dfgrt.pivitai.net Open in urlscan Pro
172.67.223.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5...
Effective URL:
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On April 26 via manual (April 26th 2024, 5:05:10 pm UTC) from IN — Scanned from NL

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 172.67.223.170, located in United States and belongs to CLOUDFLARENET, US. The main domain is dfgrt.pivitai.net.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.

This is the only time dfgrt.pivitai.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 20	172.67.223.170 172.67.223.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

email.wantyourfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.223.170 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dyjt.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bdfdbdf.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfgrt.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wreg.pivitai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	pivitai.net 3 redirects dyjt.pivitai.net bdfdbdf.pivitai.net dfgrt.pivitai.net wreg.pivitai.net dwqef.pivitai.net Failed	403 KB
2	wantyourfeedback.com 2 redirects email.wantyourfeedback.com	929 B
20	2

	Domain	Requested by
15	wreg.pivitai.net	dfgrt.pivitai.net wreg.pivitai.net
2	dfgrt.pivitai.net	wreg.pivitai.net
2	dyjt.pivitai.net	2 redirects
2	email.wantyourfeedback.com	2 redirects
1	bdfdbdf.pivitai.net	1 redirects wreg.pivitai.net
0	dwqef.pivitai.net Failed	dfgrt.pivitai.net
20	6

This site contains links to these domains. Also see Links.

Domain
bdfdbdf.pivitai.net
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
pivitai.net GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true
Frame ID: E08C15B0D39B68C710D097FC74427D5A
Requests: 23 HTTP requests in this frame

Frame: https://bdfdbdf.pivitai.net/owa/prefetch.aspx
Frame ID: EE0BD2275AD18D6BB532736965D0AA52
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZ... HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

2
IPs

2
Countries

398 kB
Transfer

1316 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bdfdbdf.pivitai.net/owa/
Title: Maak nu een account

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/nl-NL/servicesagreement/
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/nl-NL/privacystatement
Title: Privacy en cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Page URL
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 307
http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 307
https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D HTTP 302
https://dyjt.pivitai.net/wlFGCNZO HTTP 302
https://bdfdbdf.pivitai.net/owa/ HTTP 302
https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w

