urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.148.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10?tenan...
Effective URL: https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad...
Submission: On February 28 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 20.190.148.166, located in Seoul, Korea, Republic Of and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.107.246.59 8075 (MICROSOFT...)
3 13.107.213.59 8075 (MICROSOFT...)
3 20.190.148.166 8075 (MICROSOFT...)
1 20.44.10.123 ()
12 5
Apex Domain
Subdomains		 Transfer
5 powerapps.com
apps.powerapps.com — Cisco Umbrella Rank: 4926
content.powerapps.com — Cisco Umbrella Rank: 4230
303 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10
4 KB
1 microsoft.com
browser.pipe.aria.microsoft.com
263 B
0 msftauth.net Failed
aadcdn.msftauth.net Failed
12 4
Domain Requested by
3 login.microsoftonline.com content.powerapps.com
3 content.powerapps.com apps.powerapps.com
2 apps.powerapps.com
1 browser.pipe.aria.microsoft.com content.powerapps.com
0 aadcdn.msftauth.net Failed login.microsoftonline.com
12 5

This site contains no links.

Subject Issuer Validity Valid
apps.powerapps.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-02-02 -
2025-01-27		 a year crt.sh
content.powerapps.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-01-31 -
2025-01-25		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-25 -
2024-11-25		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-12-31 -
2024-12-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=73f65e50-a2cb-4b52-9f99-3c2eada98bcf&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=8IoLrcfQ6SL36YdxtgbD5By7sx70c8pgWrCkNBcZE3M&code_challenge_method=S256&nonce=4ce36a78-c770-408f-9836-2adc689855a1&state=eyJpZCI6IjUwOTlmMWU4LTQ4NmItNDM2NC1hYWIyLWJhZWNiZmE3OGQ3OSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Frame ID: CC030CFB0A46AF1F15E7E651581AB89A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b87... Page URL
  2. https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize?client_id=3e62f81... Page URL

