996b8ccw4vhhC1AMSy5a800000001c000000001b32d x-fd-int-roxy-purgeid 0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id 60470f0e-901e-0041-0b5c-3c1e3b000000 x-ms-version 2009-09-19
GET H/1.1	200 OK	low-change-freq-vendors.64aacf46.js Show response myapplications.microsoft.com/bundle/	659 KB 257 KB	51ms 50ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/low-change-freq-vendors.64aacf46.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 42809e5fb03a254383ebaa5b3cace6051044e4868c86951ee5605b2bfffe0a1b Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:53 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:41 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id 8543e8f1-701e-0049-2feb-400434000000 Content-Length 262500 x-azure-ref 20241128T143554Z-16c84996b8ctxnvrhC1AMS5nes000000018g000000016933 x-ms-blob-type BlockBlob
GET H/1.1	200 OK	fluent.331533d0.js Show response myapplications.microsoft.com/bundle/	397 KB 154 KB	287ms 199ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/fluent.331533d0.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ed8c8c14550d6e60719a8661db4192d09cf9cfdb9260d35ab61801e97468e96a Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:54 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:40 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id 1026301b-501e-0071-22eb-40a0f4000000 Content-Length 156399 x-azure-ref 20241128T143554Z-16c84996b8c79c2shC1AMS1230000000016g00000000nkud x-ms-blob-type BlockBlob
GET H/1.1	200 OK	microsoft.9a8b6809.js Show response myapplications.microsoft.com/bundle/	260 KB 114 KB	119ms 77ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a4eacde3da3e7e5cfb6b34fb69bbcdc1928e84fa5a70e0484e1cc1c0d3389b92 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:55 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:41 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id e0eb7977-201e-0026-4aeb-400ec7000000 Content-Length 115923 x-azure-ref 20241128T143555Z-16c84996b8cfvvk8hC1AMS03k000000001600000000193gk x-ms-blob-type BlockBlob
GET H/1.1	200 OK	azure.e9a30734.js Show response myapplications.microsoft.com/bundle/	374 KB 108 KB	102ms 78ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/azure.e9a30734.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f22c0e077993bc20aec1a2ef52b37d64c653a663529d087d2de78ec3b54faa0a Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:54 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:40 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id 85c610ea-a01e-0038-151b-41e21f000000 Content-Length 109660 x-azure-ref 20241128T143555Z-16cb7d5bdf575m9lhC1DUSamvg00000002c0000000003724 x-ms-blob-type BlockBlob
GET H/1.1	200 OK	moderate-change-freq-vendors.b9b6c819.js Show response myapplications.microsoft.com/bundle/	45 KB 17 KB	180ms 57ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/moderate-change-freq-vendors.b9b6c819.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f1a54e92391653cc7dd5d4480ef80f578b2a2c77e6e421b7c9aafa0ac4586e75 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:54 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:40 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id 003ec45d-801e-0010-212f-3c83b7000000 Content-Length 16836 x-azure-ref 20241128T143555Z-er17df99fb5fgfblhC1PARppg00000000b9g000000009xuk x-ms-blob-type BlockBlob
GET H/1.1	200 OK	main.2cdce01f.js Show response myapplications.microsoft.com/bundle/	1 MB 397 KB	192ms 69ms	Script application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/main.2cdce01f.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fdaec16c95b816b1e137d48b66afe9e8d4993f8fa811544462ef92666ca149f4 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:54 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:41 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id bd2a663c-301e-002a-5512-4199cf000000 Content-Length 405389 x-azure-ref 20241128T143555Z-16cb7d5bdf5f46mqhC1DUSn5ms00000001tg00000000kxae x-ms-blob-type BlockBlob