20 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	authorize Show response dfgrt.pivitai.net/common/oauth2/ Redirect Chain http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0Y... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0... https://dyjt.pivitai.net/wlFGCNZO https://bdfdbdf.pivitai.net/owa/ http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0Y... https://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0... https://dyjt.pivitai.net/wlFGCNZO https://bdfdbdf.pivitai.net/owa/ https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000...	22 KB 11 KB	5356ms 5329ms	Document text/html	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b8808fafe47afd23cda2df27de47e3becbbbd8f9432ed357db1a07b8307eb685` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 87a827ba38cf9fdc-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 17:05:03 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} server cloudflare vary Accept-Encoding x-ms-ests-server 2.1.17846.6 - KRC ProdSlices x-ms-request-id 30d212a2-781b-46fb-bfe6-a0277a31a800 x-ms-srs 1.P Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87a827b15d289fdc-AMS content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 17:05:00 GMT location https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w nel {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} p3p CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" report-to {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=XSP&RemoteIP=2403:cfc0:1114::"}],"include_subdomains":true} request-id 0920aab0-ad72-add8-2ed9-fa29ba12e982 server cloudflare x-backend-begin 2024-04-26T17:04:59.939 x-backend-end 2024-04-26T17:04:59.939 x-backendhttpstatus 302 x-beserver SGBP274MB0025 x-besku WCS5 x-calculatedbetarget SGBP274MB0025.SGPP274.PROD.OUTLOOK.COM x-diaginfo SGBP274MB0025 x-feefzinfo XSP x-feproxyinfo SGAP274CA0022.SGPP274.PROD.OUTLOOK.COM x-feserver SGAP274CA0022 x-firsthopcafeefz XSP x-iids 0 x-owa-diagnosticsinfo 1;0;0 x-proxy-backendserverstatus 302 x-proxy-routingcorrectness 1 x-rum-notupdatequerieddbcopy 1 x-rum-notupdatequeriedpath 1 x-rum-validated 1 x-ua-compatible IE=EmulateIE7
GET H3	200	BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js wreg.pivitai.net/shared/1.0/content/js/	138 KB 50 KB	78ms 33ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 131536 x-cache TCP_HIT x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 26 Mar 2024 18:07:05 GMT server cloudflare x-azure-ref 20240425T043249Z-r1869b9b46cbz8pnfx60nrnch000000008ug00000000n90s report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PlKw47FlUo74dwzZYv5QP06%2BSI3YdJS0wEJmgI6VLjX6YZ3PD94eV6sbRCQtvlPjNIIW4tcR7bBB9Se4C2VV9ejYM1cIiFC50p9GxzuT6Yrr8ou2yuRGwZl26tE6%2FQ2Gfab"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id ec3eea00-901e-0023-301b-9209ab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827dbeb5e9fdc-AMS
GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET DATA	200 OK	truncated /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	Primary Request authorize Show response dfgrt.pivitai.net/common/oauth2/	39 KB 17 KB	2526ms 2525ms	Document text/html	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `30dbea41a0a985c5710041696d8bbe9f8e0969c7205e2ceef2fad3e794918c6f` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 87a827dc6c179fdc-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 17:05:08 GMT expires -1 link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} server cloudflare vary Accept-Encoding x-dns-prefetch-control on x-ms-ests-server 2.1.17910.10 - KRSLR1 ProdSlices x-ms-request-id c018279a-0c65-48b5-a1c0-df1398407f00 x-ms-srs 1.P
GET H3	200	watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	117 KB 41 KB	31ms 31ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 131534 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Fri, 26 Feb 2021 06:13:13 GMT server cloudflare x-azure-ref 20240425T043252Z-r1869b9b46cbz8pnfx60nrnch000000008ug00000000n965 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUJa%2BbDjTOWyj9P8Zi1ojMIvoU2mEN9XbJgE6Qqr1wEjil%2FqCtDZK%2FA9RZ8vJ5HaXdU2k21gw6%2BOyHWBBmO5j6M9QoEdPijtDjN1vSU2uKP7T6dqrxH9qn5rS8NvqyTneeEt"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9037fbbd-601e-0060-282e-92a7bc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827e29cdd9fdc-AMS
GET H3	200	frameworksupport.min_oadrnc13magb009k4d20lg2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	12 KB 6 KB	34ms 34ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115544 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 22 Oct 2020 20:43:21 GMT server cloudflare x-azure-ref 20240425T085922Z-r1869b9b46cmf9rw5e2qm6e7kg00000001u000000000xhea report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSHFIMHwO3Sgld62PgcYBErfXBtT5FeT6Otvrh%2FsDYVQLNsh3q6Yz2Cu451wNAKO0v7qHr1WqDl6pcqPqd3RLelDKpEGbqBuqPUvXzQrsdGbzhYOAK9twBZ6sq8fwCdoMbbu"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 1fe4c795-501e-0003-3909-939898000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827e2dd329fdc-AMS
GET H3	200	watson.min_q5ptmu8aniymd4ftuqdkda2.js wreg.pivitai.net/ests/2.1/content/cdnbundles/	9 KB 5 KB	27ms 26ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 110208 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 28 Jun 2022 20:27:38 GMT server cloudflare x-azure-ref 20240425T102819Z-158fbddb65dxf9styy2ca226ew00000007rg00000000abbr report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaviH9Zyf6lS1ABi0apQK0VkGKSTQa%2FZ8loTuk6Q3TdxzIneE%2FtOvXvdthyIIuXXE6Y6hf0SGOTo%2F2mFAnrMfzddS9YypYTqlUOmXchG9LyRZ8AbqH8AIY1mIvgz%2FFESUs7k"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 664a4c73-d01e-000b-19ef-91c089000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827e31d799fdc-AMS
POST		watson dfgrt.pivitai.net/common/handlers/	0 0

GET DATA	200 OK	truncated Show response /	341 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET		Me.htm dwqef.pivitai.net/	0 0

