dfgrt.pivitai.net Open in urlscan Pro
172.67.223.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5...
Effective URL:
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On April 26 via manual (April 26th 2024, 4:20:44 pm UTC) from CA — Scanned from NL

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 172.67.223.170, located in United States and belongs to CLOUDFLARENET, US. The main domain is dfgrt.pivitai.net.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.

This is the only time dfgrt.pivitai.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 19	172.67.223.170 172.67.223.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

email.wantyourfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.223.170 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dyjt.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bdfdbdf.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfgrt.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wreg.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	pivitai.net 2 redirects dyjt.pivitai.net bdfdbdf.pivitai.net dfgrt.pivitai.net wreg.pivitai.net dwqef.pivitai.net Failed	403 KB
2	wantyourfeedback.com 2 redirects email.wantyourfeedback.com	925 B
20	2

	Domain	Requested by
15	wreg.pivitai.net	dfgrt.pivitai.net wreg.pivitai.net
2	dfgrt.pivitai.net	wreg.pivitai.net
2	email.wantyourfeedback.com	2 redirects
1	bdfdbdf.pivitai.net	1 redirects wreg.pivitai.net
1	dyjt.pivitai.net	1 redirects
0	dwqef.pivitai.net Failed	dfgrt.pivitai.net
20	6

This site contains links to these domains. Also see Links.

Domain
bdfdbdf.pivitai.net
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
pivitai.net GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true
Frame ID: 6D689C4C4367FBE76E1D6625C48B7F43
Requests: 23 HTTP requests in this frame

Frame: https://bdfdbdf.pivitai.net/owa/prefetch.aspx
Frame ID: 3CBD111E7FCEE870C07CC3E53C46D064
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

2
IPs

2
Countries

398 kB
Transfer

1316 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bdfdbdf.pivitai.net/owa/
Title: Maak nu een account

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/nl-NL/servicesagreement/
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/nl-NL/privacystatement
Title: Privacy en cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Page URL
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE

