firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 18:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nby6wnmna8TpvKTJU14V3sCFUT0YQiFUb_HTP-gXwWb_VmiH5N1MTA==
Age: 801
go.cpm-controls.com/e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
18.208.125.13301 Moved Permanently 0 B URL HTTP/1.1 go.cpm-controls.com/e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
IP 18.208.125.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 18:58:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
location: https://go.cpm-controls.com/e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
vary: User-Agent
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4809
Expires: Mon, 05 Sep 2022 20:18:25 GMT
Date: Mon, 05 Sep 2022 18:58:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FWQJAKjinq-WtJa5eGauwG1ixkNq4mEcwgHVGgaxJDmHH8Sn711voA==
age: 63779
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 18:58:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62aa66e3bfc4c014ff7e6451eb6a6903
7cb1c87ad3b174d91d3e7bb97ea94d5d05c8f102
7c91961183af387fbd809a9080133dcd299408f4034fd3eb52dd22cbb8f62d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C91961183AF387FBD809A9080133DCD299408F4034FD3EB52DD22CBB8F62D85"
Last-Modified: Sat, 03 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13688
Expires: Mon, 05 Sep 2022 22:46:24 GMT
Date: Mon, 05 Sep 2022 18:58:16 GMT
Connection: keep-alive
go.cpm-controls.com/e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
34.237.219.119301 Moved Permanently 161 B URL HTTP/1.1 go.cpm-controls.com/e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
IP 34.237.219.119:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 92bb9e71040169a6b5f01b8f632245ee
604897a4842cb209fcd0fe880d35fdeaa854dbe5
d909b90056c4d16c87413282764c66f3b43bcf287e440e7abd1ab5a44b993fd2
GET /e/911112/uling-december-15-16-2022-html/nv8mn/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 18:58:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 161
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
location: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: max-age=63072000
expires: Wed, 04 Sep 2024 18:58:17 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 18:38:16 GMT
Expires: Mon, 05 Sep 2022 19:28:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ea4qO2WObLVCcI8iruzRnjYuz--2_pBfeEZuoC4iUZx1QZ6Fia36AQ==
Age: 1201
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:17 GMT
Last-Modified: Mon, 05 Sep 2022 17:45:23 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dDBkgNkJK4hXQQ10oyDCsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mi+SeRVFvZX4PQMJN2Z16ljPv8E=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8ddd2d999c186242c6bdf8ba737f323
d10ad4f513c53ef89db96159b9732933b6ee4ae5
a069b3b42099a4e749a4a705294e8c55b29d183535c356341ae90ca35d825fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A069B3B42099A4E749A4A705294E8C55B29D183535C356341AE90CA35D825FDA"
Last-Modified: Sat, 03 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15984
Expires: Mon, 05 Sep 2022 23:24:41 GMT
Date: Mon, 05 Sep 2022 18:58:17 GMT
Connection: keep-alive
www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
199.34.228.77200 OK 36 kB URL HTTP/1.1 www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39899)
Hash dcfdfbd02b9f3acc8f225f8934d303d8
9daea9a1e84d885bc597967aef04763c0fbe2032
f5dec17ff99a7995c9bc7a4fb40e0b4637c9ddec99bda7510b04775be6e2676c
Analyzer Verdict Alert fortinet Phishing
GET /2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:17 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.ppmglobalservices.com
language=en; expires=Mon, 19-Sep-2022 18:58:17 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"52966d4ab0335e2d949b90f63f4d4db2-gzip"
Content-Encoding: gzip
X-Host: blu82.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 35768
Keep-Alive: timeout=10, max=55
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32011)
Hash e32a0ae988b9f1c9de6f0f70bfa0ffbd
c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
GET /js/site/commerce-core.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-f57e"
expires: Tue, 06 Sep 2022 12:18:17 GMT
cache-control: max-age=1209600
x-host: blu38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 1147200
x-served-by: cache-sjc10074-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404298.249229,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
IP 151.101.85.46:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Hash 15eaf839ff82242f8d02b1f60c073760
ed5886bbb71827073b52523683a95f0a051f8c40
c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
GET /js/site/main-commerce-browse.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 23:14:16 GMT
etag: "630d4848-f92d"
expires: Tue, 13 Sep 2022 08:14:53 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 557004
x-served-by: cache-sjc10059-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404298.249568,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 07:47:50 GMT
expires: Thu, 31 Aug 2023 07:47:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 472228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1654648342
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 29 Aug 2022 23:13:57 GMT
etag: "630d4835-f47"
expires: Tue, 13 Sep 2022 11:30:22 GMT
cache-control: max-age=1209600
x-host: grn69.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 545276
x-served-by: cache-sjc10075-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404298.258007,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 771ec2cf038214c40ed54dc7d0ce7e4c
20b2a198541e596346f26f9e15d51488bb76608b
33269d6ddede29e1043070cb0ee0f3034f154ce264970994fe071c092fa8b675
GET /css/social-icons.css?buildtime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 22 Aug 2022 20:43:15 GMT
etag: W/"6303ea63-3319"
expires: Tue, 06 Sep 2022 11:05:17 GMT
cache-control: max-age=1209600
x-host: blu115.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 1151581
x-served-by: cache-sjc10034-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662404298.274220,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
151.101.85.46200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158975 bytes)
Hash c29a5e4fd4ee0d3b7cd0597f2b9b602b
bb134ed641467954f4a724167dc7ea56a03e7fa8
bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
Analyzer Verdict Alert fortinet Malware
GET /js/site/main-customer-accounts-site.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 23:32:06 GMT
etag: "630957f6-8250f"
expires: Mon, 12 Sep 2022 12:37:57 GMT
cache-control: max-age=1209600
x-host: blu121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 627620
x-served-by: cache-sjc10072-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404298.249709,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158975
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1654648342
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 30 Aug 2022 19:50:18 GMT
etag: W/"630e69fa-347ac"
expires: Wed, 14 Sep 2022 10:32:15 GMT
cache-control: max-age=1209600
x-host: grn81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 462362
x-served-by: cache-sjc10041-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-timer: S1662404298.253156,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