GET H3	200	converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css wreg.pivitai.net/ests/2.1/content/cdnbundles/	110 KB 20 KB	29ms 28ms	Stylesheet text/css	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 134048 x-cache TCP_HIT x-fd-int-roxy-purgeid 0 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 27 Dec 2023 18:18:12 GMT server cloudflare x-azure-ref 20240425T035101Z-15b4f9478487vmzr3r64sg19xs00000008rg000000005a8q report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ocaqpsteKPaCjsKln4%2BizGUACk4A3XA1LETux2I2GT3GXPcgDAS3EPacGj1FSPbyNWz9V1NIrxfd2820knoVreog%2FxQFPqkSllhOUAS7iZo7cC6psZomiFXcLWAjRtMy6k%2B"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * x-ms-request-id e3099cbe-501e-0003-1043-929898000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827efd8de9fdc-AMS
GET H3	200	ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Show response wreg.pivitai.net/shared/1.0/content/js/	434 KB 115 KB	37ms 37ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `512a8fac47c8e5b834ac07141c24810e80316a571d13095ec9da70760225aaf0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 102765 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Fri, 05 Apr 2024 02:22:39 GMT server cloudflare x-azure-ref 20240425T123223Z-158fbddb65dl58cbxm03xhqdnw000000062000000000037y report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yITo3bNMSeISzCuHLjiCU4p1f3aJJXqYE3L1kVzvxhQd628Nt2h2w8QX3%2FS0S768EZkJN8BNcSUBW1ro8bzmOK8UgrUlqkLBkjyVvoVeL%2ByDMmt9HYRQt2CJ%2FmNLtHoUP9E3"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 3e38bb38-101e-0007-57f3-913490000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827efd8e19fdc-AMS
GET H3	200	ux.converged.login.strings-nl.min_w5zdjuew9ikqqaihfekiqg2.js Show response wreg.pivitai.net/ests/2.1/content/cdnbundles/	57 KB 17 KB	33ms 33ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_w5zdjuew9ikqqaihfekiqg2.js Requested by Host: dfgrt.pivitai.net URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d470e35ec4ad8448288e8f759aab006de51ced02fc2c9f78a89ded6991fa8172` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 102765 x-cache TCP_MISS x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Tue, 02 Apr 2024 21:29:17 GMT server cloudflare x-azure-ref 20240425T123223Z-r1869b9b46cwbnz8brg7z1hr70000000094000000000vqdu report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4B1fLrhMxZ5Xa9fXvoC3nGTlMeKMI9manfRddtA56StQqBNfZTyL%2FfpkzF1nHBW4CS1mk47nsQZZaceETAjhILDkrzykZFqcttiwiq4qrZrLYOkq0fGCw3VcfcsbgwPARJBc"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 08a5cbc5-b01e-000d-4b0c-973a85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827efd8e39fdc-AMS
GET DATA	200 OK	truncated Show response /	875 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/javascript
GET H3	200	convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js Show response wreg.pivitai.net/shared/1.0/content/js/asyncchunk/	219 KB 51 KB	52ms 52ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 82940 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 28 Mar 2024 21:22:21 GMT server cloudflare x-azure-ref 20240425T180249Z-r1869b9b46cz9tdx6gyuh69kb800000009ng00000000a1b7 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4qvWbXmGIb5Gypks05re7PWO50pb2E1LP%2B3qcOxgU%2F3C0UI4uX2M5lERxtBgAA1bkaSFvFIAsONrAIzWXgoG%2BbvuELX52hsSXXxJTyCrHoxnrT1L5GB0nGZtk%2ByKjXv5%2BKt"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 49f9c42d-001e-001e-5a3c-93f7a1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f049859fdc-AMS
GET		prefetch.aspx bdfdbdf.pivitai.net/owa/ Frame EE0B	0 0

