urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:158::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://boldyn.talkwalker.app/
Effective URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Submission: On May 20 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 50 HTTP transactions. The main IP is 2603:1027:1:158::c, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 14.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on March 26th 2025. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 148.251.39.249 24940 (HETZNER-A...)
23 65.9.66.33 16509 (AMAZON-02)
1 2603:1027:1:1... 8075 (MICROSOFT...)
7 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 40.126.32.74 8075 (MICROSOFT...)
9 2620:1ec:bdf::45 8075 (MICROSOFT...)
50 6
10    148.251.39.249 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: branding.talkwalker.com
boldyn.talkwalker.app
23    65.9.66.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-33.fra56.r.cloudfront.net
static.tw-cdn.com
1    2603:1027:1:158::c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
7    2a02:26f0:480:3f::215:415d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
aadcdn.msftauth.net
1    40.126.32.74 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
9    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
23 tw-cdn.com
static.tw-cdn.com
4 MB
10 talkwalker.app
boldyn.talkwalker.app
295 KB
9 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6037
306 KB
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1975
370 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 33
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 14
17 KB
50 6
Domain Requested by
23 static.tw-cdn.com boldyn.talkwalker.app
static.tw-cdn.com
10 boldyn.talkwalker.app 1 redirects static.tw-cdn.com
9 aadcdn.msftauthimages.net aadcdn.msftauth.net
7 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com
50 6

This site contains no links.

Subject Issuer Validity Valid
boldyn.talkwalker.app
R11		 2025-05-18 -
2025-08-16		 3 months crt.sh
static.tw-cdn.com
Amazon RSA 2048 M02		 2025-03-17 -
2026-04-15		 a year crt.sh
stamp2.login.microsoftonline.com
Microsoft Azure RSA TLS Issuing CA 07		 2025-03-26 -
2025-09-22		 6 months crt.sh
idnaakamaicdn.msftauth.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-12-27 -
2025-12-22		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2025-03-18 -
2025-09-18		 6 months crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 08		 2025-03-06 -
2025-09-02		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Frame ID: 64BABA6F72D64DD5CBAAE9A6AA0CEB2C
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

  1. http://boldyn.talkwalker.app/ HTTP 307
    https://boldyn.talkwalker.app/ HTTP 302
    https://boldyn.talkwalker.app/app/login Page URL
  2. https://boldyn.talkwalker.app/app/saml/callback?needs_client_redirection=true Page URL
  3. https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

4639 kB
Transfer

6469 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://boldyn.talkwalker.app/ HTTP 307
    https://boldyn.talkwalker.app/ HTTP 302
    https://boldyn.talkwalker.app/app/login Page URL
  2. https://boldyn.talkwalker.app/app/saml/callback?needs_client_redirection=true Page URL
  3. https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://boldyn.talkwalker.app/ HTTP 307
  • https://boldyn.talkwalker.app/ HTTP 302
  • https://boldyn.talkwalker.app/app/login

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
boldyn.talkwalker.app/app/
Redirect Chain
  • http://boldyn.talkwalker.app/
  • https://boldyn.talkwalker.app/
  • https://boldyn.talkwalker.app/app/login
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
2fc74b3573cc595c2f77df04f8e95e3c1fc8db9bfbdb8a50c972db623cc9306a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
1218
content-type
text/html; charset=utf-8
date
Tue, 20 May 2025 04:16:33 GMT
strict-transport-security
max-age=31536000;
tw-balancing
/app/login
x-frame-options
SAMEORIGIN
x-logging-context-id
#swjl7l9sjmyz#

Redirect headers

content-length
142
content-type
text/html
date
Tue, 20 May 2025 04:16:33 GMT
location
https://boldyn.talkwalker.app/app/login
tslib.js
static.tw-cdn.com/app/assets/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/tslib.js?v=1747656405218
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
b6700f9d3645d935a6d9142043effed8438ee07aaccb56f214d5da08cf142bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swich5pj0q26#
cache-control
public, max-age=3600, s-maxage=86400
age
57977
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
tw-balancing
/app/assets/tslib.js?v=1747656405218
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
22010
x-amz-cf-id
ASXmk7Ar5JZY42cfqkVyUGxaAlXg-ZINVerOFx9Ih98uZTKWZySOCg==
date
Mon, 19 May 2025 12:10:17 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C1
talkwalker.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
21b394239cc747b6971051d3be008f40d820756ddfd23935cf0f0dd09b6db437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://boldyn.talkwalker.app/

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swich58ie5d6#
cache-control
public, max-age=3600, s-maxage=86400
age
57977
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
7663
x-amz-cf-id
84EzcgzOuw8miByMb28eWER098IKVbPva7t83XLQuNxdll2a5jIKXQ==
date
Mon, 19 May 2025 12:10:17 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C1
sanitizer-DvkJNJuh.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/sanitizer-DvkJNJuh.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
52a74eb65ea5dde6f54d398ab5c3f11a3700b345e0eba49b3e1c0556003dc5bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218