Page Statistics

12
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

308 kB
Transfer

1479 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10?tenantId=18a01ad8-9727-498a-a47d-17374c6fd9f7&source=AppSharedV3&hint=4e23a25f-8b6a-411d-8a2e-8fd5947aa576&sourcetime=1698761451690 Page URL
  2. https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=73f65e50-a2cb-4b52-9f99-3c2eada98bcf&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=8IoLrcfQ6SL36YdxtgbD5By7sx70c8pgWrCkNBcZE3M&code_challenge_method=S256&nonce=4ce36a78-c770-408f-9836-2adc689855a1&state=eyJpZCI6IjUwOTlmMWU4LTQ4NmItNDM2NC1hYWIyLWJhZWNiZmE3OGQ3OSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
e8655e5e-1900-4785-b875-47010cdb1a10
apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/ 		205 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10?tenantId=18a01ad8-9727-498a-a47d-17374c6fd9f7&source=AppSharedV3&hint=4e23a25f-8b6a-411d-8a2e-8fd5947aa576&sourcetime=1698761451690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
891257c89a69a7953ef70b161141843fc2bb1546a1f33b91295bfedb3c8084e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 28 Feb 2024 16:10:09 GMT
link
<https://content.powerapps.com/resource/webplayer/hashedresources/96e4gdrm0il44/js/es6.player-boot.js>; rel=preload; as=script; crossorigin=anonymous; nopush </play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10/getPreloadMetadata>; rel=prefetch
referrer-policy
strict-origin
server-code-repo-name
PowerApps-PowerApps-WebPlayer
server-timing
x-ms-igw-upstream-headers;dur=712.9,x-ms-igw-req-overhead;dur=0.3
service-worker-allowed
/
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Headers Access-Control-Request-Method Accept-Encoding
x-azure-ref
20240228T161008Z-23en69fdm919z5rzaca6vns1300000000bdg00000001hgc0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-activity-vector
00.01.00
x-ms-correlation-id
b00e2b53-e48c-4f53-8b32-85a7d146f973
x-ms-gateway-clusters
prdcm001sin
x-ms-islandgateway
GA0000003
x-ms-service-request-id
ec923030-21a6-4487-864b-e2b7f270ebcb
x-servicefabric
NoRetry
es6.player-boot.js
content.powerapps.com/resource/webplayer/hashedresources/96e4gdrm0il44/js/ 		591 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.powerapps.com/resource/webplayer/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c93802dbb6405642fe71170cd06e001723dd78516d804090d994302dda9dd49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.powerapps.com/
Origin
https://apps.powerapps.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 16:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64644085
server-timing
x-ms-igw-upstream-headers;dur=867.8,x-ms-igw-req-overhead;dur=0.4
content-length
113657
x-ms-islandgateway
ga0000004
vary
Accept-Encoding
x-azure-ref
20240228T161010Z-23en69fdm919z5rzaca6vns1300000000bag00000001knhq
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control
public, max-age=31536000
x-ms-correlation-id
46190106-f4ce-4d49-8920-d9f92bb851d8
x-ms-activity-vector
00.01.00
x-ms-service-request-id
b3a542fe-4ee1-4e7b-9f84-e74e960ec43b
accept-ranges
bytes
x-ms-static-content
SA000002M
timing-allow-origin
*
getPreloadMetadata
apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10/getPreloadMetadata
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 16:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
x-cache
CONFIG_NOCACHE
x-ms-gateway-clusters
prdcm001eas
server-timing
x-ms-igw-upstream-headers;dur=551.3,x-ms-igw-req-overhead;dur=0.2
service-worker-allowed
/
referrer-policy
strict-origin
x-ms-islandgateway
GA000000A
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-azure-ref
20240228T161009Z-23en69fdm919z5rzaca6vns1300000000bdg00000001hgds
content-type
application/json; charset=utf-8
x-ms-activity-vector
00.01.00
cache-control
no-cache, no-store
x-ms-correlation-id
267bf6b9-35bd-4745-9e39-b851cd7257d0
x-ms-service-request-id
b0901af6-ebd9-4736-9771-0bda831d4618
server-code-repo-name
PowerApps-PowerApps-WebPlayer
base.host.js
content.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.powerapps.com/resource/webplayerbus/hashedresources/31on0d5ph4vfb/openSource/modified/winjs/js/base.host.js
Requested by
Host: apps.powerapps.com
URL: https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10?tenantId=18a01ad8-9727-498a-a47d-17374c6fd9f7&source=AppSharedV3&hint=4e23a25f-8b6a-411d-8a2e-8fd5947aa576&sourcetime=1698761451690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4ef36039750839f07a14caa53090cf13a5a76079679d05becd65f116c281fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.powerapps.com/