GET H/1.1	200 OK	searchbox.ef784575.js myapplications.microsoft.com/bundle/	0 12 KB	86ms 75ms	Other application/javascript	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/bundle/searchbox.ef784575.js Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/main.2cdce01f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:56 GMT Content-Type application/javascript Last-Modified Mon, 11 Nov 2024 23:23:40 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id 5a9d7d4e-301e-002a-2ceb-4099cf000000 Content-Length 11533 x-azure-ref 20241128T143557Z-16c84996b8ccw4vhhC1AMSy5a800000001d00000000181s4 x-ms-blob-type BlockBlob
GET H/1.1	200 OK	Apps.json Show response myapplications.microsoft.com/locales/en-US/	17 KB 7 KB	87ms 64ms	Fetch text/plain	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/locales/en-US/Apps.json Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6392134c7a6bc1b65bbae8f7aafe273ea9b11b6dfa0f011ddf7b645479727546 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers request-id |a27aa0ceb545423dbea550c22828d176.afff5610c70c46b7 traceparent 00-a27aa0ceb545423dbea550c22828d176-afff5610c70c46b7-01 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:56 GMT Content-Type text/plain Last-Modified Mon, 11 Nov 2024 23:23:42 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=600 x-ms-request-id d09464f5-501e-0061-4b63-3c659c000000 Content-Length 5982 x-azure-ref 20241128T143557Z-16cb7d5bdf575m9lhC1DUSamvg00000002c00000000037b1 x-ms-blob-type BlockBlob
GET H/1.1	200 OK	Apps.json Show response myapplications.microsoft.com/locales/en/	17 KB 7 KB	87ms 65ms	Fetch text/plain	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/locales/en/Apps.json Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6392134c7a6bc1b65bbae8f7aafe273ea9b11b6dfa0f011ddf7b645479727546 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers request-id |a27aa0ceb545423dbea550c22828d176.63472e07d72b4698 traceparent 00-a27aa0ceb545423dbea550c22828d176-63472e07d72b4698-01 Referer https://myapplications.microsoft.com/?tenantid=cfab0009-84b7-4397-a0f8-f77cdf1579c1. User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers X-Cache-Info L1_T2 Content-Encoding br x-ms-version 2009-09-19 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:56 GMT Content-Type text/plain Last-Modified Mon, 11 Nov 2024 23:23:43 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=600 x-ms-request-id 1ab94e26-001e-000e-4226-386f6f000000 Content-Length 5982 x-azure-ref 20241128T143557Z-er17df99fb59pxq5hC1PARvg040000000ahg00000000kkqp x-ms-blob-type BlockBlob
GET H/1.1	200 OK	favicon.ico myapplications.microsoft.com/	17 KB 18 KB	65ms 59ms	Other image/x-icon	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/ Response headers x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DD02A7E0B5C18A x-fd-int-roxy-purgeid 0 X-Cache TCP_HIT Date Thu, 28 Nov 2024 14:35:57 GMT Content-Type image/x-icon Last-Modified Mon, 11 Nov 2024 23:23:40 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-request-id f26f182a-801e-002f-1beb-404b14000000 Accept-Ranges bytes Content-Length 17174 x-azure-ref 20241128T143557Z-16c84996b8c79c2shC1AMS123000000001900000000080dr x-ms-blob-type BlockBlob
GET H2	200	instance Show response login.microsoftonline.com/common/discovery/	981 B 2 KB	162ms 34ms	Fetch application/json	2603:1026:3000:150::a MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/cfab0009-84b7-4397-a0f8-f77cdf1579c1./oauth2/v2.0/authorize Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a9f1cd70bfdf1ce6b5de9c6ed89b038eb59038e0f00c3a75cb5dc988fe684fa1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/ Response headers access-control-expose-headers x-ms-srs x-ms-ests-server 2.1.19492.3 - FRC ProdSlices report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]} access-control-allow-methods GET, OPTIONS x-content-type-options nosniff p3p