Response headers

age
73577
x-cache
Hit from cloudfront
x-amz-cf-id
-KKYzKz_qHuRZtJCsjgZw_p8w588q1nZQxR2_-5Xpmle6f0Wyr4Ihw==
date
Mon, 19 May 2025 07:50:17 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi0ftnp641i#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/sanitizer-DvkJNJuh.mjs
access-control-allow-origin
*
content-length
1304
x-amz-cf-pop
FRA56-C1
boot_payload-Cs_3-v13.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		161 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/boot_payload-Cs_3-v13.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
bf691178983d2ae9e3bb55d3b1b2914802bfe30b772adc2efa55261015e0ea02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swi2ga3jjak6#
cache-control
public, max-age=3600, s-maxage=86400
age
70968
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/boot_payload-Cs_3-v13.mjs
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
161
x-amz-cf-id
ai_Kn2tE3JovHJYIiX2374S3nBOxkV61V8uim-H67wkJIRyYM5zsNA==
date
Mon, 19 May 2025 08:33:46 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C1
favicon.ico
boldyn.talkwalker.app/ 		552 B
251 B 		Other
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/app/login

Response headers

content-encoding
gzip
date
Tue, 20 May 2025 04:16:34 GMT
content-type
text/html
vary
Accept-Encoding
bootstrap
boldyn.talkwalker.app/app/none/none/ 		255 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/none/none/bootstrap?in_frame=false&hash=
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
953d9cf81e3e0925b4e5770ef8461238102638237f9b2bdc782eff8b6696942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://boldyn.talkwalker.app/app/login

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swjl7mabtlm7#
cache-control
no-store, no-cache
content-encoding
gzip
tw-balancing
/app/none/none/bootstrap?in_frame=false&hash=
content-length
189
date
Tue, 20 May 2025 04:16:34 GMT
content-type
application/json; charset=utf-8
bundle.css
static.tw-cdn.com/app/assets/stylesheets/ 		291 KB
292 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/stylesheets/bundle.css?v=1747656405218&a=6
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
0b3dda7580c463bdfc62477b8ae1c110a4f3a51b45ba9ae50b8cdc6d4dfe6927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swich6a5mpnp#
cache-control
public, max-age=3600, s-maxage=86400
age
57975
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
tw-balancing
/app/assets/stylesheets/bundle.css?v=1747656405218&a=6
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
297840
x-amz-cf-id
DVNT9FxlUT926TY9kYCOsOH_d7aMkwM1N7hOO2luUTD_mJkxi9oiRQ==
date
Mon, 19 May 2025 12:10:19 GMT
content-type
text/css
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C1
style.css
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/style.css?v=1747656405218&a=6
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
fafd5f4638e94dedcf40b0b4f2bbc63a5ebb26d2603b313305c2f12e688ccd64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swich7zumvbu#
cache-control
public, max-age=3600, s-maxage=86400
age
57975
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/style.css?v=1747656405218&a=6
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
2557
x-amz-cf-id
4tXASAl-83EGDGbcaaIG6gHwb7ZieTW64SBeqBoW0cNPNCcVdG7LTw==
date
Mon, 19 May 2025 12:10:19 GMT
content-type
text/css
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C1
constants.js
boldyn.talkwalker.app/app/undefined/undefined/assets/ 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/undefined/undefined/assets/constants.js?v=1747656405218&a=6
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
1ff7a39333f5d16d63c585d07b705a706a942369bedbbeac8f42f1340e5263ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/app/login

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swjl7mz1rxcv#
cache-control
no-store, no-cache
content-encoding
gzip
tw-balancing
/app/undefined/undefined/assets/constants.js?v=1747656405218&a=6
content-length
8128
date
Tue, 20 May 2025 04:16:34 GMT
content-type
text/javascript; charset=utf-8
jquery-W1q-PNSl.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		152 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/jquery-W1q-PNSl.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
7542b3a49427c47d68e373e8cb31141b753ad195a4e453cdec29391269473757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218

Response headers

age
15381
x-cache
Hit from cloudfront
x-amz-cf-id
H1imXuZzLd20Jtkg1p6LQyD367EYTrOvxWXR2DpO3Dl_nV4__cJNtg==
date
Tue, 20 May 2025 00:00:13 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swj9cdid7d6j#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/jquery-W1q-PNSl.mjs
access-control-allow-origin
*
content-length
155743
x-amz-cf-pop
FRA56-C1
_commonjsHelpers-BkfeUUK-.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/_commonjsHelpers-BkfeUUK-.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
be5d731d2994660178074e5835791b0083ce737184287eb65a8b56bec568322d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/jquery-W1q-PNSl.mjs

Response headers

age
15381
x-cache
Hit from cloudfront
x-amz-cf-id
KhgZeUBy1J8yAkLoroRft5EXw521LkRz-RzIdQxL-uJEkrpgaLhPCg==
date
Tue, 20 May 2025 00:00:13 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swj9cdq3jw8p#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/_commonjsHelpers-BkfeUUK-.mjs
access-control-allow-origin
*
content-length
936
x-amz-cf-pop
FRA56-C1
application-DFUwLRM3.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
5d2fe9266d68cde717088cb931f93582b24703e23c147940b39604de4345983b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker.mjs?v=1747656405218