Origin
https://apps.powerapps.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 16:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64644085
server-timing
x-ms-igw-upstream-headers;dur=663.3,x-ms-igw-req-overhead;dur=0.2
content-length
15641
x-ms-islandgateway
GA0000033
vary
Accept-Encoding
x-azure-ref
20240228T161010Z-23en69fdm919z5rzaca6vns1300000000bag00000001knhr
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control
public, max-age=31536000
x-ms-correlation-id
e8d889fa-e6ef-46a1-a397-947e0a90f5c8
x-ms-activity-vector
00.01.00
x-ms-service-request-id
433c5702-b526-4fe1-979f-da4a520bdc7b
accept-ranges
bytes
x-ms-static-content
ZA000000F
timing-allow-origin
*
es6.player-boot.js
content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/ 		591 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Requested by
Host: apps.powerapps.com
URL: https://apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a/e8655e5e-1900-4785-b875-47010cdb1a10?tenantId=18a01ad8-9727-498a-a47d-17374c6fd9f7&source=AppSharedV3&hint=4e23a25f-8b6a-411d-8a2e-8fd5947aa576&sourcetime=1698761451690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c93802dbb6405642fe71170cd06e001723dd78516d804090d994302dda9dd49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.powerapps.com/
Origin
https://apps.powerapps.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 16:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-servicefabric
NoRetry
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64644085
server-timing
x-ms-igw-upstream-headers;dur=1329.7,x-ms-igw-req-overhead;dur=0.3
content-length
113703
x-ms-islandgateway
ga0000003
vary
Accept-Encoding
x-azure-ref
20240228T161010Z-23en69fdm919z5rzaca6vns1300000000bag00000001knhs
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id
cache-control
public, max-age=31536000
x-ms-correlation-id
692b95c9-2e0e-476f-b3e3-8b086207ed15
x-ms-activity-vector
00.01.00
x-ms-service-request-id
44556e83-4107-4859-91e0-75c026413760
accept-ranges
bytes
x-ms-static-content
SA0000004
timing-allow-origin
*
instance
login.microsoftonline.com/common/discovery/ 		980 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize
Requested by
Host: content.powerapps.com
URL: https://content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.148.166 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d90a322c3c47f7d333e3140dc500c740ad09e322948279fce97bf79776ca34a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Feb 2024 16:10:11 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
access-control-allow-methods
GET, OPTIONS
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
access-control-allow-origin
*
x-ms-request-id
8f306e26-dc28-4a3f-b8f1-3d877ba72700
content-type
application/json; charset=utf-8
cache-control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
content-length
980
x-ms-ests-server
2.1.17396.8 - KRC ProdSlices
x-xss-protection
0
openid-configuration
login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/v2.0/.well-known/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/v2.0/.well-known/openid-configuration
Requested by
Host: content.powerapps.com
URL: https://content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.148.166 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
77d578c26214f89ea6eccf4c63c6c5093d06703dd73d81becef80506cf014fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Feb 2024 16:10:11 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
access-control-allow-methods
GET, OPTIONS
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
access-control-allow-origin
*
x-ms-request-id
84e78f8f-b49a-4391-a9fd-e82470c32500
content-type
application/json; charset=utf-8
cache-control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
content-length
1753
x-ms-ests-server
2.1.17396.8 - NCUS ProdSlices
x-xss-protection
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=5c3a61f48d7c4522912765ae7465ab5c-8472b9b6-f99b-4baf-8db9-f97fcc0ca092-7243&client-time-epoch-millis=1709136612722&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: content.powerapps.com
URL: https://content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.44.10.123 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://apps.powerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 16:10:13 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1136
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
kill-tokens, kill-duration-seconds, time-delta-millis
access-control-allow-headers