GET H3	200	49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/	987 B 2 KB	26ms 25ms	Image image/jpeg	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:42 GMT server cloudflare etag 0x8DB5C3F457E15E1 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2dd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAKgxgMqqTyuqbo6aHpBdAoCqTjjbtTcVXxUOhFCnzAobdgKNUJTlczl6XV8nSuBxe%2BEVxwI4sVIjcE8P253BRSogsc7%2B9R%2BY3gvavIre74CGqfiPAmBhTE9WphSR8oCUd2C"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * x-ms-request-id 5efdb8a1-f01e-0071-7d34-963c9c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0da629fdc-AMS
GET H3	200	49_6ffe0a92d779c878835b40171ffc2e13.jpg wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/	17 KB 18 KB	27ms 27ms	Image image/jpeg	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:42 GMT server cloudflare etag 0x8DB5C3F4584F323 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2da report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4SbTggkZ0B8WjHjfktxZ5ZOVMLCzIE5iYDwNX8x2GR0MGhh93d5Rcr6FC8PdEnTgSDya79RWN5SQuxCmknsFO%2B0mIJH10Sd%2BRaXzCuDo3hHP9EXHCTOMIx%2B3%2B3Pa4l1tBqn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * x-ms-request-id 68f06eff-901e-005b-2e38-96a3ba000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0da659fdc-AMS
GET H3	200	53_7a3c80bf9694448bac31a9589d2e9e92.png wreg.pivitai.net/shared/1.0/content/images/applogos/	5 KB 6 KB	32ms 31ms	Image image/png	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:45 GMT server cloudflare etag 0x8DB5C3F475BAFC0 x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2d8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X61fffaZ2wI5GkQKfrDRZK0CRNSSAMDjJYXgnvkfNxtPw4CxiJ5WR9S2MZGe1xZ2YuiQRTy8Jtmuu1kptssmKbj%2FDd6RzbXFMn56BBVCpCn0dGogSid7cZm2zO8cwPt1ut0i"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * x-ms-request-id 7467f48d-601e-0070-05bc-95179e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0da679fdc-AMS
GET H3	200	microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg wreg.pivitai.net/shared/1.0/content/images/	4 KB 2 KB	29ms 29ms	Image image/svg+xml	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT server cloudflare x-azure-ref 20240425T092813Z-r1869b9b46cmf9rw5e2qm6e7kg00000001xg00000000n2de report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfH%2Fwlrguj2gpXJ1gqjFCylHCBHAxGXMt85cVnP%2BWJoPOs8GhGuobmWq1u9DrWRBgSjb7vu4VoPGJccD6EMCQE4z4JRcg7A7Mhfq9PyyOZiwPg%2BVh1S4ahmtJUu%2FNESrpiwl"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * x-ms-request-id 51475654-901e-001f-1cc3-95dca3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0da689fdc-AMS
GET H3	200	convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js Show response wreg.pivitai.net/shared/1.0/content/js/asyncchunk/	111 KB 36 KB	32ms 31ms	Script application/x-javascript	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js Requested by Host: wreg.pivitai.net URL: https://wreg.pivitai.net/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 43748 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Thu, 28 Mar 2024 21:22:22 GMT server cloudflare x-azure-ref 20240426T045601Z-r1869b9b46cbz8pnfx60nrnch00000000afg0000000063af report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KooMgu5IvGh1qpboAXU%2BXSfunMyW0pEDMKVTwGzLmRt8GEplSaeAtv%2Bq0jEok9K7r3Z0mhNhRr790xaH4d%2FvyELz5zB5BchsDAbipXYAPugYbfssffXS1rToBc6b6gpBBzrf"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * x-ms-request-id 6995205a-101e-0017-7381-9784b2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0da6e9fdc-AMS
GET H3	200	favicon_a_eupayfgghqiai7k9sol6lg2.ico wreg.pivitai.net/shared/1.0/content/images/	17 KB 1 KB	25ms 25ms	Other image/x-icon	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wreg.pivitai.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Sun, 18 Oct 2020 03:02:03 GMT server cloudflare x-azure-ref 20240425T092813Z-r1869b9b46cnc5zjgkyrrgbnk0000000019000000001dax3 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBrLD30fDSLVzfkx9Rsxej7GwMPmsdx%2BB%2FGXEkdM5op%2B%2BJnUUnETkfzV%2B%2Bq08Dkhnv8UqAG8KzzWkBCEm8hrnGAhvCvWDHSdIzSe4mDKkKhKkW886f%2FSvLxLRmauS0i2wfnI"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * x-ms-request-id 957e8c64-301e-0039-5255-96b79c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f0fa9a9fdc-AMS
GET H3	200	signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg wreg.pivitai.net/shared/1.0/content/images/	2 KB 1 KB	27ms 26ms	Image image/svg+xml	172.67.223.170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wreg.pivitai.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://dfgrt.pivitai.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 26 Apr 2024 17:05:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 113815 x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 alt-svc h3=":443"; ma=86400 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:49 GMT server cloudflare x-azure-ref 20240425T092814Z-r1869b9b46cnc5zjgkyrrgbnk0000000019000000001day1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPqNhQZOaCx2yb2w%2FmMWDc2rHwLC8B5Z%2BccHQQEn9vwYVEyE%2BqqG5Ws63dhMuPK19zJV9AZeO5W7r8mTgOLy7piwzp9rXN9SRLHhpmMeFsppzqX%2Bgd30HS3P4GKH8kByfryv"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * x-ms-request-id 15325a5e-b01e-000d-5f57-963a85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 vary Accept-Encoding cf-ray 87a827f2bd039fdc-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dfgrt.pivitai.net
URL: https://dfgrt.pivitai.net/common/handlers/watson