Response headers

age
57974
x-cache
Hit from cloudfront
x-amz-cf-id
OJE-RQ9FP3BEoXara7eszTjqYjB1IHAePSA0LJO6qYEoDF9WaN2ObQ==
date
Mon, 19 May 2025 12:10:20 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swich80auvet#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
access-control-allow-origin
*
content-length
2639717
x-amz-cf-pop
FRA56-C1
context_data.json
boldyn.talkwalker.app/app/none/none/assets/ 		1 MB
283 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/none/none/assets/context_data.json
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/jquery-W1q-PNSl.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
51df49e0530ac4246d5dd85b779d2f10875ec42bfe222ffd50f7458137c5c914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://boldyn.talkwalker.app/app/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
*/*
content-type
application/json

Response headers

strict-transport-security
max-age=31536000;
tw-balancing
/app/none/none/assets/context_data.json
x-logging-context-id
#swjl7mwc90lf#
cache-control
no-store, no-cache
content-encoding
gzip
date
Tue, 20 May 2025 04:16:34 GMT
content-type
application/json; charset=utf-8
en-Bt-POS6E.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/en-Bt-POS6E.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
d46eb2fd7e0979455c7d7a09a044a3bb41af3cb0b599a1cf166a10a46237bde1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs

Response headers

age
64824
x-cache
Hit from cloudfront
x-amz-cf-id
0kkKUHt9HLLnI3JiVaRy1_09r-Ql_hnL4o6X7ucTzWFVFejuCnAk_A==
date
Mon, 19 May 2025 10:16:11 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi76zgeoga2#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/en-Bt-POS6E.mjs
access-control-allow-origin
*
content-length
1242
x-amz-cf-pop
FRA56-C1
favicon.ico
boldyn.talkwalker.app/app/account/6e6e9951-8335-45c7-8dc8-2c50ac87ee82/assets/ 		0
172 B 		Other
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/account/6e6e9951-8335-45c7-8dc8-2c50ac87ee82/assets/favicon.ico?v=1747714595170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/app/login

Response headers

strict-transport-security
max-age=31536000;
tw-balancing
6e6e9951-8335-45c7-8dc8-2c50ac87ee82
x-logging-context-id
#swjl7nc4lsz3#
cache-control
no-store, no-cache
content-length
0
date
Tue, 20 May 2025 04:16:35 GMT
content-type
image/png
index-C02tYJ2b.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/index-C02tYJ2b.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
cd07dbd2795cd39e05ee457fca8b6525ad38b06b678b4f072b6f7841fc0a69b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs

Response headers

age
71786
x-cache
Hit from cloudfront
x-amz-cf-id
DW0dAn2cPdL86Qf591EpSMmyozWW4GcVSWUA_5pz7WVr1fe-cKDKGQ==
date
Mon, 19 May 2025 08:20:09 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi1tlytq990#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/index-C02tYJ2b.mjs
access-control-allow-origin
*
content-length
25933
x-amz-cf-pop
FRA56-C1
dayjs.min-Dp1UnJuG.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/dayjs.min-Dp1UnJuG.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
b70360cdc609da55cdb31e3f31e3ddc3ddaa93fe3e9e3d1c8d81c661e9d6dc3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/index-C02tYJ2b.mjs

Response headers

age
74485
x-cache
Hit from cloudfront
x-amz-cf-id
BYwYKlLAmYBwLIPefJ1-IgTnI6LmSvB11BdSZguud50pBso50quJIw==
date
Mon, 19 May 2025 07:35:10 GMT
content-type
application/javascript
last-modified
Thu, 15 May 2025 08:22:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swhzqmk4zcey#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/dayjs.min-Dp1UnJuG.mjs
access-control-allow-origin
*
content-length
11878
x-amz-cf-pop
FRA56-C1
timezone-4xNtr5K7.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/timezone-4xNtr5K7.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
d55d117b80c9c1cd280bbd4fa2d9b583e6e10a1c1491d74a03e2b55f2fab6b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/index-C02tYJ2b.mjs

Response headers

age
64873
x-cache
Hit from cloudfront
x-amz-cf-id
9GSYI_4YapQcOvdp9e4_C-G90DiDYo0CvBFwHjGUrETiILJTcrrTtg==
date
Mon, 19 May 2025 10:15:22 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi75msft9il#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/timezone-4xNtr5K7.mjs
access-control-allow-origin
*
content-length
3239
x-amz-cf-pop
FRA56-C1
stats-D4XycGlU.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/stats-D4XycGlU.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
83c817bb468c19e0a2194fc5bbc815e40c441d83e3998e940e70efd083ecf544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs

Response headers

age
57974
x-cache
Hit from cloudfront
x-amz-cf-id
OoLK2xuzBpc0l4K0VX-weQ-BRYrZaiWr8eFqH32AAfBljVEE98GM4Q==
date
Mon, 19 May 2025 12:10:21 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swich9nhfs2i#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/stats-D4XycGlU.mjs
access-control-allow-origin
*
content-length
5966
x-amz-cf-pop
FRA56-C1
favicon.ico
boldyn.talkwalker.app/app/account/6e6e9951-8335-45c7-8dc8-2c50ac87ee82/assets/ 		0
172 B 		Other
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/account/6e6e9951-8335-45c7-8dc8-2c50ac87ee82/assets/favicon.ico?v=1747714595439
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://boldyn.talkwalker.app/app/login

Response headers

strict-transport-security
max-age=31536000;
tw-balancing
6e6e9951-8335-45c7-8dc8-2c50ac87ee82
x-logging-context-id
#swjl7npntosj#
cache-control
no-store, no-cache
content-length
0
date
Tue, 20 May 2025 04:16:35 GMT
content-type
image/png
talkwalker_react_entry-D7zyo5-s.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker_react_entry-D7zyo5-s.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
8e69a91fe0f6ae619e54b1797fcecc780148af2c38889e751b92636d071ed7e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs

Response headers

age
57974
x-cache
Hit from cloudfront
x-amz-cf-id
qRyRaeInqa-cUzuO5xfQ-aco5sbOYm6UBptcvCvtgu4Y4TBGFDlxMg==
date
Mon, 19 May 2025 12:10:21 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swich9zbk2m3#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/talkwalker_react_entry-D7zyo5-s.mjs
access-control-allow-origin
*
content-length
6504
x-amz-cf-pop
FRA56-C1
browser_detection-C1qakv1Y.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		985 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/browser_detection-C1qakv1Y.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
993b4f92798d5d3cd2b171a3492865f32aa96732174461ca17265e4e4c8c3f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/talkwalker_react_entry-D7zyo5-s.mjs

Response headers

age
64899
x-cache
Hit from cloudfront
x-amz-cf-id
VBLPrJ9lqNJJnyt_9RdIxik71lhsb53El5Ys9v788dJx5dszQS0tyQ==
date
Mon, 19 May 2025 10:14:56 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi74wlaylwp#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/browser_detection-C1qakv1Y.mjs
access-control-allow-origin
*
content-length
985
x-amz-cf-pop
FRA56-C1
bowser-DZNZDpSi.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/bowser-DZNZDpSi.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
b0e8153e69cbcc5fdad0cd3fa9c8283f2d78d47276625bba46abdcc44021fc57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/browser_detection-C1qakv1Y.mjs

Response headers

age
64823
x-cache
Hit from cloudfront
x-amz-cf-id
dz6EHUoeWi20e-uL_okcX1f5e9ZD4VVWoLcW1F1C7VsKpTOKRsn30Q==
date
Mon, 19 May 2025 10:16:12 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 07:48:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swi7701na3z3#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/bowser-DZNZDpSi.mjs
access-control-allow-origin
*
content-length
37369
x-amz-cf-pop
FRA56-C1
login_page_container-Dg_KeEXF.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		56 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
3c13cb67a79f04992e896a6506bb6aa6cfafcefab1df288f7a3f06baa1f52a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs

Response headers

age
57962
x-cache
Hit from cloudfront
x-amz-cf-id
ohnXXpUy8HBENliuDvYQTF30ez16GkNzfEVK1SZ6NCVOSuPmLGmcbA==
date
Mon, 19 May 2025 12:10:33 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swichlnhhq8a#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs
access-control-allow-origin
*
content-length
57705
x-amz-cf-pop
FRA56-C1
modal_base-CXEVKTZJ.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		169 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/modal_base-CXEVKTZJ.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
e582a0397cdc7f6dba63eeff304f348899f643fc1f7580b1ce53892f40c79681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs

Response headers

age
57973
x-cache
Hit from cloudfront
x-amz-cf-id
qWrV4iMkNEonjjrl7hebMvTNgiM75YEMDJIsvewyLurz5f6-eqylwg==
date
Mon, 19 May 2025 12:10:22 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swicha68443o#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/modal_base-CXEVKTZJ.mjs
access-control-allow-origin
*
content-length
173346
x-amz-cf-pop
FRA56-C1
focusable_link-DBi_DZWv.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/focusable_link-DBi_DZWv.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
52b06a3143a3f3329bf38b1faadd3c08918e93ee9928557c2aa8cbc7dab3c2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs

Response headers

age
57973
x-cache
Hit from cloudfront
x-amz-cf-id
EN0f1awtJqQdfjTRjD0heo9_LxNlschP7uPHDMYfjFtmlp-zKacgfQ==
date
Mon, 19 May 2025 12:10:22 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swicha33wuqb#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/focusable_link-DBi_DZWv.mjs
access-control-allow-origin
*
content-length
18055
x-amz-cf-pop
FRA56-C1
login_shared-CwPYusZy.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_shared-CwPYusZy.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
53fe88ba6541d85f0e82f66c27097d8d5591ac425004b336d973df813e97ce38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs

Response headers

age
57967
x-cache
Hit from cloudfront
x-amz-cf-id
i-SSRZvO_vOxSU0qx1f0CzbUEZ2eN0AZQEDRcxqayFkbn8USdLPIkw==
date
Mon, 19 May 2025 12:10:28 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swichgdavtyp#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/login_shared-CwPYusZy.mjs
access-control-allow-origin
*
content-length
5515
x-amz-cf-pop
FRA56-C1
dom_helpers-CraDkbfr.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/dom_helpers-CraDkbfr.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
0d05f153e0326c28f38f61cdea2525ba1ddcf2a86384ba4293afab8eeed87841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/modal_base-CXEVKTZJ.mjs

Response headers

age
57973
x-cache
Hit from cloudfront
x-amz-cf-id
R4pLXaPWYBmJgAtA5e7LvQtV_KUu62GuNQnnhpvHRVWdHkoKTK0H5A==
date
Mon, 19 May 2025 12:10:22 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swicha0zt3m5#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/dom_helpers-CraDkbfr.mjs
access-control-allow-origin
*
content-length
5065
x-amz-cf-pop
FRA56-C1
icon-C25ms29S.mjs
static.tw-cdn.com/app/assets/inhouse/talkwalker/ 		237 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/icon-C25ms29S.mjs
Requested by
Host: boldyn.talkwalker.app
URL: https://boldyn.talkwalker.app/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
/
Resource Hash
2d0491f2660af3c835d5b977cf559f583a979b82dd648e4ce5bb3d52acc30d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://boldyn.talkwalker.app
Referer
https://static.tw-cdn.com/app/assets/inhouse/talkwalker/modal_base-CXEVKTZJ.mjs

Response headers

age
57973
x-cache
Hit from cloudfront
x-amz-cf-id
VIOO4Cy0gxFpQ5nBQg1IYe64ayv1XOA3NEsY-vT8QX_TqYchP-2GWQ==
date
Mon, 19 May 2025 12:10:22 GMT
content-type
application/javascript
last-modified
Mon, 19 May 2025 12:08:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-logging-context-id
#swichaauv3ry#
cache-control
public, max-age=3600, s-maxage=86400
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
tw-balancing
/app/assets/inhouse/talkwalker/icon-C25ms29S.mjs
access-control-allow-origin
*
content-length
242845
x-amz-cf-pop
FRA56-C1
get
boldyn.talkwalker.app/app/none/none/Signin/ 		100 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/none/none/Signin/get
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/application-DFUwLRM3.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

tw-headers
PID=3235787413987319000;CORRID=1747714596055
Referer
https://boldyn.talkwalker.app/app/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;
x-logging-context-id
#swjl7o94lf54#
cache-control
no-store, no-cache
content-encoding
gzip
tw-balancing
/app/none/none/Signin/get
content-length
107
date
Tue, 20 May 2025 04:16:36 GMT
content-type
application/json
callback
boldyn.talkwalker.app/app/saml/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boldyn.talkwalker.app/app/saml/callback?needs_client_redirection=true
Requested by
Host: static.tw-cdn.com
URL: https://static.tw-cdn.com/app/assets/inhouse/talkwalker/login_page_container-Dg_KeEXF.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.39.249 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
branding.talkwalker.com
Software
/
Resource Hash
c6b3b128db959bee656a6c0d17335db65849c123acbf7809456ea57a9e885a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://boldyn.talkwalker.app/app/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
1083
content-type
text/html; charset=utf-8
date
Tue, 20 May 2025 04:16:36 GMT
strict-transport-security
max-age=31536000;
tw-balancing
/app/saml/callback?needs_client_redirection=true
x-logging-context-id
#swjl7o6knov6#
Primary Request saml2
login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/ 		40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52d5047863fd53d9e29bd27097baf69c1069fb85eafab2e0b3f4096957da47a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://boldyn.talkwalker.app
Referer
https://boldyn.talkwalker.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15237
content-security-policy-report-only
object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-a8Mnc7JoQEJMR8EZxfnmBg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
content-type
text/html; charset=utf-8
date
Tue, 20 May 2025 04:16:35 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.20824.5 - WEULR1 ProdSlices
x-ms-request-id
0daafc10-4a17-4de8-8660-8740bb4c2700
x-ms-srs
1.P
x-xss-protection
0
converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
O6TXahet0KbDTuaW8oyFQQ==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=28622791
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD14BEA5012AB1"
x-ms-request-id
015ace25-c01e-00e5-589c-66d025000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20410
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.8c253717.1747714596.1802e767
content-type
text/css
last-modified
Wed, 04 Dec 2024 23:52:00 GMT
vary
Accept-Encoding
ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		448 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
1bdcc6700577212cfcd94cf38e977725afb5ca88b4da7143fd978d6a2588cd0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
+0D/CCdy7RB05sgb6x4Ytw==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=29720387
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD8480D0CD01C9"
x-ms-request-id
30c17993-501e-004e-38ba-b8afef000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
124082
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.8c253717.1747714596.1802e768
content-type
application/x-javascript
last-modified
Sat, 26 Apr 2025 05:11:35 GMT
vary
Accept-Encoding
ux.converged.login.strings-nl.min_msit1poqsmfayhx9zfahdw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_msit1poqsmfayhx9zfahdw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8d0030ce89fe2030232d5dd3dd9a9022eac58e066ca0443fefd379f4a47fa946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
lDmd0tZedmmTLsY/qLahdA==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=28714726
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD6D62B6231CF1"
x-ms-request-id
6828b324-201e-0075-4095-af3fe2000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17666
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.8c253717.1747714596.1802e769
content-type
application/x-javascript
last-modified
Thu, 27 Mar 2025 19:08:08 GMT
vary
Accept-Encoding
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers
oneDs_486f0cce3c3db211da28.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_486f0cce3c3db211da28.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
20d6adeaba725d81d5a8bdc6c79122aae656c6cab70a430510aca359cbca8632