Accept, Content-Type, Content-Encoding, Client-Id
content-length
0
Primary Request authorize
login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/ 		20 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/18a01ad8-9727-498a-a47d-17374c6fd9f7/oauth2/v2.0/authorize?client_id=3e62f81e-590b-425b-9531-cad6683656cf&scope=https%3A%2F%2Fservice.powerapps.com%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapps.powerapps.com%2Fauth%2Fv2&client-request-id=73f65e50-a2cb-4b52-9f99-3c2eada98bcf&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=8IoLrcfQ6SL36YdxtgbD5By7sx70c8pgWrCkNBcZE3M&code_challenge_method=S256&nonce=4ce36a78-c770-408f-9836-2adc689855a1&state=eyJpZCI6IjUwOTlmMWU4LTQ4NmItNDM2NC1hYWIyLWJhZWNiZmE3OGQ3OSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D
Requested by
Host: content.powerapps.com
URL: https://content.powerapps.com/resource/webplayerbus/hashedresources/96e4gdrm0il44/js/es6.player-boot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.148.166 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apps.powerapps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
8525
content-type
text/html; charset=utf-8
date
Wed, 28 Feb 2024 16:10:14 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.17396.8 - WUS3 ProdSlices
x-ms-request-id
820d0c8c-a572-472e-9d8a-04045fcb4800
x-xss-protection
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
0
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.pipe.aria.microsoft.com
URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=5c3a61f48d7c4522912765ae7465ab5c-8472b9b6-f99b-4baf-8db9-f97fcc0ca092-7243&client-time-epoch-millis=1709136615385&time-delta-to-apply-millis=1136
Domain
browser.pipe.aria.microsoft.com
URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=a387cfcf60114a43a7699f9fbb49289e-9bceb9fe-1c06-460f-96c5-6a0b247358bc-7238&client-time-epoch-millis=1709136615585&time-delta-to-apply-millis=1136
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
apps.powerapps.com/apphost/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/ Name: PA_GeoRegion_default-18a01ad8-9727-498a-a47d-17374c6fd9f7
Value: unitedstates
apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a Name: MicrosoftApplicationsTelemetryDeviceId
Value: bfa37f5b-2903-485d-9688-83fca2b0755c
apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/a Name: MicrosoftApplicationsTelemetryFirstLaunchTime
Value: 2024-02-28T16:10:10.712Z
apps.powerapps.com/play/e/default-18a01ad8-9727-498a-a47d-17374c6fd9f7/ Name: PA_GeoRegion_default-18a01ad8-9727-498a-a47d-17374c6fd9f7
Value: unitedstates
apps.powerapps.com/ Name: PACookieRolloutBucketProd
Value: OnePlayerEnableAuthCAE%3A54%26EnableModernShareButton%3A39%26EnableCdnEndpointsV2%3A12%26UsePowerPlatformAPI%3A24%26PCFAuthCAE%3A49%26ModernizeLaunchApp%3A76%26CopilotAdornerRewriteQuestions%3A93%26EnableWebPlayerDraftPreview%3A37%26TrialPageUrlRedirect%3A92%26UsePPUXConsentDialogService%3A27%26UpdateWebPlayerUrlInTeams%3A2%26CSPForCanvas%3A49%26EnableInlineNsatUI%3A17%26IsAppFramePreloadKillSwitchEnabled%3A53%26HandlebarsPages%3A77%26OnePlayerStandaloneConsent%3A66%26HostServiceWorker%3A88%26MigrateCDNPPUX%3A11%26EnableDescriptionCallout%3A38%26EnforceEUDB%3A18%26ES6Enabled%3A39%26TeamsSettingsRedirect%3A52%26CopilotSidecarWaitForFullEntitySync%3A85%26PublishedAppServiceWorker%3A82%26MSALTeamsV2%3A32%26OnePlayerTeamsEnableAuthCAE%3A31%26CopilotSidecarEnforceAdminSetting%3A42%26ShowTrialBanner%3A54%26HostServiceWorkerSharedAppHost%3A57%26CopilotSidecarOCVFeedback%3A3%26EnableAbortController%3A67%26UsePowerPlatformApiServer%3A98%26EnableMicrosoftGraphCustomScopes%3A84%26EnableWebAuthResourceForMonitors%3A19%26CopilotSidecarRecordPicker%3A79%26EnableXhrReplacement%3A28%26TimeoutMetadataCalls%3A42%26AuthFlowAcquireTokenQueueDisabled%3A87%26EnableDraftPreview%3A84%26ForceTip2InTest%3A46%26MigrateCDNPAClient%3A66%26EnableCustomScopesForAuthFlowProxy%3A80%26EnableNativePromise%3A4%26CopilotSidecarLandingCard%3A42%26PublishedAppServiceWorkerStandalone%3A26%26MSALInteractiveAPIOnTimeoutFailure%3A75%26TrustedUCIAppLifecycleV2%3A13%26UseRootMainForModelApps%3A21%26CopilotAdorner%3A56%26EntryPointCaching%3A23%26UsePPUXAuthoringMetadataEndpoint%3A39%26OfficeHeaderAddToTeams%3A52%26PreloadSdkInitCall%3A29%26CanvasAppHealthPage%3A24%26ModernizeLaunchAppPlayerRuntime%3A85%26EntryPointCachingStandalone%3A68%26EntryPointCachingSharedAppHost%3A63%26StrictCSPForCanvas%3A65%26HostServiceWorkerStandalone%3A1%26CopilotSidecar%3A57

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff