dfgrt.terrigalfiftyplus.com Open in urlscan Pro
172.67.141.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ...
Effective URL:
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On April 22 via api (April 22nd 2024, 9:47:01 pm UTC) from AU — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 172.67.141.173, located in United States and belongs to CLOUDFLARENET, US. The main domain is dfgrt.terrigalfiftyplus.com.
TLS certificate: Issued by GTS CA 1P5 on April 22nd 2024. Valid for: 3 months.

This is the only time dfgrt.terrigalfiftyplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 10	172.67.141.173 172.67.141.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

email.wantyourfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.141.173 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dyjt.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bdfdbdf.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfgrt.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yukrtg.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dwqef.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wreg.terrigalfiftyplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	terrigalfiftyplus.com 3 redirects dyjt.terrigalfiftyplus.com bdfdbdf.terrigalfiftyplus.com dfgrt.terrigalfiftyplus.com yukrtg.terrigalfiftyplus.com dwqef.terrigalfiftyplus.com wreg.terrigalfiftyplus.com	236 KB
2	wantyourfeedback.com 2 redirects email.wantyourfeedback.com	937 B
10	2

	Domain	Requested by
3	wreg.terrigalfiftyplus.com	dfgrt.terrigalfiftyplus.com wreg.terrigalfiftyplus.com
2	dfgrt.terrigalfiftyplus.com	yukrtg.terrigalfiftyplus.com
2	dyjt.terrigalfiftyplus.com	2 redirects
2	email.wantyourfeedback.com	2 redirects
1	dwqef.terrigalfiftyplus.com	dfgrt.terrigalfiftyplus.com
1	yukrtg.terrigalfiftyplus.com	dfgrt.terrigalfiftyplus.com
1	bdfdbdf.terrigalfiftyplus.com	1 redirects wreg.terrigalfiftyplus.com
10	7

This site contains no links.

Subject Issuer	Validity	Valid
terrigalfiftyplus.com GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true
Frame ID: 0428EC223028887AE75CA329B0874670
Requests: 13 HTTP requests in this frame

Frame: https://bdfdbdf.terrigalfiftyplus.com/owa/prefetch.aspx
Frame ID: 4C3CE3088B6F02B9E49B1BCE2300DE5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BU... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BU... HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BU... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BU... HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 302
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

2
IPs

2
Countries

230 kB
Transfer

805 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 302
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55- Page URL
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79lEPeR7ay5fNHjpU20kqqhh8Me2iwWxSrBilEl-2FyeQLx9A5edmDp7x5vP5KWtRuvfm8hzvxQVEqS6dtUrA-2FDJkb-2B3xpmw0M2c8bLkkKI6vJUMAXp-2Fds-2BLPkcEx5aMrH9nMMHVbeHqKm11dcfqyKpy6saMdGUzJ1GrLdk1gEKUr8gjj-2BgebqPhAragcNeB3FvfjzkcOpoyGJCBIQKdi7DHUmZPjciGX-2FNN2dhyYDpHKeE5fdl-2BqU6o1frsSLmgWYvYo6WVSlIG4xJ8EAcEVReplxxKHz1tR1HiPnFbGC4Ob3lD2J7mKVs2mmBBLGORIhm9Yx2aQBvWe1evhyHLe1WVXm8lPiW9BUntreScC8sfPq2hR8YZKD5G3ExMnOV2VUI4QVnGhHJyDTc3vNna3egwyH-2BTwO9CfmKZCrupbjysWXMOMqaFrNsXJ1me6VV3MM8-3D HTTP 302
https://dyjt.terrigalfiftyplus.com/KCfslnoZ HTTP 302
https://bdfdbdf.terrigalfiftyplus.com/owa/ HTTP 302
https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-