20 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	authorize Show response dfgrt.pivitai.net/common/oauth2/ Redirect Chain http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0Y... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0... https://dyjt.pivitai.net/wlFGCNZO http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0Y... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0... https://dyjt.pivitai.net/wlFGCNZO https://bdfdbdf.pivitai.net/owa/ https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000...	22 KB 11 KB	1751ms 1737ms	Document text/html	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `29598fe3505b1384697955233c0b7f608c59f6920c1dac98881e71777e82ad49` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 87a7e6b49d611cbe-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 16:20:38 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} server cloudflare vary Accept-Encoding x-ms-ests-server 2.1.17846.6 - SEASLR1 ProdSlices x-ms-request-id 12bf7fe1-1594-49dd-8551-0725e9633d01 x-ms-srs 1.P Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87a7e6a5bb311cbe-AMS content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 16:20:37 GMT location https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE nel {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} p3p CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" report-to {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=XSP&RemoteIP=2403:cfc0:1114::"}],"include_subdomains":true} request-id 35f6efdb-16c8-1a59-aa64-df860dad0d29 server cloudflare x-backend-begin 2024-04-26T16:20:36.385 x-backend-end 2024-04-26T16:20:36.385 x-backendhttpstatus 302 302 x-beserver TYZPR01MB5889 x-besku WCS7 x-calculatedbetarget TYZPR01MB5889.apcprd01.prod.exchangelabs.com x-calculatedfetarget TYCP286CU023.internal.outlook.com x-diaginfo TYZPR01MB5889 x-feefzinfo XSP x-feproxyinfo SG2PR01CA0118.APCPRD01.PROD.EXCHANGELABS.COM x-feserver TYCP286CA0342 SG2PR01CA0118 x-firsthopcafeefz XSP x-iids 0 x-owa-diagnosticsinfo 0;0;0 x-proxy-backendserverstatus 302 x-proxy-routingcorrectness 1 x-rum-notupdatequerieddbcopy 1 x-rum-notupdatequeriedpath 1 x-rum-validated 1 x-ua-compatible IE=EmulateIE7
GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Show response wreg.pivitai.net/shared/1.0/content/js/	138 KB 50 KB	70ms 32ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ec4cb8590aad908f5950ee6214ecca29d315be43d59fffbecc54b460bb1936c9` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128870 x-cache TCP_HIT x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 26 Mar 2024 18:07:05 GMT server cloudflare x-azure-ref 20240425T043249Z-r1869b9b46cbz8pnfx60nrnch000000008ug00000000n90s report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9qel6B4EbTzTGQvfmVuKY7ko9ZUCUKSG4je4oTGAjEdWi%2FnoxEoxW%2FX6ZVKb5inB0IXL8XdqX%2Ftan4dDGsg8mLykfjKWt98mBAeeUZ41QCHFv08hCVRuqVc7lEQXfibd%2BEI"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id ec3eea00-901e-0023-301b-9209ab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6c2de811cbe-AMS
GET DATA	200 OK	truncated /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	Primary Request authorize Show response dfgrt.pivitai.net/common/oauth2/	39 KB 18 KB	2521ms 2520ms	Document text/html	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7113b43824412baf1165a132dc5a5f1be2451a86f50015a1c3c2aee33d205397` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 87a7e6c35f371cbe-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 16:20:42 GMT expires -1 link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} server cloudflare vary Accept-Encoding x-dns-prefetch-control on x-ms-ests-server 2.1.17846.6 - JPE ProdSlices x-ms-request-id 7503e209-2037-4edb-92d3-f09a4850df00 x-ms-srs 1.P
GET H3	200	watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	117 KB 41 KB	34ms 33ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128868 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Fri, 26 Feb 2021 06:13:13 GMT server cloudflare x-azure-ref 20240425T043252Z-r1869b9b46cbz8pnfx60nrnch000000008ug00000000n965 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nI1Zbbm0cqDm1yTSjjFWa2vxtlmuW2Q7%2F1DnuHZU%2FDbGtQEf8qZkFT7yeP%2ByxOJ3VzTcxFP0fFjsxEbEIyp7uV8cjEciNv74sScqHXmGTgUzLCuppY0F%2BqkdU7aKKaAmhLpC"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9037fbbd-601e-0060-282e-92a7bc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6c99f441cbe-AMS
GET H3	200	frameworksupport.min_oadrnc13magb009k4d20lg2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	12 KB 6 KB	27ms 27ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 112877 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 22 Oct 2020 20:43:21 GMT server cloudflare x-azure-ref 20240425T085922Z-r1869b9b46cmf9rw5e2qm6e7kg00000001u000000000xhea report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCe9gPXDx0TAWIsWHL0EoVeaT9IBXgFtdZZCDtW%2FpWL%2F1xpSvROtl2a8fG5OyGoOQSWimmo5z%2BlYLNAFt8rGd5DLaiUUjgyafa6codmID5eLnwA7r8FjYZ2OL6KI5voif9mv"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 1fe4c795-501e-0003-3909-939898000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6c9efa71cbe-AMS
GET H3	200	watson.min_q5ptmu8aniymd4ftuqdkda2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	9 KB 5 KB	38ms 38ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 107541 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 28 Jun 2022 20:27:38 GMT server cloudflare x-azure-ref 20240425T102819Z-158fbddb65dxf9styy2ca226ew00000007rg00000000abbr report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4ktgFC9BBxC82deoW8hCGdM9jCbiGqDh38Xs08erH8GDyGS6OpJQF3Eq8J7fX76XZ0avZsBck6kLgkbXyXHzKOyryVWie4z8ZdlHt2UB9mXyxGcUFFrL8OujPJVJz9fdCJP"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 664a4c73-d01e-000b-19ef-91c089000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6ca1fd81cbe-AMS
POST		watson dfgrt.pivitai.net/common/handlers/	0 0

GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET		Me.htm dwqef.pivitai.net/	0 0