151.101.85.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
IP 151.101.85.46:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash 40ee71f2f2de93b9561845efa9a0cbbc
13451e3fb165d1ad524d9863d8344eab4a2fe353
41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
GET /js/lang/en/stl.js?buildTime=1654648342& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:42:23 GMT
etag: "6303ea2f-2c44e"
expires: Tue, 06 Sep 2022 08:13:58 GMT
cache-control: max-age=1209600
x-host: blu127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 1161859
x-served-by: cache-sjc10024-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1662404298.255433,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2
www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
199.34.228.77200 OK 1.6 kB URL HTTP/1.1 www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
IP 199.34.228.77:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu24.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
143.204.55.3200 OK 3 B URL HTTP/2 cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
IP 143.204.55.3:0
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /Xy0yMDMyODkzNDEx/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Mon, 05 Sep 2022 18:58:18 GMT
cache-control: public, max-age=60
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qSGf46b6wIZDuFTKGWmTryrcMHbkEtu38fz9hAcYtjKssgcW06avrQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
199.34.228.77200 OK 16 kB URL HTTP/1.1 www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- C source, ASCII text, with very long lines (14060)
Hash 8213569fa2d51a0bc22accceca61ee37
45e58c79e3670c3aab3484edac6e9496be43174d
145db81c3620213bbaa73d4f76cbbc6d47ada107470a31bd177f154649a1fbc5
GET /gdpr/gdprscript.js?buildTime=1654648342 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:18 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Mon, 19-Sep-2022 18:58:18 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: blu75.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 01c1413890cccd52afe1b86e98f1cab3
21e01aa8965715ddb31b77665b8464c6efd69fdf
d8f2c896e3f58f9e983f78d8442a3fd9b4ad008609d35df4dce3bf948a4fb087
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3789
Cache-Control: max-age=149388
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Etag: "6315dc89-1d7"
Expires: Wed, 07 Sep 2022 12:28:06 GMT
Last-Modified: Mon, 05 Sep 2022 11:24:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.ppmglobalservices.com/files/main_style.css?1654696781
199.34.228.77200 OK 6.9 kB URL HTTP/1.1 www.ppmglobalservices.com/files/main_style.css?1654696781
IP 199.34.228.77:0
File type ASCII text, with very long lines (670)
Hash e4333c0d0354cf8337361d5623a74f91
69df16aea4b5d805728fe8c7ed06839c2f404b30
f24ed6a1266ef1241adb9409197b0098ec5fd76f7f06dc284affce19fdaf61eb
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn127.sf2p.intern.weebly.net
Content-Encoding: gzip
www.ppmglobalservices.com/files/theme/custom.js?1556830109
199.34.228.77200 OK 1.8 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/custom.js?1556830109
IP 199.34.228.77:0
Hash 697c59e01098eb0a4ecc5d2eeec52ede
e6ef89da323e2024eaeb9933b93e61a33217629a
6324c79976a9864103265af761c905bc8cdfdb7e631c71dc65eb838e82efd013
GET /files/theme/custom.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 28 Sep 2021 18:36:32 GMT
x-rgw-object-type: Normal
ETag: W/"d5fb588a458645eb36265e3581aceea6"
x-amz-request-id: tx000000000000001fed945-006284c525-b9fbc63-sfo1
X-Storage-Bucket: z7c94
X-Storage-Object: 7c94a9bdc62c584903702204b6ff060018717512c0eae82d0937ba0ee0092d94
X-Host: grn84.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16837
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 18:58:18 GMT
Connection: keep-alive
cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
151.101.85.46200 OK 503 B URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
IP 151.101.85.46:0
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
GET /js/site/main.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-74804"
expires: Tue, 06 Sep 2022 08:16:12 GMT
cache-control: max-age=1209600
x-host: blu49.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:18 GMT
age: 1161726
x-served-by: cache-sjc10051-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404298.251363,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
142.250.74.10200 OK 763 B URL HTTP/2 fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
IP 142.250.74.10:0
Hash ff8f7194aee0aa4627be6ddf746ce19e
d62e1e7ff290b3140eee366201a5cfd7fc61fc37
7fcc51663aeb6ab5dce06e2bf904bcf487d02faddc15d97412a4175f626af95e
GET /css?family=Actor&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:18 GMT
date: Mon, 05 Sep 2022 18:58:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.driftt.com/include/1662404400000/37carub7tx2z.js
54.230.111.73200 OK 61 kB URL HTTP/2 js.driftt.com/include/1662404400000/37carub7tx2z.js
IP 54.230.111.73:0
Hash 47a5e1b161ea8b5f9be272d7e373e4c0
d29b62993c5c0a976c7f03f3f180646ab2872cdf
d9c963a6f715ce444a8fda258c9e90d4da7d37686098e35a66fb279b99bcc82c
GET /include/1662404400000/37carub7tx2z.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 18:58:18 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:54 GMT
etag: W/"bc71b7869279b01fc51fdc51af940b5e"
x-amz-server-side-encryption: AES256
x-amz-version-id: U0sriocF4WN07Hm2ZGmHfXq6eJt2Gqm6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ti0MhCO7tCoxH-ezmWfiTcrBFCJTA2LzVj3A27Zd7qv60pQFo-aB4Q==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 76127
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f8268290f1ea715075ad0a284b25d64
9ff2e712b38d6a0d8600fd434e20b4a4cf6f34a3
598c60ad7b0c786955e44bf2cc58a30610ee31350d1ca5abfd8592e92f0c65e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598C60AD7B0C786955E44BF2CC58A30610EE31350D1CA5ABFD8592E92F0C65E4"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1734
Expires: Mon, 05 Sep 2022 19:27:12 GMT
Date: Mon, 05 Sep 2022 18:58:18 GMT
Connection: keep-alive
www.ppmglobalservices.com/files/theme/plugins.js?1556830109
199.34.228.77200 OK 20 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/plugins.js?1556830109
IP 199.34.228.77:0
Hash f949d0652f86cf688f158f57e45c8d88
f9634dc2aa2678f26708aefd82420a8aff002c92
3f3fb2fcdd039d7376833076b04ae214e0bb469fbf2f6ac9e40140ad0b6221f3
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/plugins.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Apr 2020 15:10:21 GMT
x-rgw-object-type: Normal
ETag: W/"1c8a26f413525e51e0716d20f48b9146"
x-amz-request-id: tx000000000000001b754d9-0062848410-b9fbc77-sfo1
X-Storage-Bucket: z04a6
X-Storage-Object: 04a6442538bbcd643a22e79a05200ea073ee4d8efb5bcae54ffb5d6303bb1385
X-Host: blu134.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16837
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 18:58:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:47:54 GMT
age: 76224
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 75807
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 3122
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 15605
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_191.jpg
199.34.228.77200 OK 10 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_191.jpg