10 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	authorize Show response dfgrt.terrigalfiftyplus.com/common/oauth2/ Redirect Chain http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq7... https://dyjt.terrigalfiftyplus.com/KCfslnoZ https://bdfdbdf.terrigalfiftyplus.com/owa/ http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq79... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgas7upKduVRLdytMNVU5jmPYXx8RQg2TmO-2BULxqa0NGQFozg5VMynxQQ3W9hGdWr7Q-3D-3DJO5k_ebhUR7qH4QqO7U9Z0J-2Bl0vqLEpJlfEjqrcMFrRycuq7... https://dyjt.terrigalfiftyplus.com/KCfslnoZ https://bdfdbdf.terrigalfiftyplus.com/owa/ https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00...	22 KB 11 KB	1230ms 1229ms	Document text/html	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55- Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `172ff7e0da12616a84da2b179bc179dbcf18757a86c14dd396ae23436c4434fc` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 8788cf30cdf60b7f-AMS content-encoding br content-type text/html; charset=utf-8 date Mon, 22 Apr 2024 21:46:56 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+syd"}]} server cloudflare vary Accept-Encoding x-ms-ests-server 2.1.17846.6 - AUC ProdSlices x-ms-request-id 2d5be253-8ff3-427b-93be-3289d61d4900 x-ms-srs 1.P Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8788cf290cf30b7f-AMS content-type text/html; charset=utf-8 date Mon, 22 Apr 2024 21:46:55 GMT location https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55- nel {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} p3p CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" report-to {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SYD&RemoteIP=110.173.135.0"}],"include_subdomains":true} request-id c4262614-7794-e83a-c983-2f93483c8b25 server cloudflare x-backend-begin 2024-04-22T21:46:54.988 x-backend-end 2024-04-22T21:46:54.988 x-backendhttpstatus 302 x-beserver SYYP282MB1533 x-besku WCS6 x-calculatedbetarget SYYP282MB1533.AUSP282.PROD.OUTLOOK.COM x-diaginfo SYYP282MB1533 x-feefzinfo SYD x-feproxyinfo SY5P282CA0024.AUSP282.PROD.OUTLOOK.COM x-feserver SY5P282CA0024 x-firsthopcafeefz SYD x-iids 0 x-owa-diagnosticsinfo 1;0;0 x-proxy-backendserverstatus 302 x-proxy-routingcorrectness 1 x-rum-notupdatequerieddbcopy 1 x-rum-notupdatequeriedpath 1 x-rum-validated 1 x-ua-compatible IE=EmulateIE7
GET H3	200	BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Show response yukrtg.terrigalfiftyplus.com/shared/1.0/content/js/	138 KB 50 KB	39ms 38ms	Script application/x-javascript	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yukrtg.terrigalfiftyplus.com/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Requested by Host: dfgrt.terrigalfiftyplus.com URL: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55- Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80eae3a1aa990724d35fe0fd1cbe430371b20d696b25fe6f6079bd5a1719988a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.terrigalfiftyplus.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Mon, 22 Apr 2024 21:46:56 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 2vlVvyES905PeLIYeo1r7w== age 26456 x-cache HIT alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 26 Mar 2024 18:05:49 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zwAgrbA0ZOI1oEph1ytZ8Ou8AgjXSdOTpVYddRKlvb1LFUc9MlZx4bfwa9c626Bt3enRBeJaVDnzHgYdwrPPGN6cORigsUAna207giNtENhEPjf121yR9CghmveOV4LdeRmDy8ZJU7atDxzIDHr9"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 8d3be796-201e-00b5-3539-82ab68000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 cf-ray 8788cf387eae0b7f-AMS
GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET DATA	200 OK	truncated Show response /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	Primary Request authorize Show response dfgrt.terrigalfiftyplus.com/common/oauth2/	40 KB 18 KB	1257ms 1257ms	Document text/html	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Requested by Host: yukrtg.terrigalfiftyplus.com URL: https://yukrtg.terrigalfiftyplus.com/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fa2d4ab6bb6c87d38ab3e38a73a2a09ad989c71a718ef29729095b2968ac9204` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55- Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 8788cf393fcf0b7f-AMS content-encoding br content-type text/html; charset=utf-8 date Mon, 22 Apr 2024 21:46:58 GMT expires -1 link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+syd"}]} server cloudflare vary Accept-Encoding x-dns-prefetch-control on x-ms-ests-server 2.1.17910.10 - AUELR2 ProdSlices x-ms-request-id 851a6dd2-dd5c-4a9e-88b0-54d63be50000 x-ms-srs 1.P
GET		watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js yukrtg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/	0 0

GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	Me.htm dwqef.terrigalfiftyplus.com/	0 0	1633ms 1631ms	Other text/html	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dwqef.terrigalfiftyplus.com/Me.htm?v=3 Requested by Host: dfgrt.terrigalfiftyplus.com URL: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.terrigalfiftyplus.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers
GET H3	200	converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css wreg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/	110 KB 20 KB	45ms 31ms	Stylesheet text/css	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css Requested by Host: dfgrt.terrigalfiftyplus.com URL: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.terrigalfiftyplus.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Mon, 22 Apr 2024 21:46:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 28558 x-cache TCP_HIT x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 27 Dec 2023 18:18:12 GMT server cloudflare x-azure-ref 20240422T135100Z-16488cf49f72jjggrkptwgt6cn00000004100000000019ra report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2sM%2BOl2M%2B1glP%2FTHxaTp8De3fyhXB0p%2BQ97Jt3oKISZ283B5W7NYlQbNJzlYjnKpuPPSQhe5CFc%2B0Q7waK%2FgVACU6AxtoGcIW17u2CiJZhf6RcEtoo%2FRAO7bbSSXSqR0A1lZg54Tlyv3K5d2w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * x-ms-request-id 0e7fd8ce-801e-0006-071f-921f92000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 8788cf42fabf0b7f-AMS
GET H3	200	ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Show response wreg.terrigalfiftyplus.com/shared/1.0/content/js/	434 KB 115 KB	2597ms 2583ms	Script application/x-javascript	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.terrigalfiftyplus.com/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Requested by Host: dfgrt.terrigalfiftyplus.com URL: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7226db762e70be8158ccb0c71884aa5de6328ba470bc5dc435430af0af02cdab` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.terrigalfiftyplus.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Mon, 22 Apr 2024 21:47:00 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Fri, 05 Apr 2024 02:22:39 GMT server cloudflare x-azure-ref 20240422T214659Z-16488cf49f7rr6zshq8qnedaac00000000gg0000000044bp report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FKBNK5smwplFqMTBWRGFZNuVvx98aAtL1kuudTSL2ZbwBt0yTg9EccB%2BXnYzCrH4mStXxpe04J0im6X%2Bg9YrVjeBLRYPYTgDayX7mVRn60Vxf4XO9FJyDiL4kB6M8NjEz0eJXkxA9lRWujvRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 16d135b0-a01e-006c-5c97-9353a5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 8788cf42fabe0b7f-AMS
GET H3	200	ux.converged.login.strings-nl.min_w5zdjuew9ikqqaihfekiqg2.js Show response wreg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/	57 KB 17 KB	2442ms 2429ms	Script application/x-javascript	172.67.141.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_w5zdjuew9ikqqaihfekiqg2.js Requested by Host: dfgrt.terrigalfiftyplus.com URL: https://dfgrt.terrigalfiftyplus.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c4262614-7794-e83a-c983-2f93483c8b25&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862&state=DctLFoAgCEBRrdNySBEUWI6fnDZs-zG4b_ZiCOF0h4vZE6SRsjFaQTZVEa1322PKfhCwCwJTZhjWKtAqk5Zp1laiv1d6v55-&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d470e35ec4ad8448288e8f759aab006de51ced02fc2c9f78a89ded6991fa8172` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.terrigalfiftyplus.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Mon, 22 Apr 2024 21:47:00 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache TCP_MISS x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 02 Apr 2024 21:29:17 GMT server cloudflare x-azure-ref 20240422T214659Z-16488cf49f7rr6zshq8qnedaac00000000b0000000004p5m report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24tsm598rZZmt1o3zocGw4hCs7zfQW7Blh50Jt4Jg6zy1yJHBkvQ7XSldNxQJyp17NBKykiVmB9GQ0W%2BSr%2BFu4XK2Q3bA4DXzIOJc9Mrzi1203hIfjXjQSt2J%2Bupq9QCW%2FYesWyu6FWV2hh%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id b20ceb99-101e-0053-29fe-94fbab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 8788cf42fabc0b7f-AMS
GET DATA	200 OK	truncated Show response /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET		convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js wreg.terrigalfiftyplus.com/shared/1.0/content/js/asyncchunk/	0 0

GET		prefetch.aspx bdfdbdf.terrigalfiftyplus.com/owa/ Frame 4C3C	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yukrtg.terrigalfiftyplus.com
URL: https://yukrtg.terrigalfiftyplus.com/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

Domain: wreg.terrigalfiftyplus.com
URL: https://wreg.terrigalfiftyplus.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js

Domain: bdfdbdf.terrigalfiftyplus.com
URL: https://bdfdbdf.terrigalfiftyplus.com/owa/prefetch.aspx