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
sQxQyY8MZOL4XFj9OpnFqw==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=29720475
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD78421D3553D2"
x-ms-request-id
4213c57e-001e-00e4-25ba-b85a50000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
61051
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.9d253717.1747714596.f60d282
content-type
application/x-javascript
last-modified
Thu, 10 Apr 2025 15:12:30 GMT
vary
Accept-Encoding
convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
58c7cb68bf73ae3605a6706d8d04b74d7ea90eb89d67fed4752c6a3497e093cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
mR9lzhqkgJpu0Ci9VLPR4w==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=28526225
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD6733096E5B97"
x-ms-request-id
3df8c713-001e-0098-02f4-99a106000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116364
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.9d253717.1747714596.f60d28e
content-type
application/x-javascript
last-modified
Wed, 19 Mar 2025 22:11:45 GMT
vary
Accept-Encoding
favicon
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/favicon?ts=638198891373099685
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
920fa16c2a0ccad7c05a982ba92b0b4219492717ef79cfecc28209b75e2e1da3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB5682A85FBF33
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Tue, 20 May 2025 04:16:36 GMT
content-type
image/*
last-modified
Wed, 17 May 2023 02:58:57 GMT
cache-control
public, max-age=86400
x-ms-request-id
256dad61-f01e-001c-0cb2-c809cc000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
2212
x-azure-ref
20250520T041636Z-176cf9dd5b7rmsrxhC1AMS1mew000000018000000000pd0k
x-ms-blob-type
BlockBlob
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8abf61d0fadf1535ba515726238f660da95a9115ac8cbd71a6b205a97326967c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com/
hpgact
1900
client-request-id
9faa5b6d-e28f-4f18-852e-d210d6f4d6c4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json
hpgrequestid
0daafc10-4a17-4de8-8660-8740bb4c2700
Content-type
application/x-www-form-urlencoded

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Tue, 20 May 2025 04:16:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 15 May 2023 03:00:56 GMT
cache-control
public, max-age=86400
x-ms-request-id
c2120810-a01e-0001-24b2-c80470000000
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf9
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
client-request-id,hpgact,hpgid,hpgrequestid
Access-Control-Request-Method
GET
Origin
https://login.microsoftonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
client-request-id,hpgact,hpgid,hpgrequestid
access-control-allow-methods
GET
access-control-allow-origin
https://login.microsoftonline.com
access-control-max-age
60
content-length
0
date
Tue, 20 May 2025 04:16:36 GMT
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf3
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-request-id
a82fdfd4-d01e-0024-223d-c9ad0c000000
x-ms-version
2015-02-21
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		5 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8abf61d0fadf1535ba515726238f660da95a9115ac8cbd71a6b205a97326967c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com/
hpgact
1900
client-request-id
9faa5b6d-e28f-4f18-852e-d210d6f4d6c4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json
hpgrequestid
0daafc10-4a17-4de8-8660-8740bb4c2700
Content-type
application/x-www-form-urlencoded