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 295x250, components 3\012- data
Hash 79dbe8a7ea6050df91f3a1fb8388f1fe
6b3a43b69d735f79018abb97c63ac18ba8b50ac9
8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
GET /uploads/1/2/5/4/125436625/primavera-p6-software-box_191.jpg HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: image/jpeg
Content-Length: 10059
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2019 22:07:34 GMT
x-rgw-object-type: Normal
ETag: "79dbe8a7ea6050df91f3a1fb8388f1fe"
x-amz-request-id: tx0000000000000183877c5-0062a7330f-b9fbc7f-sfo1
X-Storage-Bucket: z8964
X-Storage-Object: 8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 382778
x-served-by: cache-sjc10034-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3832
x-timer: S1662404299.088021,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 429851
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 524878
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:47:56 GMT
expires: Thu, 31 Aug 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 429023
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
199.34.228.77200 OK 27 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
IP 199.34.228.77:0
File type PNG image data, 335 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 84061e75ebc0607aacb6389a927a3a9f
a59e9eaaaafe091174d1d608942cf42f0fdb1d4d
859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: image/png
Content-Length: 26655
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 00:53:02 GMT
x-rgw-object-type: Normal
ETag: "84061e75ebc0607aacb6389a927a3a9f"
x-amz-request-id: tx000000000000010c08269-0062da23e6-bfe27ea-sfo1
X-Storage-Bucket: z859e
X-Storage-Object: 859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 524878
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:51:08 GMT
expires: Thu, 31 Aug 2023 19:51:08 GMT
cache-control: public, max-age=31536000
age: 428831
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 429851
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.powr.io/powr.js
172.67.5.146200 OK 39 kB IP 172.67.5.146:0
File type HTML document, ASCII text, with very long lines (15830), with no line terminators
Hash 7cd9bf3f8453dfb7aaaae7a2086c96bb
1ff9ce4846f26b77e1617c0641d74fdf9e2305f2
2de0cdc5e91f0427a8d4f6f48b93b768efc794e77127f99680e7df2c551a9180
GET /powr.js HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:18 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Mon, 04 Sep 2023 21:21:24 GMT
last-modified: Sun, 04 Sep 2022 21:21:17 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
age: 35295
server: cloudflare
cf-ray: 7461320fb89eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6875
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6875
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6875
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Last-Modified: Mon, 05 Sep 2022 17:30:37 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
151.101.85.229200 OK 33 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (32047)
Hash 63e182df0883a4702e8db066451bdba0
993f0816fd2c8286c0f59df00e2697d6f7ad25cb
b9c375a13d4fa1e14ba88460ddb93ac9d380e77965cceb203145127f6ea82961
GET /npm/jquery@1.11.2/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"176de-sz7jtCuYju+dTWJJW25U4j3WQv0"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 5419955
x-served-by: cache-fra19169-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 33348
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Last-Modified: Mon, 05 Sep 2022 17:30:37 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash b6787e2e11faff133f1ae1b6e64be5b5
ce2d5949fc5a9cddf7591ef24a860ead9adfe1d3
338551f1a4263f230d312873b28bcaebfb81522ee0e213f2a7d6beb5d067f592
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2D5F5903CB4CC9F18EF62860546DAAA8F1E66B5A"
Expires: Tue, 06 Sep 2022 05:00:00 GMT
Last-Modified: Mon, 05 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2685
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746132181d19fabc-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c5c1be3dcf198cf8cf8b5aff7455c969
3fca07a92ffdef09fd7ac0ca66bf742a821471dd
d6bea86a955037c59258788bd0cc4dd65d2b52c963aed995a7ae695293527490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:19 GMT
Last-Modified: Mon, 05 Sep 2022 17:13:43 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: x94xQ1iNWtec_68IXbi1BbJgmJuip84DDeu4mrlsrtkWriyPhgh0Uw==
Age: 6277
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
104.18.23.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7848379
accept-ranges: bytes
server: cloudflare
cf-ray: 74613218adf41c0a-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
104.18.23.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7850985
accept-ranges: bytes
server: cloudflare
cf-ray: 74613218bdfa1c0a-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
104.18.23.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 140373
accept-ranges: bytes
server: cloudflare
cf-ray: 74613218bdf81c0a-OSL
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_168.png
199.34.228.77200 OK 87 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_168.png
IP 199.34.228.77:0
File type PNG image data, 424 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 17de0aaa49b5cbef16f6f40a8b17992f
d5e327ea3e3bb62ecf2f7e79170091065cd9015b
6427b92e20d8457173385632269ef817460b1249843454c9172983b698948c56
GET /uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_168.png HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: image/png
Content-Length: 86741
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 16:36:02 GMT
x-rgw-object-type: Normal
ETag: "17de0aaa49b5cbef16f6f40a8b17992f"
x-amz-request-id: tx000000000000001cd376b-00628492db-b9fbc64-sfo1
X-Storage-Bucket: z6427
X-Storage-Object: 6427b92e20d8457173385632269ef817460b1249843454c9172983b698948c56
X-Host: blu27.sf2p.intern.weebly.net
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
34.120.237.76200 OK 37 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP 34.120.237.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 76370
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mas-d.mautic.net/mtc.js
104.197.196.164404 Not Found 37 kB IP 104.197.196.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-d.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
mas-e.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-e.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
mas-a.mautic.net/mtc.js
104.197.196.164404 Not Found 37 kB IP 104.197.196.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-a.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 67c9019264924ecf97a5567289c014ad
0699df1c84a5eb45a01961d67e024fbea5d0c7aa
6a6c9b6ec366d2320d008d32898c02fbd0abfd97bb9632ca982f05d4b8eb7e07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:19 GMT
Last-Modified: Mon, 05 Sep 2022 17:09:41 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kW-yIXhjJHxZsC2HEXrZFNRGAI0vkTHQN8wFeUDYm22hecbz5c34oQ==
Age: 6518
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 67c9019264924ecf97a5567289c014ad
0699df1c84a5eb45a01961d67e024fbea5d0c7aa
6a6c9b6ec366d2320d008d32898c02fbd0abfd97bb9632ca982f05d4b8eb7e07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:19 GMT
Last-Modified: Mon, 05 Sep 2022 18:48:33 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NKYBDC6JBdrqohMRqOB_XTEZnJDgdS8_cba9tkpC-wcdP1Dv38OaIQ==
Age: 586
js-agent.newrelic.com/nr-1184.min.js
151.101.86.137200 OK 11 kB URL HTTP/2 js-agent.newrelic.com/nr-1184.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (27995), with no line terminators
Hash 43e0aec0456ae54841a52fe989abb1ec
d9e080d86beada72e9e42092bede868db3d4aee4
9d7ecd792af230cea192e0786491921415d809686321da7414b3df85d875de07
GET /nr-1184.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vlrWWMMcD6PaK/7pcEzhUYxgoEeM4G4LZ2WMo+rqGou4ZJrl4nmrnnynZYC7VcboXQFypj4DwM4=
x-amz-request-id: NH2XE4MW0QPBT68H
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
etag: "3d7f312be60d08a2568e311e4762f3af"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 23
x-timer: S1662404300.871048,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10624
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
104.21.26.9200 OK 139 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
IP 104.21.26.9:0
File type ASCII text, with very long lines (3731)
Size 139 kB (138749 bytes)
Hash e344b50dcb6ecc1e5189757fd204dc13
66079aa8dfa336461f4e81f311349452c546d690
7c64840b5b8431241660baf70786bd9d75d6890a122d916736ffe0c28790f965
GET /latest/assets/packs/apps/popup-f33e99cf847514d727de.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=851396
etag: W/"ee82673a7e322032869f0ffc2fc04181"
last-modified: Thu, 01 Sep 2022 03:58:38 GMT
x-amz-id-2: LoDyI4+1h+Zasn7aJKIHIbMFZzo5XfzA7+BwoNRoQV72B4Ej1CoYi+/sqz5RcjObmudbGFB7aps=
x-amz-request-id: HGVP722SCYBSMERS
x-amz-version-id: YrU1NsHh6T9wJQiLY2b7sIlGTYfAz08U
cache-control: max-age=2073600
cf-cache-status: HIT
age: 1725
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwWqD3EPScW%2BZXaxes7PNhg5oE2o4w7nWy%2BD92nVd9HZCzzyeYqPvx7dxFgPvyuqAKZDsVeiTRS3P5TYOMMOxFq1Q5icOtOuT%2F7WusBvVFymY2g0gl5w9kq3WmXmXbp91yBrW4I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74613217892ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
52.218.251.8200 OK 29 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
IP 52.218.251.8:0
File type ASCII text, with very long lines (29064), with CRLF line terminators
Hash ae6d979a31685f90477e03632901e631
e5a80a3bb85cd6270be8bc911fe2ed8ebd69ee15
22d013ecb7e47b184912813886f791a5301d9af0d4877ac60702eef093afdd0c
GET /jsstore/a/G5QHN4M/ge.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: h/VkaAxvlM240wmeflapy9T+aHzaMKL9/8P14x05UqpkxlICNcFYygO7u49j4SBgRlG1lLHPrAQ=
x-amz-request-id: WWCTZNVG8FC52BCH
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Fri, 25 Mar 2022 15:32:11 GMT
ETag: "ae6d979a31685f90477e03632901e631"
Cache-Control: max-age=2592000
Expires: Sun, 24 Apr 2022 15:32:09 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 29066
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ppmglobalservices.com/
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css
104.21.26.9200 OK 45 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css
IP 104.21.26.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f1571f8e864e85f46aacd56535ff138e
36324122960be7ec3560c65ca7fb4c8d217f8dea
60b559298c3c8069aabc7a63fc646b874b9b9430c4f2165172945dd15c1f5d53
GET /latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=609722
etag: W/"54c182ec679dc8155d25a158016e0b18"
last-modified: Thu, 01 Sep 2022 03:58:42 GMT
x-amz-id-2: DHtC7Pi2S/Roz0SrmSMCeG8qBEJSG5asaIBFAjI5rScInwPhNwGHifYdeEQU0SGfTNDGrRf1uBc=
x-amz-request-id: HGVP9PM4NVTE88H2
x-amz-version-id: 2KlFZD36h2q_8WbPli9gZD.eoBMjGIKn
cache-control: max-age=2073600
cf-cache-status: HIT
age: 953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt4YOMd92jCrBzyBqrE2Ho7uAE2FOEQ%2F24NDkZE1L603EVXA%2FAEVFI5T7yptrWVQrCsPJL7mH9qYtj2DIlzdhjT%2BbxIxXi%2BC6sv%2ByMKrNn2FpnS%2F6LEdlupHSJMji%2BlNb4C%2BBbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74613217a96cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 05 Sep 2022 18:29:20 GMT
expires: Mon, 05 Sep 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 1739
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
143.204.55.84200 OK 21 kB URL HTTP/1.1 s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
IP 143.204.55.84:0
File type ASCII text, with very long lines (1326)
Hash a1001b6f1d52c9b98902cc4e3c6f454a
6b3e26892166fffc9445b6206e7bc7ea36d17310
81ed1df3323988484f2be04bcdf51010d29b5e979373ebce52260a2299d66c4e
GET /j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 00:04:40 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: BO35H.j5UyLmfwmrnHzMwjE44N4YPw1U
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"c757176a58c6cb73028a1918d4f6e6ef"
Vary: Accept-Encoding
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
Age: 3103
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jkZfGgYK0q-V2k_uU2Ohhtp8S9aMsiSZGNvQG1J-xwAyUUwP5IRaKw==
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ogkeNt7Fc99PfgJoPz/cB40zRreSSXieb91cbvvryo73j8r+3QsJ2VcrGfnSGxDvhbJtGZLjfBvX5ZncfSyPIA==
content-length: 26752
x-fb-trip-id: 2074150462
date: Mon, 05 Sep 2022 18:58:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf51bdfb16bdf350ab7d75aba05a89ee
765e8b75adfc0bfc79273e15a7de6e704fc2287b
ecb5504729df55b9b058f8315c5a0a5bd6c3005aeb05980bb79d20cf0315530a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3472
Cache-Control: max-age=166344
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Etag: "63162004-1d7"
Expires: Wed, 07 Sep 2022 17:10:44 GMT
Last-Modified: Mon, 05 Sep 2022 16:12:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=572&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=267&fe=464&dc=456&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404294603,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:7,%22rp%22:23,%22rpe%22:25,%22dl%22:53,%22di%22:424,%22ds%22:431,%22de%22:456,%22dc%22:463,%22l%22:463,%22le%22:465%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=572&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=267&fe=464&dc=456&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404294603,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:7,%22rp%22:23,%22rpe%22:25,%22dl%22:53,%22di%22:424,%22ds%22:431,%22de%22:456,%22dc%22:463,%22l%22:463,%22le%22:465%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=572&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=267&fe=464&dc=456&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404294603,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:7,%22rp%22:23,%22rpe%22:25,%22dl%22:53,%22di%22:424,%22ds%22:431,%22de%22:456,%22dc%22:463,%22l%22:463,%22le%22:465%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461321a8acd0b31-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=b04755aeca6201cb; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
13.110.69.154200 OK 14 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
IP 13.110.69.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6807), with CRLF, LF line terminators
Hash 82a399a399441aab45a223bdf1337e69
d575f28efb4db8175f64e93f0476ed04211f6fc5
e77c1a3050ef98ded421e0a27a1c05ccedfde4e2b83a3a3debdb32efef86a320
GET /EventPage?eventId=a0V4z00000NKfdT HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:19 GMT
Set-Cookie: CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:19 GMT; Max-Age=31536000
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:19 GMT; Max-Age=31536000
