ospcrews.sa.com/verify/project/sf_rand_string_lowercase6/Y2FybHkuaGFyZGlja0BvcGcuY29t
162.241.71.248200 OK 0 B URL User Request GET HTTP/1.1 ospcrews.sa.com/verify/project/sf_rand_string_lowercase6/Y2FybHkuaGFyZGlja0BvcGcuY29t
IP 162.241.71.248:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectospcrews.sa.com
FingerprintC1:FB:E1:3B:30:EC:94:D8:D9:F9:A0:B5:8E:1B:9F:98:8D:11:20:AA
ValidityWed, 24 May 2023 05:56:20 GMT - Tue, 22 Aug 2023 05:56:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /verify/project/sf_rand_string_lowercase6/Y2FybHkuaGFyZGlja0BvcGcuY29t HTTP/1.1
Host: ospcrews.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 May 2023 14:57:09 GMT
Server: Apache
refresh: 0;url=https://cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cpxxuy.calasavacj.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cf7d406b8c0fac0
188.114.96.1 42 B URL cpxxuy.calasavacj.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cf7d406b8c0fac0
IP 188.114.96.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cf7d406b8c0fac0 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:12 GMT
content-type: image/gif
content-length: 42
last-modified: Thu, 25 May 2023 08:39:03 GMT
etag: "646f1ea7-2a"
server: cloudflare
cf-ray: 7cf7d4081b50b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Tue, 30 May 2023 16:57:12 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
unpkg.com/axios/dist/axios.min.js
104.16.125.175302 Found 21 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.125.175:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash 1cb76b884ba1852b3863bb6554644970
e1eed01e6fce2c7a790a2763ca9cd52e650da690
ba9a8e33cc5c75ffedc02fdd1aebe647050cde650e5e833d5361fa537aa7f270
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 30 May 2023 14:57:16 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H1PJCJKT4CQ0RQRK569SZF0Z-arn
cf-cache-status: HIT
age: 230
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7cf7d420ed78b50c-OSL
X-Firefox-Spdy: h2
aadcdn.msauthimages.net/dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/illustration?ts=636534426530594349
152.199.23.72200 OK 300 kB URL GET HTTP/2 aadcdn.msauthimages.net/dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/illustration?ts=636534426530594349
IP 152.199.23.72:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=9, manufacturer=samsung, model=SM-G935W8, xresolution=140, yresolution=148, resolutionunit=2, software=Adobe Photoshop Lightroom 5.7.1 (Windows), datetime=2018:01:31 08:15:43, GPS-Data], baseline, precision 8, 1440x1080, components 3\012- data
Size 300 kB (299946 bytes)
Hash 9c79aeaf920aba81bb1fd938a716f1e4
7ca4aae1bdfeb0dfe1b7758022f9034588e4d617
cfa0a4b69a395970c9cc68c92794588e93f7b3fa486b22041c4b8784763ec522
GET /dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/illustration?ts=636534426530594349 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=86400
content-md5: nHmur5IKuoG7H9k4pxbx5A==
content-type: image/*
date: Tue, 30 May 2023 14:57:18 GMT
etag: 0x8D56CB03CD1010D
last-modified: Mon, 05 Feb 2018 15:50:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Origin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a40063a8-001e-006a-1f07-93dcf2000000
x-ms-version: 2009-09-19
content-length: 299946
X-Firefox-Spdy: h2
cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
188.114.96.1302 Found 24 kB URL User Request POST HTTP/3 cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
IP 188.114.96.1:443
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mcarly.hardick@opg.com HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cpxxuy.calasavacj.com/Mcarly.hardick@opg.com?__cf_chl_tk=wcHIz5kaA5Xo2fgoIKOBT36qwLTn7JzYnNc.kjBGRyw-1685458632-0-gaNycGzNC6U
Content-Type: application/x-www-form-urlencoded
Content-Length: 3147
Origin: https://cpxxuy.calasavacj.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Tue, 30 May 2023 14:57:16 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