GET H3	200	converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css wreg.pivitai.net/ests/2.1/content/cdnbundles/	110 KB 20 KB	35ms 34ms	Stylesheet text/css	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 131381 x-cache TCP_HIT x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 27 Dec 2023 18:18:12 GMT server cloudflare x-azure-ref 20240425T035101Z-15b4f9478487vmzr3r64sg19xs00000008rg000000005a8q report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUVD%2BdJGG9rw%2B23tebiffLDq8ORlmJXYsnpkqoLqOiS2SbKa2TntOTh1xqOC1%2FE%2BbmFt5oiSKqrqTc%2BNuXLvZKwwzDIIZHjKmB8sDSUUTiypiAkAnvC%2FrzxF%2BtzZ1ywPNiXc"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * x-ms-request-id e3099cbe-501e-0003-1043-929898000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d6ced31cbe-AMS
GET H3	200	ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js Show response wreg.pivitai.net/shared/1.0/content/js/	434 KB 115 KB	37ms 36ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2a6aec6bd796879be1868adc44ca6e22bf7bbac484e6a2a896f09b08463d41c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111157 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 27 Mar 2024 20:03:18 GMT server cloudflare x-azure-ref 20240425T092805Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n1gk report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uO21ragxq4b7dC2gWn%2FAuMf%2FlIWmzFQIxEgJiqxyNygT9QlkeuX%2BkDxqQzlg5JbzShOoiy6qpsmejUDCKEQa6bA0QRQUZcNC8l3kmJKBK8106jctu27L1IxqnvNHqquYuLYi"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id ec2ae9f4-f01e-004d-32f0-95e994000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d6ced51cbe-AMS
GET H3	200	ux.converged.login.strings-nl.min_so1vlfg6dwq81xnm1w7qww2.js Show response wreg.pivitai.net/ests/2.1/content/cdnbundles/	57 KB 17 KB	32ms 31ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_so1vlfg6dwq81xnm1w7qww2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54b66901592d09fe8d36292e4e275bc23b99764073dc6b32bc99c3d7bbc6e1c8` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 107054 x-cache TCP_MISS x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 28 Mar 2024 02:23:54 GMT server cloudflare x-azure-ref 20240425T103626Z-r1869b9b46cmf9rw5e2qm6e7kg00000001vg0000000195k0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZ80h2ml%2FO3EvJihX57l6zyycPQu7sNtWsAgEQLDJnq6cl3kCps07Rwgs7a1oqo2XYrrl4A8QqHrke1K0cwoEe2NYhy4JSND1EjKvR7CAeke1IIQBBpvWjNAObf8YmG%2BgXls"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id d7247505-e01e-0000-21fc-96e59e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d6ced61cbe-AMS
GET DATA	200 OK	truncated Show response /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js Show response wreg.pivitai.net/shared/1.0/content/js/asyncchunk/	219 KB 51 KB	62ms 61ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111152 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 19:13:15 GMT server cloudflare x-azure-ref 20240425T092810Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n21w report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jtwr%2FPyhvuXRmDEVQ8FlrovDpKTvvcAjUOfd3IRuCmRBfV0uBlLhQPxsMOaR1SuBbFocD%2FIMYPrSQVwPJHzdDcpcB29u8J6tuEcSPOyhahWV0eVyZ8NiIfEKQLRQc7Hhq9dl"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 3e7b70ee-301e-0015-2969-96d2b6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d76fab1cbe-AMS
GET		prefetch.aspx bdfdbdf.pivitai.net/owa/ Frame 3CBD	0 0