CP="DSP CUR OTPi IND OTRi ONL FIN" date Thu, 28 Nov 2024 14:35:57 GMT content-type application/json; charset=utf-8 x-ms-srs 1.P strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=86400, private nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} referrer-policy strict-origin-when-cross-origin x-ms-request-id ec13ea34-5745-493c-b83e-1cc538635702 content-security-policy-report-only object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-QS_ypH79aRUi4ftp-mFC9w' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All access-control-allow-origin * content-length 981 x-xss-protection 0
GET H/1.1	200 OK	favicon.ico myapplications.microsoft.com/	17 KB 0	87ms 87ms	Other image/x-icon	2603:1027:1:148::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myapplications.microsoft.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:148::b Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 Security Headers Name Value Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/ Response headers x-azure-ref 20241128T143557Z-16c84996b8c79c2shC1AMS123000000001900000000080dr Content-Security-Policy default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; Cache-Control max-age=31536000 x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DD02A7E0B5C18A x-fd-int-roxy-purgeid 0 x-ms-request-id f26f182a-801e-002f-1beb-404b14000000 Accept-Ranges bytes X-Cache TCP_HIT Content-Length 17174 Date Thu, 28 Nov 2024 14:35:57 GMT Content-Type image/x-icon Last-Modified Mon, 11 Nov 2024 23:23:40 GMT x-ms-blob-type BlockBlob
GET H2	400	openid-configuration Show response login.microsoftonline.com/cfab0009-84b7-4397-a0f8-f77cdf1579c1./v2.0/.well-known/	550 B 1 KB	78ms 32ms	Fetch application/json	2603:1026:3000:150::a MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/cfab0009-84b7-4397-a0f8-f77cdf1579c1./v2.0/.well-known/openid-configuration Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c5e2db6cb1e3f04628fcf2f13e0d1e19c2e28a4c2b0067c0ab06493a887de5fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://myapplications.microsoft.com/ Response headers access-control-expose-headers x-ms-srs x-ms-ests-server 2.1.19492.3 - WEULR1 ProdSlices report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]} access-control-allow-methods GET, OPTIONS x-content-type-options nosniff p3p CP="DSP CUR OTPi IND OTRi ONL FIN" date Thu, 28 Nov 2024 14:35:57 GMT content-type application/json; charset=utf-8 x-ms-srs 1.P strict-transport-security max-age=31536000; includeSubDomains cache-control private nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} referrer-policy strict-origin-when-cross-origin x-ms-request-id cd3297de-c1f6-4cb0-966a-832c3dd47200 content-security-policy-report-only object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-nDYfDmtGN-uAEftAAXXaJg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All access-control-allow-origin * content-length 550 x-xss-protection 0
POST H2	200	/ Show response eu-mobile.events.data.microsoft.com/OneCollector/1.0/	153 B 769 B	211ms 72ms	XHR application/json	20.50.73.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash cfade9b1602dc3c6699bd08b8ae5a0bc657f40f97cd0abdc270e371fb93a32a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers cache-control no-cache, no-store Referer https://myapplications.microsoft.com/ Client-Id NO_AUTH upload-time 1732804558290 time-delta-to-apply-millis use-collector-delta User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/x-json-stream client-version 1DS-Web-JS-3.2.11 apikey eb0742d24bd644a28fe7946fdab9a807-90692dd9-d451-44e6-aad5-139d8614a717-7491 Response headers strict-transport-security max-age=31536000 access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-methods POST access-control-allow-origin https://myapplications.microsoft.com content-length 153 p3p CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" date Thu, 28 Nov 2024 14:35:57 GMT content-type application/json server Microsoft-HTTPAPI/2.0 time-delta-millis 518 access-control-allow-headers P3P,Set-Cookie,time-delta-millis