Domain: dwqef.pivitai.net
URL: https://dwqef.pivitai.net/Me.htm?v=3

Domain: bdfdbdf.pivitai.net
URL: https://bdfdbdf.pivitai.net/owa/prefetch.aspx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pivitai.net/	1970-01-20 20:09:14	Name: FAro Value: ee0ed070dd764bdc75020a0333de1c1351fef4e2b9f5c6fe00a1d0f89fd3b71e
bdfdbdf.pivitai.net/	1970-01-21 04:54:47	Name: ClientId Value: E01A0A1C13F74084A10F2669B10D2738
bdfdbdf.pivitai.net/	1970-01-21 00:32:42	Name: OIDC Value: 1
bdfdbdf.pivitai.net/	1970-01-20 20:09:14	Name: OpenIdConnect.nonce.v3.zG8ZA3JZwkG8ID0DkSMx43exRGGWsvm4chjpP_EvPP8 Value: 638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816
bdfdbdf.pivitai.net/	1970-01-20 20:09:32	Name: X-OWA-RedirectHistory Value: ArLym14BiM29ARNm3Ag
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx-bbGGEa7SusA Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd85XDhXMLCpDykBkmTnXOhVrfmpb3Cnv6Q36aVQ4SGxa9PeAjaOu-bqoH01ZKI53HLicGxFMLZevyi9cdUH9Eck4X2v0zcqZDtmZABGiDksqIOR4v54drSsOYzTqEYRdRSMruV44kpCM9dGzM5oK4ttCAA
dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
dfgrt.pivitai.net/	1970-01-20 20:09:11	Name: SSOCOOKIEPULLED Value: 1
dfgrt.pivitai.net/	1970-01-20 20:52:23	Name: buid Value: 0.AUoAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd88oDfpj1im4GITWO_DyU-iZWfApMU-YpAYDkJqg7CmJoKLxP9weGoHQoiAv72b9rKWuAVHE8BJDY3oy7XG506IqAqebFJuo40XBGhvj4nY9EgAA
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd83-o1ELo_gXtL97g8IbwMXJgBOqDAooSLJgCrl9w8qvkps_NkKIHXPa1qnDzuMm_hgygpjtmcpTTrYwNSq2Y7S19H1kEUh2971zcfPFCBxC_nfI5xLfX5CO_PGTCflaYFOEW4Ts57JFydc7GavTVzWNwsdV1CslbBPx6UOotFs7EgAA
.dfgrt.pivitai.net/	1969-12-31 23:59:59	Name: esctx-yCo3zKk7loY Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8MP5_mKZ_JFoMaS6Fu4vZuxEPHqosl7bCsFzJbvt5nWC4wpB0bXAaI31qJ37iR4X1bQWkP_VZWjR0vrBUqaFRCOUJWCkSbR0QCHrc5Vu-nAcr0gHr0oGSmuwTgd4cIS3Ewn2WxU11aVdrcWH4fcZ6nSAA
dfgrt.pivitai.net/	1970-01-20 20:52:23	Name: fpc Value: Au3h7rGp6ihFi1NzI-gcyRWerOTJAQAAAMPVvd0OAAAA
.dfgrt.pivitai.net/	1970-01-21 05:30:47	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://dfgrt.pivitai.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0920aab0-ad72-add8-2ed9-fa29ba12e982&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638497478999395720.59ce3272-2820-4f1d-88e5-8ad075b46816&state=DctBFoAgCABRrddxSEQQOI6lbVt2_Vj82U1OKe1hCxkjSXszdmU1d28uSniK36uREpARAj91gtkSsDFR5eJuted4j_J-o_w&sso_reload=true Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdfdbdf.pivitai.net
dfgrt.pivitai.net
dwqef.pivitai.net
dyjt.pivitai.net
email.wantyourfeedback.com
wreg.pivitai.net
bdfdbdf.pivitai.net
dfgrt.pivitai.net
dwqef.pivitai.net
172.67.223.170
188.114.97.3
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
30dbea41a0a985c5710041696d8bbe9f8e0969c7205e2ceef2fad3e794918c6f
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
512a8fac47c8e5b834ac07141c24810e80316a571d13095ec9da70760225aaf0
663053ef895163d7525641d5b675f92e1a3eeb361b6a2ae766bd04a0ac1549c9
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
b8808fafe47afd23cda2df27de47e3becbbbd8f9432ed357db1a07b8307eb685
d470e35ec4ad8448288e8f759aab006de51ced02fc2c9f78a89ded6991fa8172
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

dfgrt.pivitai.net Open in urlscan Pro 172.67.223.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

0 %IPv6

2 Domains

6 Subdomains

2 IPs

2 Countries

398 kBTransfer

1316 kBSize

15 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

15 Cookies

1 Console Messages

Indicators

dfgrt.pivitai.net Open in urlscan Pro
172.67.223.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

2
IPs

2
Countries

398 kB
Transfer

1316 kB
Size

15
Cookies

20 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!