BrowserId=tTsl3S1MEe2Wkm-ll5ZKHQ; domain=.force.com; path=/; expires=Tue, 05-Sep-2023 18:58:19 GMT; Max-Age=31536000
BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ; domain=.force.com; path=/; expires=Tue, 05-Sep-2023 18:58:19 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=600
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Mon, 05 Sep 2022 19:08:20 GMT
Last-Modified: Mon, 05 Sep 2022 18:58:20 GMT
origin-trial: AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.ppmglobalservices.com/favicon.ico
199.34.228.77200 OK 4.3 kB URL HTTP/1.1 www.ppmglobalservices.com/favicon.ico
IP 199.34.228.77:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8171617226e7143f20fd955660f1f4f4
96e7d9549d571c0eeb8af1f4186f277ac8d7492c
1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
GET /favicon.ico HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:20 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 18:52:04 GMT
x-rgw-object-type: Normal
ETag: "8171617226e7143f20fd955660f1f4f4"
x-amz-request-id: tx0000000000000020513e1-006284cba1-b9fbc63-sfo1
X-Storage-Bucket: z1a41
X-Storage-Object: 1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
X-Host: grn32.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1873
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=30157be2-b79d-49e8-8377-e10a2511d739; Expires=Tue, 05 Sep 2023 18:58:20 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
143.204.55.84302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
IP 143.204.55.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Mon, 05 Sep 2022 02:04:53 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
Age: 60806
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DYjT_Jod5BxrwmFxwUJBwD1W72m4r1a3dk3OwJE--k0pxg-o0aQ8nA==
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 230857
expires: Sat, 26 Aug 2023 18:58:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJBrtjGuSM3NBWtJbmGKQ6waXOr0NHc3VnNFRpBrlrYbovAun%2FnXr62xc9PWq%2F7Qf1HHQisl4%2BIFnpTLm9YTkrXcpcWq8%2FUU13%2Fnn87QZhGRiOfWnmahFqCB2Bcn2JMgAsbCXoLM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7461321c0f020afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.adroll.com/j/exp/index.js
143.204.55.84200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.84:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ppmglobalservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:10:45 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 54CR.I9BC9Znk_eUBi_4NwuScKvxGyTv
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 05 Sep 2022 01:31:00 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
Age: 64931
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MIM0Z3B6rW_07nzmayBbm7U6MLEPYXC4RcFOb57Eqrm2g6gIANDGKw==
www.ppmglobalservices.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
199.34.228.77200 OK 2.1 kB URL HTTP/1.1 www.ppmglobalservices.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (2073), with no line terminators
Hash 208fa72a79d9c7345824938ce50bc416
3e72957bc695c5c530f9b9ea420cbada317ddc75
b12513e0dda06ee09de47eff6e3deab5a866d8fcb213f68a8b47c1b6a1deaffa
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn45.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2073
Keep-Alive: timeout=10, max=53
Connection: Keep-Alive
Content-Type: application/json
www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.77200 OK 348 B URL HTTP/1.1 www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
Cookie: language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu30.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
13.110.69.154200 OK 618 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
IP 13.110.69.154:0
File type ASCII text, with very long lines (941)
Hash 69e62cfb5bb10c2d2a0102c93af0e244
64d472e28864096fd2f1657aae04c9a9975033f2
9e55a124b4c87483683e0c8f0d20c603f615a539baf1fea80e337d9d1a56e021
GET /static/111213/js/perf/stub.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:47 GMT
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074273
Content-Length: 618
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 49503a82090eeac40f0e24c940c04010
646727cb0c9b5400b0b778e125db6217a05c4505
91aa4ea3972b490e3c08d010ac96def351dac89c5c2630af3880383223eff835
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:26:06 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BaQEiUOvuFvsBFQcHzVM68m0x4cMRfEMwrimLQT5WrlqGNna_O9WCQ==
Age: 5535
public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
104.21.26.9200 OK 66 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
IP 104.21.26.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash aa11129f3f03f8ca7f133edfc56b4994
a796ec1fbecc0c1e3bd8050968dc87d086d8848b
005d1227065b35d71ed03e9bae9c9938c2fbb2fa7d0a3f849bdbfbbf9d189924
GET /latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=97779
etag: W/"8569d08b93b65be6f73bca7e48e87a62"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: yDCQICvlfw4STe+c4Sag4iLPKh3kOygEEUUGblnTNA+lORCIMMdsOiV8G7dkISpVntFmUJESm/o=
x-amz-request-id: JEXB42GMV33KW9BZ
x-amz-version-id: _R6iCM.mJZnl7dJcxLE_Si6lPTW3nGop
cache-control: max-age=2073600
cf-cache-status: HIT
age: 885
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84d7ZirSwrJzEfW4%2FMG4Ejbbm%2BIDYSR6bOKkrUJ5zKalddUfIYd2bvsRSBN1Ohv%2F%2FfVvIlvANkcXdyKJLGr1bvarINBVJM1qlB%2BPz5CcvxWf0Ur%2BKBpDGIYaTAS2KsIdFSh7Vas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746132178941b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&_s=d3e968a0b4c390a4ba3ae0106b70fe47&_b=2
52.214.10.150200 OK 447 B URL HTTP/2 d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&_s=d3e968a0b4c390a4ba3ae0106b70fe47&_b=2
IP 52.214.10.150:0
File type ASCII text, with very long lines (447), with no line terminators
Hash 90b2c51b9f4e29511a6d089c9fbf7e20
f0cfcb953191ab02557d2abba60e17348844236c
7ae507ac2f10c3bd0efd72c337a941e8b80515e8e0b122614e15d2ce0f073acd
GET /consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&_s=d3e968a0b4c390a4ba3ae0106b70fe47&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: application/javascript
content-length: 447
server: nginx/1.20.0
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
104.21.26.9200 OK 40 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
IP 104.21.26.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash aaebcb327eef6d212b80bdfc75c3e449
75b5a314fa9904403f3a864525ef4d1472a398fc
af665e3b22c5d96a7617e2efd12ccbe8efdf073df5718c6f93648b7671af552a
GET /latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=460092
etag: W/"2cbef8bacb84cdf787933b228259ff66"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: qxS5P9nVRloAMtY1/Std2bGuR4hJhngLzDJZE+ZqrfK6/O7Xzo8eoRGQkMFBcOuzuYC/JNtV1oY=
x-amz-request-id: JEXFR41C22J62QTC
x-amz-version-id: aj8fAoKkazrla.jf97zf5WM0XDyxJjz9
cache-control: max-age=2073600
cf-cache-status: HIT
age: 1361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwoJ4bDCPhBUnp0mwzEDO3tKBO0syl%2BwJ0lS7OgU%2BzdgwYx%2Fu5mUS8gJNiGaKse8b3EFOF18rzH6dk6Sx2SPbU7lMl649fh9M1cUxtSxR2%2B7rQ9ti7a%2FOzscdkn8q96%2FBFFBYqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746132177910b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
104.21.26.9200 OK 262 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
IP 104.21.26.9:0