set-cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; path=/; expires=Wed, 29-May-24 14:57:14 GMT; domain=.calasavacj.com; HttpOnly; Secure; SameSite=None
PHPSESSID=77b9a833639819d2b87d56d88ffbe48c; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2NBA7OoVVaWfWIbwPj1gQHXsrD77rTGXaDlmsZAv0ZtdJRZpOJ92vF1BagdvJL0b9rqEgWHLV4DEXz9v6GRS9ki%2BG4fWFdkiHdqCmZTI9cdEFk3NgyV8Jcn5hqyUd8tOASdy%2BeZlVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d413dc65b500-OSL
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/favicon.ico
188.114.96.1404 Not Found 1.2 kB URL GET HTTP/3 cpxxuy.calasavacj.com/favicon.ico
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
GET /favicon.ico HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 30 May 2023 14:57:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm4fx%2BdfS37ST4rbiZbpq3KBbaeBtuijn74fMC5stxVLu3AbV9MPR5YG1n3ZIfzADVA%2BgWd0%2BV9wHrbezwektNRKsNbZMHqsx23sqK%2B6yNX%2BJ%2FL%2BEQLKK3Bk2JKH4MpD9Aj0JYT2ibE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7d422ab0eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/jq/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d28f
188.114.96.1200 OK 86 kB URL GET HTTP/3 cpxxuy.calasavacj.com/jq/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d28f
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d28f HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:15 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSigu3mmx0iQBJUKWkFTt4FsoxRedsVbS%2F6kAJtO8B8UpFPaWiAhJOKGqgm7F4%2BZ4L6YbIOZK%2FAUlWNUWH7woj0R7il%2BSTzh7T0FWPAP0y2Yyp8CYGsk4Xlco1ZmT07HK6Lo1pOyeJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d420afedb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/2
188.114.96.1200 OK 38 kB IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BdDzhgeB5Iaq5%2FzY2T%2BAttsfWnfuuklEyf6e7XTHwa2%2FzvGV%2FRea0uekIoaNlTF22wFnKTRFcbrjXIgyEWsq0GfqzG9%2BB5Nl%2FMt7BS08ED7d79Ic%2BOR59%2BYsONxcHt3tOMwNs1vLQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d4224a8bb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/ic/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab75
188.114.96.1200 OK 17 kB URL GET HTTP/3 cpxxuy.calasavacj.com/ic/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab75
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab75 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:16 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pw3Mp%2FX7stDFe0kRythFQEtmf%2BH85IM7v7A7S%2FDMCl4y%2B%2BR7WzQ2wqsFjpp1FCSxfhTCXvD6wsbFpcQZYWwS11pYXyF1BK9piDYvqxuTpAzlbSZXHY8KLR3OCBwWPMpBJ%2BBSrWLKOkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d425cfc7b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/boot/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d293
188.114.96.1200 OK 51 kB URL GET HTTP/3 cpxxuy.calasavacj.com/boot/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d293
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d293 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:16 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:15 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onMaA%2FUmmtGHhXP67r%2BgrAZ41o4ROx7fk3VeGpHDShqS2BYy%2BCxZsnt1wK3oJ7cdX1wFFx2fzwSfQB7iHNCKmuHkFKmlwDUiKBCfEYTSXFDXEATqbyOOe7oLVpWEBQHKmq965aQOcOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d420afefb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
188.114.96.1403 Forbidden 7.6 kB URL User Request GET HTTP/2 cpxxuy.calasavacj.com/Mcarly.hardick@opg.com
IP 188.114.96.1:443
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7798), with no line terminators
Hash 279911ed4b101f4b673880568716bec7
0d8399161760d765d9fd3da43cd8645f5e4f4da3
47e96783bb6038814dcf68c2a7ad243e243d243cc55bdcaeb3a698b85a18cba7