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.terrigalfiftyplus.com/	1970-01-20 20:03:46	Name: poKK Value: ccde4f7a14ff49b3f5b8721b5fd847886c520213282434be194098b4e6f8ef5b
bdfdbdf.terrigalfiftyplus.com/	1970-01-21 04:49:18	Name: ClientId Value: 12CC3A9BBE9E4AFFB439070521250B5A
bdfdbdf.terrigalfiftyplus.com/	1970-01-21 00:27:13	Name: OIDC Value: 1
bdfdbdf.terrigalfiftyplus.com/	1970-01-20 20:03:46	Name: OpenIdConnect.nonce.v3.S8mwMCE-KaFro7z6D7fFK-IG2Del1aXvyksi233SmbQ Value: 638494192149887785.6fbc7fe1-1a71-4304-b965-3d2c3d980862
bdfdbdf.terrigalfiftyplus.com/	1970-01-20 20:04:04	Name: X-OWA-RedirectHistory Value: ArLym14BKXs-uhVj3Ag
.dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: esctx-dvZ41ch9jnI Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hw0jrV_JbkLBISYHUmCrqH-r6Cg6PXjwQTXHAWG0s7T2N6oXFOMBRMUK_2nFcG8De4YWdf4cdxq-jKto-R0L0rsg6BqsdCiks8SofSyyE1PR2esYVwcXIjNGxMV1I7WmKglIVcCZQBaX0nniqRYwuSAA
dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
dfgrt.terrigalfiftyplus.com/	1970-01-20 20:03:42	Name: SSOCOOKIEPULLED Value: 1
dfgrt.terrigalfiftyplus.com/	1970-01-20 20:46:54	Name: buid Value: 0.AWcAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8PWQm01MGTgOcaVY0OfNRcH190AwICZ0GwXN-K4bzYAR-csQBZ1vsgKI84aJQGJJ1HzUrU5iR9O2f5qXI2rrOJj213NYHQc5x490_AKDt3SggAA
.dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8tysG2zgs3-GrCNbsh_Ut9x-OT8wylsxOmyb_6g0zKwkRLZDohmnEanAaFM9WgZYmE5j9Ws919oo0aLmRrJxFhj84rWyxgTnMCKtEU914enlUROjAL22YOHXGN0AebXtfU_Em2QXL-yLdOcmItBxjKyXwOwdXn00e4OnPimI7cVMgAA
.dfgrt.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: esctx-HXn3eObnkkk Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8XUbXJO6UnAdaaeSdKk-mnTOua_Uj-QtMZ8GR5otlfEVoZG5Wd0UOb0aczpzNP6Tkqaw8fbQ6e5x4abQ_kzAaXoo1kOss2POsFuIswKmuVKdOtIhTxHd1WHSqbc4AZuVKx_8mDIrYs3oP80btoydwpSAA
dfgrt.terrigalfiftyplus.com/	1970-01-20 20:46:54	Name: fpc Value: AkkUInBWJh9Nqz8jPJ-AZXqerOTJAQAAANHRuN0OAAAA
.dwqef.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: uaid Value: 96ee3bb98d294ab49ffa067a8493d8f8
.dwqef.terrigalfiftyplus.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1713822419&co=1
.dfgrt.terrigalfiftyplus.com/	1970-01-21 05:25:18	Name: brcap Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdfdbdf.terrigalfiftyplus.com
dfgrt.terrigalfiftyplus.com
dwqef.terrigalfiftyplus.com
dyjt.terrigalfiftyplus.com
email.wantyourfeedback.com
wreg.terrigalfiftyplus.com
yukrtg.terrigalfiftyplus.com
bdfdbdf.terrigalfiftyplus.com
wreg.terrigalfiftyplus.com
yukrtg.terrigalfiftyplus.com
172.67.141.173
188.114.97.3
172ff7e0da12616a84da2b179bc179dbcf18757a86c14dd396ae23436c4434fc
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9
7226db762e70be8158ccb0c71884aa5de6328ba470bc5dc435430af0af02cdab
80eae3a1aa990724d35fe0fd1cbe430371b20d696b25fe6f6079bd5a1719988a
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221
d470e35ec4ad8448288e8f759aab006de51ced02fc2c9f78a89ded6991fa8172
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa2d4ab6bb6c87d38ab3e38a73a2a09ad989c71a718ef29729095b2968ac9204

dfgrt.terrigalfiftyplus.com Open in urlscan Pro 172.67.141.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

2 Domains

7 Subdomains

2 IPs

2 Countries

230 kBTransfer

805 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

17 Cookies

Indicators

dfgrt.terrigalfiftyplus.com Open in urlscan Pro
172.67.141.173 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

2
IPs

2
Countries

230 kB
Transfer

805 kB
Size

17
Cookies

10 HTTP transactions
4 data transactions