File type ASCII text, with very long lines (7496)
Size 262 kB (261775 bytes)
Hash 35570acac2b58af6aa4ba2bb34b21b57
1b583bbac647e0878f600eb0d66b0eb33ff41afe
14833a66e9a539940901213719c0fd5c85a8fe769ac0221de96dc0920ab63e31
GET /latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1443415
etag: W/"e822d53e710d360db765376e1873e372"
last-modified: Thu, 01 Sep 2022 03:58:42 GMT
x-amz-id-2: FrjuXVwd1e+9GMZYRdksjgJsn2Et0uAGrKgKRbuNzwZ3DkbPkqSdE4XbJD0Bv334KB7ziN513fo=
x-amz-request-id: JEX3K38M52ZRN61H
x-amz-version-id: VfKcndbtSJ.nMTq7neTviROxPhDVKHZc
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPh4LkIq9c6UZQ576GPyBmAAphbfKxsn%2FXJK2m%2FHY6t9kpCH2bcVi7pBOhz9VfZzl2vSO0faVlwK6kqBEdeImH0dMupqHAM9TbU1aZ90n8jDZyUrrrIiypC7RFcgO6uln1hsV2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74613217994bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
13.110.69.154200 OK 2.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
IP 13.110.69.154:0
File type HTML document, ASCII text
Hash ef6cac8c3704d4267605b4c8780bf312
881b35e9852f35f0e591e177fac5fae964f85ef8
ceed73c693aeb31f9a7c4467cf9b421158ed2e2915d1095d47b0c84ede838554
GET /static/111213/desktop/desktopAjax.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 11:32:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 11:32:43 GMT
Last-Modified: Wed, 25 Jan 2012 20:29:10 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1063537
Content-Length: 2269
training-events-ppmglobal.secure.force.com/resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css
13.110.69.154200 OK 13 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css
IP 13.110.69.154:0
Hash e862500c758b2c913a7b0411554e3db6
455aad6b532ba379840b82f3ecf43727c0a8c6d5
6d14733b40e1da419dc390f57f1f66d2e0467f69de0f93da33e3a31e763bb1be
GET /resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 06:05:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 06:05:59 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 21 Oct 2019 06:01:19 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12642
Age: 1083141
training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
13.110.69.154200 OK 3.2 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
IP 13.110.69.154:0
File type ASCII text, with very long lines (516)
Hash 5d1d12b4967630cb4089b4480aba4de2
1bbe30a962a3d3916ed6ca68203d874cca145b7a
a41fc932f74efb3e85d01e7dbf25360e48185266e4410e81a3de1bfc18deec2b
GET /static/111213/js/picklist4.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:48 GMT
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074272
Content-Length: 3221
training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
13.110.69.154200 OK 1.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
IP 13.110.69.154:0
File type ASCII text, with very long lines (533)
Hash 53524e4c0d4ae578ea646bacc49df12b
2dddf14e84f4e0daa05c451ce146f0a0a1d73eb4
fdee9a8d50bbebb9a2f47c20436ed3ec1b8416855105482d38ae095c9ff5eb79
GET /jslibrary/1647410350238/sfdc/NetworkTracking.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 09:59:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 09:59:46 GMT
Last-Modified: Mon, 22 Aug 2022 20:37:26 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1069114
Content-Length: 1340
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/bundle.css
13.110.69.154200 OK 708 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/bundle.css
IP 13.110.69.154:0
File type ASCII text, with very long lines (2778)
Hash 9082259ec23a283320c94fb030d73240
c69a8d2d88ee8dfc9bd7fc2884690ed31187eb77
6ffb11a620a41cfa53ae9b5d2f2398da5e3454ca77ee491ccebec8c700e68cc5
GET /resource/1561532081000/Eventbrite_Resources/css/bundle.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 12:49:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 12:49:48 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 708
Age: 1058913
kit.fontawesome.com/14579ba48d.js
104.18.22.52200 OK 75 kB URL HTTP/2 kit.fontawesome.com/14579ba48d.js
IP 104.18.22.52:0
File type Unicode text, UTF-8 text, with very long lines (54433)
Hash df00c79d5c1f43ce70c9388a1ca3e96c
0b4e3169fadd083d60cb0f8daaa232bf682ded72
ab58399052fb5507548ad427b6b101592d6574fc9618d097408ef1212941c371
GET /14579ba48d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fuu_NKRKzsFcWtfaTAAi
cf-cache-status: HIT
age: 55
server: cloudflare
cf-ray: 74613217afedb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
13.110.69.154200 OK 64 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
IP 13.110.69.154:0
File type ASCII text, with very long lines (39520)
Hash f8c9603199872560f1dedba99ad42f8f
d9d958813a9db67d5f98d6d37c30392cf5a507b3
a21e92f588f81b64c69838953ed9357ef260c2e2a608b45cb13cf247b1aea1ca
GET /resource/1561532081000/Eventbrite_Resources/css/base_styles.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 12:49:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 12:49:39 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1058921
Content-Length: 64131
www.facebook.com/tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&rl=&if=false&ts=1662404296161&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22meta%3Akeywords%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_191.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_168.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404295360&coo=false&es=automatic&tm=3&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&rl=&if=false&ts=1662404296161&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22meta%3Akeywords%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_191.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_168.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404295360&coo=false&es=automatic&tm=3&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&rl=&if=false&ts=1662404296161&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22meta%3Akeywords%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Adescription%22%3A%222-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20%20December%2015-16%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_191.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_168.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404295360&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Mon, 05 Sep 2022 18:58:20 GMT
expires: Mon, 05 Sep 2022 18:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
13.110.69.154200 OK 233 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
IP 13.110.69.154:0
File type ASCII text, with very long lines (21863)
Size 233 kB (233064 bytes)
Hash 8bc630822d628b108382efd4003363e0
a48754f108027290a303a89fb7c7a21ce5b0ef33
e0b4e1b67bf1fdd517f5d25756133a267daf32e68fcdd6bba9089126b0027935
GET /jslibrary/1646649014238/sfdc/main.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:47 GMT
Last-Modified: Mon, 22 Aug 2022 20:37:28 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074273
Content-Length: 233064
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 18:41:12 GMT
expires: Mon, 05 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 1029
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2dece5feb8b544d6b9cdfc62a9a9664c
6e595402d61c7f3cb5cb52de248baabfd2b4a18f
e2b4e26ae8c716b658d93c656dfd5f31d033f3db1b21cc1540e4e35f574cbbff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:21 GMT