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mcarly.hardick@opg.com HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 30 May 2023 14:57:12 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6y9o9nG9%2BrZsbWOBaj4vso8sRTsOe5%2FIjOArHMmKgEuKoL8nOlp7KBtzu03UUp92NYfRgNFgOzigi7AzhkgCUOQTqp3tA5isCZCatFtRzhHwegd2F2ucemsWAjHo0MjDVo7Y%2B7%2BxE8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7d406b8c0fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/axios@1.4.0/dist/axios.min.js
104.16.125.175200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP 104.16.125.175:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cpxxuy.calasavacj.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 14:57:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 2157728
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7cf7d4211db8b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
cpxxuy.calasavacj.com/APP-PEETAT/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab7a
188.114.96.1200 OK 105 kB URL GET HTTP/3 cpxxuy.calasavacj.com/APP-PEETAT/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab7a
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-PEETAT/30112fecc1fed9dd37fd82c22d228e7a64760ecbcab7a HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:18 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:16 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjNT7QJrOP6JijJ1H35vxOJy0Fx7CAiODntmawxip6PL%2FWILaqiEgcjUo%2Fdn8dp8HbShAR1mCVC0fv%2By3bKqqFMs7BR8WrJIMkCa3hPtDu9Jx5L86oVj4KP0A3Sh2i6kUDNKX4uI5YM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d422db72b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
188.114.96.1200 OK 24 kB URL User Request GET HTTP/3 cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
IP 188.114.96.1:443
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22448)
Hash 959e63dbb62a584d84835f819add6bd8
1e16e4c7da086b46a8cde92647c105870f55bc3f
1a7666c5529613a006b1ea54e8a864efce66159f620cf9039a596bbbadc3f635
GET /beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cpxxuy.calasavacj.com/Mcarly.hardick@opg.com?__cf_chl_tk=wcHIz5kaA5Xo2fgoIKOBT36qwLTn7JzYnNc.kjBGRyw-1685458632-0-gaNycGzNC6U
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dtACKKq1JCSiAtWLv0bz2JbTLtImMFU5194J%2B8dhfzbl6chjdrpVkblniSHRDupIyq5szuSGFbBKQGjNCk%2FNmSJl4P%2FHS8NVljRLFXcVe70sJd78wS7haO4UUAOCBX7DtriwlbCyz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d41f7e5bb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/o/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabb7
188.114.96.1200 OK 3.7 kB URL GET HTTP/3 cpxxuy.calasavacj.com/o/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabb7
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabb7 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:15 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3O6PcSMnnVSne5s1vEVwQDsxJCuGtF2yzO4bCUy6P%2B1DPCMdxyjRbMYWw21yLk6a17hxHvBvDtI4j20f1tUPfTVMew6zzgK4cLc%2FkKZ7CZNTk7JwjSnH94kvoPnFien7Ja5Jn%2FRiFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d422ab28b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/e/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabbe
188.114.96.1200 OK 513 B URL GET HTTP/3 cpxxuy.calasavacj.com/e/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabbe
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/30112fecc1fed9dd37fd82c22d228e7a64760ecbcabbe HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:15 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzF9Hin0ApkjHrw2%2BRMTmhAS6A%2FSITDfHfu1SFJYabC2Xt6xcXfHYXWo6L0v7omU4t7DPFnjCD1Iv37%2FLxe9caojw5wbvFWDvTTPB50IXYl2mxqiG0xiIXWD3v%2BURPfKuy50rQdudEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d422ab30b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/api-as1f?email=carly.hardick@opg.com&data=logo
188.114.96.1200 OK 168 B URL GET HTTP/3 cpxxuy.calasavacj.com/api-as1f?email=carly.hardick@opg.com&data=logo
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 0eeed8be8b4ee892aacd9c3b2f54ada4