GET H3	200	49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/	987 B 2 KB	29ms 28ms	Image image/jpeg	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:42 GMT server cloudflare etag 0x8DB5C3F457E15E1 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2dd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KRS2qBbiRO3ZrGtRUMd8%2F0fyQjdD5dZJPox%2B1JZ%2BOip0xqC%2BsAGyR1ZD%2Fsbsm3rQpHudSq8%2B%2FEA96SPEeRJprg5c5%2FW%2B%2FX7ZxloPeXOE02%2BsTRPjmm6juvTkhIRiBra9DLs"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * x-ms-request-id 5efdb8a1-f01e-0071-7d34-963c9c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d818a31cbe-AMS
GET H3	200	49_6ffe0a92d779c878835b40171ffc2e13.jpg wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/	17 KB 18 KB	35ms 35ms	Image image/jpeg	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:42 GMT server cloudflare etag 0x8DB5C3F4584F323 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2da report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tRlaYzCuNZtqw4GhcnfY9XgwiBqk0xYglteEDw5Cdwu0NCoO2cR1QNo%2Bvywp0tlX8SMCB%2BClrpcXWBKle9F0yYPzX%2F9GuxdNGPDdwCWC%2BleK320JDGmqYvFLELrziPFx3AT"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * x-ms-request-id 68f06eff-901e-005b-2e38-96a3ba000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d818a71cbe-AMS
GET H3	200	53_7a3c80bf9694448bac31a9589d2e9e92.png wreg.pivitai.net/shared/1.0/content/images/applogos/	5 KB 6 KB	31ms 31ms	Image image/png	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:45 GMT server cloudflare etag 0x8DB5C3F475BAFC0 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2d8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVaNt6N7lEaJncq%2F8T1oZW%2FZf0fHCgsK%2F7M5jyYhMzGv0OSLvU6KAtHfRf3zzl40bH5oIY1mo6mzxpr3f2PzNXxIqYCCw2Hb2gponGP4TM2W7ODeMWUmsd0xo1GgfVLZeXdR"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * x-ms-request-id 7467f48d-601e-0070-05bc-95179e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d818a81cbe-AMS
GET H3	200	microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg wreg.pivitai.net/shared/1.0/content/images/	4 KB 2 KB	30ms 30ms	Image image/svg+xml	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT server cloudflare x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2de report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCJ2YbERfLQimJCtHjVzsvhIfUL16ejJuUzw6G%2Fp7jS88YXKPclDK7sdR%2BDFydsNKy%2FCDkkRM64tfRsFsdGeOxKENFBwRecpVPWRkGhqYoZkLrirLADo9X7bydxMLQ2PV7SA"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * x-ms-request-id 51475654-901e-001f-1cc3-95dca3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d818a91cbe-AMS
GET H3	200	convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js Show response wreg.pivitai.net/shared/1.0/content/js/asyncchunk/	111 KB 36 KB	31ms 31ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 19:13:16 GMT server cloudflare x-azure-ref 20240425T092813Z-r1869b9b46cnc5zjgkyrrgbnk0000000019000000001daww report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vY%2BbGBXT%2BfEmlOihiluoOBiV6%2Fnb27JLbCCQLp50ZO5J5dhhoNBAXjzj3v9edmMcYDbvnEGL%2B38h6vUs%2FCpQ3ys7QmRETTjgj6hhXcWKGviRoZYkyQ2PVzOovN9NxG6Yrpq"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 2bbf2a48-a01e-0040-4bb1-96368f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d818b41cbe-AMS
GET H3	200	favicon_a_eupayfgghqiai7k9sol6lg2.ico wreg.pivitai.net/shared/1.0/content/images/	17 KB 1 KB	31ms 30ms	Other image/x-icon	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111148 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Sun, 18 Oct 2020 03:02:03 GMT server cloudflare x-azure-ref 20240425T092813Z-r1869b9b46cnc5zjgkyrrgbnk0000000019000000001dax3 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgjA%2B1uisZMhEDyL7iM1sIg3kNty7BdiPK%2BVoO6SKBRdsnCh1uA5CfUZEBsSzqW2onMa%2BVnEd806h0gpL%2Bj%2BM293aOsAzLobX9TV0gsXlpJvV0ghVCoQjutqEjSJaV0z3%2FAG"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * x-ms-request-id 957e8c64-301e-0039-5255-96b79c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d838d61cbe-AMS
GET H3	200	signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg wreg.pivitai.net/shared/1.0/content/images/	2 KB 1 KB	25ms 25ms	Image image/svg+xml	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 16:20:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 111149 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:49 GMT server cloudflare x-azure-ref 20240425T092814Z-r1869b9b46cnc5zjgkyrrgbnk0000000019000000001day1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVpWtdQ7GL7%2Flvphpy1Lfz25BQdswyxXjeUxqfSPNKWXVaVGcNNMjguQEPd1BwpR9JaMdrZNXzuQNoKh%2B9OpGZ7bNXDLQEY%2ByuOMT0hu1Pwc0o3Yb%2FG3qLnLCi8VmTl15xfq"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * x-ms-request-id 15325a5e-b01e-000d-5f57-963a85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a7e6d9eb231cbe-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dfgrt.pivitai.net
URL: https://dfgrt.pivitai.net/common/handlers/watson