Last-Modified: Mon, 05 Sep 2022 17:59:49 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
js.driftt.com/core/assets/js/39.0cc86423.chunk.js
54.230.111.73200 OK 7.5 kB URL HTTP/2 js.driftt.com/core/assets/js/39.0cc86423.chunk.js
IP 54.230.111.73:0
Hash f3908f9cba79e13cfec63fbc7a5a6364
7ecaf9ff4a3ca7ffc283a1bdd3287585d08f35d8
e46c198d60cdf62216c8c0f3516c30af999aedae710355411782e4fb4a2a960b
GET /core/assets/js/39.0cc86423.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 21 Jul 2022 05:13:08 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
x-amz-server-side-encryption: AES256
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gIa_IX9WVNy3O5e6aiC2rlgW1WvZ56I_0pS7_Kw8hK-_fKTfeJvs6Q==
age: 4023913
X-Firefox-Spdy: h2
pi.pardot.com/pd.js
3.215.172.219200 OK 1.9 kB IP 3.215.172.219:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:21 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Thu, 01 Sep 2022 05:21:46 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Wed, 04 Sep 2024 18:58:21 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
js.driftt.com/core/assets/css/19.c695453b.chunk.css
54.230.111.73200 OK 365 B URL HTTP/2 js.driftt.com/core/assets/css/19.c695453b.chunk.css
IP 54.230.111.73:0
File type ASCII text, with very long lines (365), with no line terminators
Hash 06b2963b029c0824382815165bfea73e
de23fb128e2589cf384603cfbb7f6b7bef969b05
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
GET /core/assets/css/19.c695453b.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 365
date: Sun, 03 Jul 2022 23:15:07 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:53 GMT
etag: "06b2963b029c0824382815165bfea73e"
x-amz-server-side-encryption: AES256
x-amz-version-id: _GKDVm7cwHRbprAEZ8WoHMzXEQGGTOt2
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6OiBYtno3Rub-hVJ9vSW9ZvHm3POcKYIwQWx07u1qTwZa1EYp1-QXQ==
age: 5514194
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash db7dd0fc71363781300876dd29261b7d
0f0d747491a0fa6e517669e5e09f668942895419
759cf7c5629ca0d8153d954089e48a3e900eb198ae1cd04831f2d97f3e947527
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Sep 2022 18:58:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Sep 2022 23:20:24 GMT
Expires: Mon, 05 Sep 2022 23:20:24 GMT
ETag: "0f0d747491a0fa6e517669e5e09f668942895419"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js
54.230.111.73200 OK 20 kB URL HTTP/2 js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (64927), with no line terminators
Hash 593f493512b0f9f065d832ceb08cefcf
93d17ebfd56c84a85e9b465d94b468be5382b588
abf24e1bb5eaa74dd7c20d3156ca4705352acf0d8312c77f3ca05b472d8281a7
GET /core/assets/js/47.f4a0cab7.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 04 Jul 2022 02:17:00 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
x-amz-server-side-encryption: AES256
x-amz-version-id: jctMzIJIR8pxylIIOPc..ieVIdEvFzh3
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oGjlzSr-NdBKH9PrH38vzuBU8ZspQx5Z2MfVHQ0SgMj8qnhP7QtpEg==
age: 5503281
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:43:56 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AS9y8YORoHzgzHMHXMJuXKlNy0_mPIl8bSIOvnDPxWFXHhnezyizDQ==
Age: 4466
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:10:22 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: heA7YCGmI8sHKMPaleD_gQMMnxqz3LJ32CPWwPhzedAoQTBsqqXYwQ==
Age: 6480
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:46:48 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CDfHaCw4-yG_6pX4XLs8SpJptAsw7zrplmVZBJZroQ-o8WgxISRpuw==
Age: 4294
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:43:56 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T9qPtY-iasGrgrbx9_8cjtSt0eZbtpQAdxHLPqn4jEDVExW2Xkhm5w==
Age: 4466
metrics.api.drift.com/monitoring/metrics/widget/init/v2
3.94.218.138200 OK 13 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/widget/init/v2
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /monitoring/metrics/widget/init/v2 HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift6aba529402b844c72443b9d7059
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/18.c13b3a33.chunk.js
54.230.111.73200 OK 40 kB URL HTTP/2 js.driftt.com/core/assets/js/18.c13b3a33.chunk.js
IP 54.230.111.73:0
Hash 8a2637a6ba5ec4f769bd071310154b74
fce7b99ecf99fa4d5dce973140ab3d5407863ba1
919effc61dbfef01b3c2931b06861ad42efd9c4a5eb5e73a447a12be08325269
GET /core/assets/js/18.c13b3a33.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 06 Jul 2022 01:05:58 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
x-amz-server-side-encryption: AES256
x-amz-version-id: pxNOQ93Ry3SgjvjCpTdQZ2Sx3uMbDhCG
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CYtv3oGzVM8qSkSkTjfea0EO4uAxSW2C9suvtIt4c-FpVra1IPrjKQ==
age: 5334743
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/widget/init/v2
3.94.218.138200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/widget/init/v2
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/widget/init/v2 HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Content-Length: 138
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: d63c4136ac5535d9
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 15
server: istio-envoy
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap/ping
3.94.218.138200 OK 147 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap/ping
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a28f2cbe6ba36a782f8e5c7d785fb924
a15136222a4239c808c598fa7d30f88c8b186b50
4162cf94175e84f376e183a8879ec511711ffbf7ccd5cb2621ea01f35102c1c0
POST /widget_bootstrap/ping HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 149
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: be9e3e9763bfd926
vary: Accept-Encoding
content-length: 147
x-envoy-upstream-service-time: 7
server: istio-envoy
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8a6e91f3580ceed46df51c2f3dcced41
58448d9d3b23be670753ad316620526008bfcc86
5df5c41b1be864fa2f630d4eaf9de0922da51428cedec4fdb0734c32e645b1b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:23 GMT
Last-Modified: Mon, 05 Sep 2022 17:22:40 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ooy8T4u9_tRGw44S9_pa1VV_Hqw8YYkb-1GuznIF91uZ4S4dH7y6lg==
Age: 5744
131401-1.chat.api.drift.com/ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjcwLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjcwZAAJdXNlcl90eXBlZAAEbGVhZG4GAECZBA-DAWIAAVGA.eoLzAboawseLQua5yRYQj_-RH4Mihi4Kzby9mDF6yAE&remote_ip=18.232.245.220&vsn=2.0.0
3.230.7.189101 Switching Protocols 0 B URL HTTP/1.1 131401-1.chat.api.drift.com/ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjcwLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjcwZAAJdXNlcl90eXBlZAAEbGVhZG4GAECZBA-DAWIAAVGA.eoLzAboawseLQua5yRYQj_-RH4Mihi4Kzby9mDF6yAE&remote_ip=18.232.245.220&vsn=2.0.0
IP 3.230.7.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjcwLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjcwZAAJdXNlcl90eXBlZAAEbGVhZG4GAECZBA-DAWIAAVGA.eoLzAboawseLQua5yRYQj_-RH4Mihi4Kzby9mDF6yAE&remote_ip=18.232.245.220&vsn=2.0.0 HTTP/1.1
Host: 131401-1.chat.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://js.driftt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: REj9JF7gw2GCX4/ln5Q35Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 05 Sep 2022 18:58:23 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: v5GIyIt9BqBxe3LRywmHK7HL9mE=