41f527cbc4297ffe2399f2386f14a38a890efc24
eceb1ac1e91ed97b79d223ace0da310c2a0c3ffd098fa44b2c1bcc5182db7578
GET /api-as1f?email=carly.hardick@opg.com&data=logo HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCGRKGu7Sik02ABV9B48Mu64JXziMfITEY9BSLTeRovKMeYHyKRWS0uZjdUXM3ZMMzduu8%2BQc4u%2Bi9TIUU1bc1MUqwFLhzmjco19gWkWGUw8CLzczdsXmjQ8%2BvV1GgLEViiZno5M6uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d422cb54b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aadcdn.msauthimages.net/dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/bannerlogo?ts=638127594902748827
152.199.23.72200 OK 8.7 kB URL GET HTTP/2 aadcdn.msauthimages.net/dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/bannerlogo?ts=638127594902748827
IP 152.199.23.72:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 844c85dbd0c6ebb5c7a5ad141283aea3
0bda23a673d572130d7aaba067c13900d20b37f9
7af81cc16cb6e57437fa056523f317dba2fb5831bfd4fd535c30dd5abc162e32
GET /dbd5a2dd-famp5upvexp-vv2-wteiw3punh0pp4ftznylkwy5its/logintenantbranding/0/bannerlogo?ts=638127594902748827 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=86400
content-md5: hEyF29DG67XHpa0UEoOuow==
content-type: image/*
date: Tue, 30 May 2023 14:57:17 GMT
etag: 0x8DB15AAA7CED4A3
last-modified: Thu, 23 Feb 2023 14:31:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Origin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3a760c58-401e-0029-2007-93f61b000000
x-ms-version: 2009-09-19
content-length: 8727
X-Firefox-Spdy: h2
cpxxuy.calasavacj.com/jm/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d299
188.114.96.1200 OK 6.1 kB URL GET HTTP/3 cpxxuy.calasavacj.com/jm/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d299
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash 0b3cd9bfcbe6444742df90b00f63efc3
0c978b0541c9659215908034b6299f78135c935c
2065edfabc7924bff8e65b4b4ade30bb341d70ab350518bfbad98e1d4f35266f
GET /jm/30112fecc1fed9dd37fd82c22d228e7a64760ecb5d299 HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:16 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:57:15 GMT
last-modified: Mon, 29 May 2023 17:58:49 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IofHVO3hbM1cApqyQ76yPZJvA%2BDC8efQV8tY0XcthShZU4aWR8aktM34dOTyYchNAUbKBkmD%2FH4UF1c4%2FyxOoBNKuDOsvyUhvFalPyBuu8BzO9SV5paXLYFifta0oDmZ6I3ApSe0%2B7w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d420aff1b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cpxxuy.calasavacj.com/api-as1f?email=carly.hardick@opg.com&data=background
188.114.96.1200 OK 176 B URL GET HTTP/3 cpxxuy.calasavacj.com/api-as1f?email=carly.hardick@opg.com&data=background
IP 188.114.96.1:443
Requested by https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Certificate IssuerLet's Encrypt
Subjectcalasavacj.com
Fingerprint1E:85:E1:07:C9:3A:7C:1D:81:CB:13:91:E0:4F:E1:06:F2:84:24:0D
ValidityThu, 18 May 2023 06:32:53 GMT - Wed, 16 Aug 2023 06:32:52 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 1e8978d27b3b8ac37604517a67ea5cce
3c382074f76f5e7f1bbfaad718c84aea7d5bd75e
d7a129b3209a3f9044972fcdd5acb53ddf5a50877e057d33017a89afbf9cf346
GET /api-as1f?email=carly.hardick@opg.com&data=background HTTP/1.1
Host: cpxxuy.calasavacj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpxxuy.calasavacj.com/beebb091955c06fa68b3eb8afc0bae5164760ecb50657PASbeebb091955c06fa68b3eb8afc0bae5164760ecb50659
Cookie: cf_clearance=sQpywuCkN5mYZLPVjDrxqRjuwk5rXout.JdcWMvpwMI-1685458632-0-160; PHPSESSID=77b9a833639819d2b87d56d88ffbe48c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:57:18 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa6AwO7rngLOAP9CtaXuyyuCxoAdDcoW6Jp11k1A3S8WRnighWs2hdgzXXenL95A%2BmMKAMRAL3hnD0E%2Bkj8lXuZsRzfSFQS0tq8VVG0RZp2uHM4iM6vw9rbJxQY9itQcQF9F8BVzwrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7d422cb5cb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400