Domain: dwqef.pivitai.net
URL: https://dwqef.pivitai.net/Me.htm?v=3

Domain: bdfdbdf.pivitai.net
URL: https://bdfdbdf.pivitai.net/owa/prefetch.aspx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pivitai.net/	1970-01-20 20:09:12	Name: FAro Value: c0708b347ac5906368f1ea63146d34558c6cc648a6c5faed7f90e2d4ef1d24c4
bdfdbdf.pivitai.net/	1970-01-21 04:54:44	Name: ClientId Value: 74D5CD495C264142B85B110BB557237A
bdfdbdf.pivitai.net/	1970-01-21 00:32:39	Name: OIDC Value: 1
bdfdbdf.pivitai.net/	1970-01-20 20:09:12	Name: OpenIdConnect.nonce.v3.T4X4LGNhJw30YLJ73l_Hi5zagKWDJRY5KZjoIBPrquU Value: 638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9
bdfdbdf.pivitai.net/	1970-01-20 20:09:30	Name: X-OWA-RedirectHistory Value: ArLym14Bkqwjzgxm3Ag
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx-vM5nrXwyads Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hGQXePwiZlAqiQii6JOey1AEvZUL-OoQmPoU6n_I_kfI8FaRavBFaerBZZ_zbsMWQs28x1AEZ1W6jBmXrf-FuMOpRRssLrhBhjmh_OsPdsstwmJ3NKhqKh9ROrxflBL8kB7BORQGjpUkix1XmKa1MCAA
dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
dfgrt.pivitai.net/	1970-01-20 20:09:08	Name: SSOCOOKIEPULLED Value: 1
dfgrt.pivitai.net/	1970-01-20 20:52:20	Name: buid Value: 0.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8r4XY6711AcfnOrOSLY4DkVS-W2f5m_-TXyEaPcaxp8qPyDZE2fJap4UtIKqXjXWaNsZ0WPxFqtqeC7e6VHdy0VyRxCpfoGlwdfSxpnMLRGMgAA
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8tKILEoVEg5i7bYCqBziwJdqAkI7EQw_b_2P_3_OG3xcyfqjJDT_6m00Ks7obI9bAh6FYlMWueIe41D9-thnTaV1wgcVP7_XxmggC968uhhw3CwH8paqMYXMihUTU8nkJIkfrGLoEnk1Nwpsf9EF9a1eH8pVNxhXdU8vuxynhZpwgAA
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx-2PAcsSiPY2s Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8WaxRLO5P23tprt11-AbBb4qFXt-P5RJfhkgaIZECAwH3GrMKqEO2Kf5GPS8ObaBFy6vNJvni4g1z5VmzqUA0b52SHnCXyr4L6GrN6grpZ1q5pKeHejfVyx8UjcLGH3yCUm5DOoG8c-PmsI79Ob4bfiAA
dfgrt.pivitai.net/	1970-01-20 20:52:20	Name: fpc Value: At9-bZU8k_lFh5qtui7N-n2erOTJAQAAAFjLvd0OAAAA
.dfgrt.pivitai.net/	1970-01-21 05:30:44	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=35f6efdb-16c8-1a59-aa64-df860dad0d29&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497452363852946.da0224b3-980b-41af-98f5-1311ec0f33e9&state=DYtJEoAgDMCKjM9BurH0OaBw9ej37SGZXBIAIDqHE9AFrUpXa1pYvAqb1usZyKxTknWcSWlsr10SCdG6cYssC_6e-f1G_gE&sso_reload=true Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdfdbdf.pivitai.net
dfgrt.pivitai.net
dwqef.pivitai.net
dyjt.pivitai.net
email.wantyourfeedback.com
wreg.pivitai.net
bdfdbdf.pivitai.net
dfgrt.pivitai.net
dwqef.pivitai.net
172.67.223.170
188.114.97.3
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
29598fe3505b1384697955233c0b7f608c59f6920c1dac98881e71777e82ad49
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
54b66901592d09fe8d36292e4e275bc23b99764073dc6b32bc99c3d7bbc6e1c8
663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9
7113b43824412baf1165a132dc5a5f1be2451a86f50015a1c3c2aee33d205397
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
ec4cb8590aad908f5950ee6214ecca29d315be43d59fffbecc54b460bb1936c9
f2a6aec6bd796879be1868adc44ca6e22bf7bbac484e6a2a896f09b08463d41c

dfgrt.pivitai.net Open in urlscan Pro 172.67.223.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

0 %IPv6

2 Domains

6 Subdomains

2 IPs

2 Countries

398 kBTransfer

1316 kBSize

15 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

15 Cookies

1 Console Messages

Indicators

dfgrt.pivitai.net Open in urlscan Pro
172.67.223.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

2
IPs

2
Countries

398 kB
Transfer

1316 kB
Size

15
Cookies

20 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!