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Tue, 20 May 2025 04:16:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 15 May 2023 03:00:56 GMT
cache-control
public, max-age=86400
x-ms-request-id
c2120810-a01e-0001-24b2-c80470000000
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf9
illustration
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/illustration?ts=638194415574906691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6ddb5033e155cc72bb1d970488a6146babddf02ae4b9f8b3f55be20b97f56df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB52708E07DFFD
x-fd-int-roxy-purgeid
50755578
x-content-type-options
nosniff
x-cache
TCP_MISS
date
Tue, 20 May 2025 04:16:36 GMT
content-type
image/*
last-modified
Thu, 11 May 2023 22:39:17 GMT
cache-control
public, max-age=86400
x-ms-request-id
9b9102be-401e-0054-023d-c914fb000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
298135
x-azure-ref
20250520T041636Z-176cf9dd5b7rmsrxhC1AMS1mew000000018000000000pd0m
x-ms-blob-type
BlockBlob
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/bannerlogo?ts=638192943480322148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2185134802ce95b1740dd149df53960b1bca5ed9d37e23383970fba57766d0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB5119CE72045A
x-fd-int-roxy-purgeid
50755578
x-content-type-options
nosniff
x-cache
TCP_MISS
date
Tue, 20 May 2025 04:16:36 GMT
content-type
image/*
last-modified
Wed, 10 May 2023 05:45:48 GMT
cache-control
public, max-age=86400
x-ms-request-id
f25dad5c-301e-005e-183d-c9b04c000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
9398
x-azure-ref
20250520T041636Z-176cf9dd5b7rmsrxhC1AMS1mew000000018000000000pd0n
x-ms-blob-type
BlockBlob
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
client-request-id,hpgact,hpgid,hpgrequestid
Access-Control-Request-Method
GET
Origin
https://login.microsoftonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
client-request-id,hpgact,hpgid,hpgrequestid
access-control-allow-methods
GET
access-control-allow-origin
https://login.microsoftonline.com
access-control-max-age
60
content-length
0
date
Tue, 20 May 2025 04:16:36 GMT
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf5
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-request-id
a141f6fd-101e-0059-613d-c9dc2f000000
x-ms-version
2015-02-21
convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7c4b570cb0301e0693c765c58747cecb811586d4f0a6aea155774a7740fafbed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
6XRfgD4/uo+gzIwebkUGxg==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=28700446
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD67330ABFC5D1"
x-ms-request-id
5e2ea28d-601e-0074-2df4-99603e000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
35168
date
Tue, 20 May 2025 04:16:36 GMT
akamai-grn
0.9d253717.1747714596.f60d2af
content-type
application/x-javascript
last-modified
Wed, 19 Mar 2025 22:11:47 GMT
vary
Accept-Encoding
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		5 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8abf61d0fadf1535ba515726238f660da95a9115ac8cbd71a6b205a97326967c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com/
hpgact
1900
client-request-id
9faa5b6d-e28f-4f18-852e-d210d6f4d6c4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json
hpgrequestid
0daafc10-4a17-4de8-8660-8740bb4c2700
Content-type
application/x-www-form-urlencoded

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Tue, 20 May 2025 04:16:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 15 May 2023 03:00:56 GMT
cache-control
public, max-age=86400
x-ms-request-id
c2120810-a01e-0001-24b2-c80470000000
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf9
customcss
aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-j5jvmifhcgcefb7acjk4hhsk3yolsu9shbzj65gcynq/logintenantbranding/0/customcss?ts=638197164560844235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
client-request-id,hpgact,hpgid,hpgrequestid
Access-Control-Request-Method
GET
Origin
https://login.microsoftonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
client-request-id,hpgact,hpgid,hpgrequestid
access-control-allow-methods
GET
access-control-allow-origin
https://login.microsoftonline.com
access-control-max-age
60
content-length
0
date
Tue, 20 May 2025 04:16:36 GMT
x-azure-ref
20250520T041636Z-15bd97cbc5987x8ghC1DUSb52s00000003q0000000002xf4
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-request-id
4202aa74-e01e-0010-193d-c99ec4000000
x-ms-version
2015-02-21
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3f::215:415d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
R2FAVxfpONfnQAuxVxXbHg==
access-control-expose-headers
Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
public, max-age=28636525
content-encoding
gzip
x-ms-version
2018-03-28
etag
"0x8DD14C02EE2769A"
x-ms-request-id
eb983134-601e-0027-779d-6696a3000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
date
Tue, 20 May 2025 04:16:37 GMT
akamai-grn
0.9d253717.1747714597.f60d2e4
content-type
image/svg+xml
last-modified
Thu, 05 Dec 2024 00:03:00 GMT
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

23 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B function| AddListener function| ClickEventListenerById function| ClickEventListenerByName object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c boolean| __convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e

11 Cookies

Domain/Path Name / Value
boldyn.talkwalker.app/app/ Name: TW_SESSION
Value: "mobile_version=false"
login.microsoftonline.com/ Name: buid
Value: 1.AXkAFAPStpnj3k-KsanaTyBJhGC2TK6jIpZJhur6RLWNYpaUAAB5AA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEZCMRDgTcCi4LIhnCIYto5el-AC_qBdUieJYB5hRAUjt2VK1mRFJTqElz-W_E3QZ3_SZzmsOu8c-UoFI8ckedpcy0c8_OoaM2Ddxp7jT_AEQgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAABVrSpeuWamRam2jAF1XRQESW2-saWdt_cZPDceiuTgR9TjKR4YEFBPXN-0lPPhbtnqLDkKNUAfJOH6NEKuwPTaK8vbKG0II2c0cFNqtR1AftyDbDUvgssVEFhIhfzwbXRgyVzZ1KQXcDjkuZlc7Tq6F0BgfF0kr6TeHLXw6bpv2Bk0uzOJGd6WryGEF9s1AxUgAA
.login.microsoftonline.com/ Name: esctx-FW1he5jb3pk
Value: AQABCQEAAABVrSpeuWamRam2jAF1XRQEY_pyP5ovTPFCOzV7n0rAQOBeT-WhFo1q2dLSZsSr54idCith3jDCq13yQP4zLs0kkn-PbtLmX1oysA1BJDtA1oI0PT2jb0c5f3Phm--3-0a9jHS99T8YnIkgEygun053t90uLALjNNKxORXRDuX1JSAA
login.microsoftonline.com/ Name: fpc
Value: AvEs_wXBODxAnZ6R7R2mjGb6k65VAQAAACP5vd8OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 6533fba0-697a-467f-8117-c7b4b731c77f
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 308d501ece824b4cb800eabc8654be07
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1747714596&co=1