OPTIONS H2	200	/ eu-mobile.events.data.microsoft.com/OneCollector/1.0/	0 0	335ms 92ms	Preflight	20.50.73.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://myapplications.microsoft.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://myapplications.microsoft.com access-control-max-age 3600 cache-control public, 3600 content-length 0 date Thu, 28 Nov 2024 14:35:58 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	/ Show response eu-mobile.events.data.microsoft.com/OneCollector/1.0/	154 B 240 B	545ms 527ms	XHR application/json	20.50.73.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: myapplications.microsoft.com URL: https://myapplications.microsoft.com/bundle/microsoft.9a8b6809.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 9973d7dfb18a23abd7b46869edc6a7b9b8c012ada1c2ec7bd7a4658ac47c1507 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers cache-control no-cache, no-store Referer https://myapplications.microsoft.com/ Client-Id NO_AUTH upload-time 1732804559293 time-delta-to-apply-millis 518 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/x-json-stream client-version 1DS-Web-JS-3.2.11 apikey eb0742d24bd644a28fe7946fdab9a807-90692dd9-d451-44e6-aad5-139d8614a717-7491 Response headers strict-transport-security max-age=31536000 access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-methods POST access-control-allow-origin https://myapplications.microsoft.com content-length 154 date Thu, 28 Nov 2024 14:35:58 GMT content-type application/json server Microsoft-HTTPAPI/2.0 time-delta-millis 15 access-control-allow-headers time-delta-millis

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkapps function| clearImmediate function| setImmediate object| regeneratorRuntime object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl string| O365ShellVerStr object| O365ShellContext object| O365Shell object| O365Shell_Shim

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			myapplications.microsoft.com/	1970-01-21 10:05:40	Name: MicrosoftApplicationsTelemetryDeviceId Value: 85517352-bf3e-48bb-bfec-ee747c04d10d
			myapplications.microsoft.com/	1970-01-21 01:20:06	Name: ai_session Value: O9ATNlUOUFe2eaNuQhEOuM|1732804557276|1732804557286
			.microsoft.com/	1970-01-21 10:05:40	Name: MC1 Value: GUID=1d984362433c4ee28dc9c43e1e5771b3&HASH=1d98&LV=202411&V=4&LU=1732804558808
			.microsoft.com/	1970-01-21 01:20:06	Name: MS0 Value: 4ff4930fdef84c6ab80572a0189c5172
			myapplications.microsoft.com/	1970-01-21 10:05:40	Name: MSFPC Value: GUID=1d984362433c4ee28dc9c43e1e5771b3&HASH=1d98&LV=202411&V=4&LU=1732804558808

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.microsoftonline.com/cfab0009-84b7-4397-a0f8-f77cdf1579c1./v2.0/.well-known/openid-configuration Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu-mobile.events.data.microsoft.com
login.microsoftonline.com
myapplications.microsoft.com
20.50.73.13
2603:1026:3000:150::a
2603:1027:1:148::b
42809e5fb03a254383ebaa5b3cace6051044e4868c86951ee5605b2bfffe0a1b
6392134c7a6bc1b65bbae8f7aafe273ea9b11b6dfa0f011ddf7b645479727546
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9973d7dfb18a23abd7b46869edc6a7b9b8c012ada1c2ec7bd7a4658ac47c1507
a4eacde3da3e7e5cfb6b34fb69bbcdc1928e84fa5a70e0484e1cc1c0d3389b92
a9f1cd70bfdf1ce6b5de9c6ed89b038eb59038e0f00c3a75cb5dc988fe684fa1
b453225e27cab7c2fed5d9a9dfa5ee0324c1b276b6a7923d89ef7c3813af6ce5
c5e2db6cb1e3f04628fcf2f13e0d1e19c2e28a4c2b0067c0ab06493a887de5fb
cfade9b1602dc3c6699bd08b8ae5a0bc657f40f97cd0abdc270e371fb93a32a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8c8c14550d6e60719a8661db4192d09cf9cfdb9260d35ab61801e97468e96a
f1a54e92391653cc7dd5d4480ef80f578b2a2c77e6e421b7c9aafa0ac4586e75
f22c0e077993bc20aec1a2ef52b37d64c653a663529d087d2de78ec3b54faa0a
fdaec16c95b816b1e137d48b66afe9e8d4993f8fa811544462ef92666ca149f4