2 Console Messages

Source Level URL
Text
network error URL: https://boldyn.talkwalker.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/saml2
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
boldyn.talkwalker.app
login.live.com
login.microsoftonline.com
static.tw-cdn.com
148.251.39.249
2603:1027:1:158::c
2620:1ec:bdf::45
2a02:26f0:480:3f::215:415d
40.126.32.74
65.9.66.33
0b3dda7580c463bdfc62477b8ae1c110a4f3a51b45ba9ae50b8cdc6d4dfe6927
0d05f153e0326c28f38f61cdea2525ba1ddcf2a86384ba4293afab8eeed87841
1bdcc6700577212cfcd94cf38e977725afb5ca88b4da7143fd978d6a2588cd0a
1ff7a39333f5d16d63c585d07b705a706a942369bedbbeac8f42f1340e5263ef
20d6adeaba725d81d5a8bdc6c79122aae656c6cab70a430510aca359cbca8632
21b394239cc747b6971051d3be008f40d820756ddfd23935cf0f0dd09b6db437
2d0491f2660af3c835d5b977cf559f583a979b82dd648e4ce5bb3d52acc30d2a
2fc74b3573cc595c2f77df04f8e95e3c1fc8db9bfbdb8a50c972db623cc9306a
3c13cb67a79f04992e896a6506bb6aa6cfafcefab1df288f7a3f06baa1f52a1d
51df49e0530ac4246d5dd85b779d2f10875ec42bfe222ffd50f7458137c5c914
52a74eb65ea5dde6f54d398ab5c3f11a3700b345e0eba49b3e1c0556003dc5bd
52b06a3143a3f3329bf38b1faadd3c08918e93ee9928557c2aa8cbc7dab3c2e4
52d5047863fd53d9e29bd27097baf69c1069fb85eafab2e0b3f4096957da47a6
53fe88ba6541d85f0e82f66c27097d8d5591ac425004b336d973df813e97ce38
58c7cb68bf73ae3605a6706d8d04b74d7ea90eb89d67fed4752c6a3497e093cc
5d2fe9266d68cde717088cb931f93582b24703e23c147940b39604de4345983b
6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087
7542b3a49427c47d68e373e8cb31141b753ad195a4e453cdec29391269473757
7c4b570cb0301e0693c765c58747cecb811586d4f0a6aea155774a7740fafbed
83c817bb468c19e0a2194fc5bbc815e40c441d83e3998e940e70efd083ecf544
8abf61d0fadf1535ba515726238f660da95a9115ac8cbd71a6b205a97326967c
8d0030ce89fe2030232d5dd3dd9a9022eac58e066ca0443fefd379f4a47fa946
8e69a91fe0f6ae619e54b1797fcecc780148af2c38889e751b92636d071ed7e8
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
920fa16c2a0ccad7c05a982ba92b0b4219492717ef79cfecc28209b75e2e1da3
953d9cf81e3e0925b4e5770ef8461238102638237f9b2bdc782eff8b6696942b
993b4f92798d5d3cd2b171a3492865f32aa96732174461ca17265e4e4c8c3f0d
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
b0e8153e69cbcc5fdad0cd3fa9c8283f2d78d47276625bba46abdcc44021fc57
b6700f9d3645d935a6d9142043effed8438ee07aaccb56f214d5da08cf142bd1
b6ddb5033e155cc72bb1d970488a6146babddf02ae4b9f8b3f55be20b97f56df
b70360cdc609da55cdb31e3f31e3ddc3ddaa93fe3e9e3d1c8d81c661e9d6dc3a
be5d731d2994660178074e5835791b0083ce737184287eb65a8b56bec568322d
bf691178983d2ae9e3bb55d3b1b2914802bfe30b772adc2efa55261015e0ea02
c2185134802ce95b1740dd149df53960b1bca5ed9d37e23383970fba57766d0b
c6b3b128db959bee656a6c0d17335db65849c123acbf7809456ea57a9e885a1c
cd07dbd2795cd39e05ee457fca8b6525ad38b06b678b4f072b6f7841fc0a69b7
d46eb2fd7e0979455c7d7a09a044a3bb41af3cb0b599a1cf166a10a46237bde1
d55d117b80c9c1cd280bbd4fa2d9b583e6e10a1c1491d74a03e2b55f2fab6b60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e582a0397cdc7f6dba63eeff304f348899f643fc1f7580b1ce53892f40c79681
fafd5f4638e94dedcf40b0b4f2bbc63a5ebb26d2603b313305c2f12e688ccd64