server: Cowboy
upgrade: websocket
event.api.drift.com/track
3.94.218.138200 OK 13 B URL HTTP/2 event.api.drift.com/track
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /track HTTP/1.1
Host: event.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift4a769384c3b9b5a141dbacc7c67
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
targeting.api.drift.com/targeting/evaluate_with_log
3.94.218.138200 OK 13 B URL HTTP/2 targeting.api.drift.com/targeting/evaluate_with_log
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /targeting/evaluate_with_log HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift149e17a447db0f506a6bb9de78b
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
event.api.drift.com/track
3.94.218.138200 OK 651 B URL HTTP/2 event.api.drift.com/track
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with very long lines (651), with no line terminators
Hash e7fafd35669e7b622a2a9fd99f52f553
f567d09ecd4e1d337dd5e9a4c2228673fea9b74d
317553b065d2f234eada3e8fe5e74df9b71a3c47aa951379e41fe0ccb8cf10d7
POST /track HTTP/1.1
Host: event.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI3MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.8Dza0SSsVOEl6C1mSnbFgHl0sFhPas7HghlGh27zE3tj1oiqURPoXFMQbHtcRqebjPtzNaAIGKklYmImjuVUTQ
Content-Length: 496
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: db4eb8c629fda2e7
content-length: 651
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
targeting.api.drift.com/targeting/evaluate_with_log
3.94.218.138200 OK 341 B URL HTTP/2 targeting.api.drift.com/targeting/evaluate_with_log
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with very long lines (774), with no line terminators
Hash 7872c14df0fafb56775fc4f437c495cb
14523d58a69b331257a9379b5e67781a306c65f7
0f0ed45298a047dde728ab08aea9af0e158fc723fc94bc571c605a2d6f37d98b
POST /targeting/evaluate_with_log HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI3MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.8Dza0SSsVOEl6C1mSnbFgHl0sFhPas7HghlGh27zE3tj1oiqURPoXFMQbHtcRqebjPtzNaAIGKklYmImjuVUTQ
Content-Length: 797
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 12b8a33cd8299280
vary: Accept-Encoding
content-encoding: gzip
content-length: 341
x-envoy-upstream-service-time: 2
server: istio-envoy
X-Firefox-Spdy: h2
flow.api.drift.com/flows/render_initial_v3
3.94.218.138200 OK 13 B URL HTTP/2 flow.api.drift.com/flows/render_initial_v3
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /flows/render_initial_v3 HTTP/1.1
Host: flow.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftff987db4a58b862bc9334803c8c
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI3MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI3MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBDmQQPgwE.8yIe2ZjEqYR68Cd2Aed0SSsupPDcJJLuq7xdm9qylTE&remote_ip=18.232.245.220&vsn=2.0.0
52.0.218.127101 Switching Protocols 0 B URL HTTP/1.1 presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI3MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI3MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBDmQQPgwE.8yIe2ZjEqYR68Cd2Aed0SSsupPDcJJLuq7xdm9qylTE&remote_ip=18.232.245.220&vsn=2.0.0
IP 52.0.218.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI3MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI3MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBDmQQPgwE.8yIe2ZjEqYR68Cd2Aed0SSsupPDcJJLuq7xdm9qylTE&remote_ip=18.232.245.220&vsn=2.0.0 HTTP/1.1
Host: presence.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://js.driftt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t6/6x+Sm4LFrrHYYzkvCFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Mon, 05 Sep 2022 18:58:23 GMT
sec-websocket-accept: N9mqph9tqSzecOurwZc6vyF0BoU=
server: Cowboy
upgrade: websocket
js.driftt.com/core/assets/js/45.772158c8.chunk.js
54.230.111.73200 OK 36 kB URL HTTP/2 js.driftt.com/core/assets/js/45.772158c8.chunk.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2cda56cbac7b4572bc8f2b45ebc7be17
a7c3a7f4b174d003d03a9b3116591a08af865802
e057b1be8265bf94bd3ed4e2cdd9f39bcfd1ae04ae1d037dc4fac0dbd42b19aa
GET /core/assets/js/45.772158c8.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 13 Jun 2022 06:43:42 GMT
server: nginx
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
x-amz-server-side-encryption: AES256
x-amz-version-id: aEgB7rZxvs_rhrc47mnGdmzprDAsXGNL
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zcl5FeSWv-xmVHrszEGsfQV2ubRq2jfSmQp_9PrDFkS-xwatXW6ZHw==
age: 7301679
X-Firefox-Spdy: h2
driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
151.101.86.208200 OK 65 kB URL HTTP/2 driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
IP 151.101.86.208:0
File type gzip compressed data, max compression\012- data
Hash 422e8eb57bb1521c5548c7658edb20b7
2517abb75832e178323cb635765d947b9bbeeb2b
09b630aecc6923f00d4cdb11593eea91c7dc79a5e555af88b1836ddd66fbef16
GET /https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8 HTTP/1.1
Host: driftt.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 14:21:40 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: 89f6c7e85cd8aa2afb3d0448fca046c3f9d74d84
date: Mon, 05 Sep 2022 18:58:24 GMT
age: 3559004
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10070-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
content-length: 64323
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/41.e483d03f.chunk.css
54.230.111.73200 OK 900 B URL HTTP/2 js.driftt.com/core/assets/css/41.e483d03f.chunk.css
IP 54.230.111.73:0
File type ASCII text, with very long lines (900), with no line terminators
Hash 0bd11a8facc0a9d41713c64ed1ba1289
23d92b5b9138666f5c33517d53451a6e2e8ec30a
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
GET /core/assets/css/41.e483d03f.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 900
date: Thu, 09 Jun 2022 19:59:53 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
x-amz-server-side-encryption: AES256
x-amz-version-id: mwravLhifH3zWz1LqFO8ki0npGazXQGv
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jwdteoMj8NbJDUxMLVi1WQ5ASBmZVNLmeu1OxJETLDG55Vl2EqRDAQ==
age: 7599511
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/41.c2d27989.chunk.js
54.230.111.73200 OK 303 B URL HTTP/2 js.driftt.com/core/assets/js/41.c2d27989.chunk.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (303), with no line terminators
Hash 46fb25b61455826d8b73185de5673b04
d15a3a86f02f00138438a94e617081380cd58ac1
70164ba4c1b7194f4cc46e423aa055d29e3d927b7e9abe6fecd156dd0270da76
GET /core/assets/js/41.c2d27989.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 303
date: Sun, 12 Jun 2022 06:13:20 GMT
server: nginx
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
etag: "46fb25b61455826d8b73185de5673b04"
x-amz-server-side-encryption: AES256
x-amz-version-id: 21f0wwUZtQS7fqJj7nCeaBcMtRG8zF2Z
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NXBRGHodKU4m5S6QZ5uZ2wmu4sA87SowOgOJ1iZgGDB-HPsxJ0DqQQ==
age: 7389904
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
3.94.218.138200 OK 13 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift15c48134369b2cf8908ea055dfa
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/4.3b34b074.chunk.js
54.230.111.73200 OK 158 B URL HTTP/2 js.driftt.com/conductor/assets/4.3b34b074.chunk.js
IP 54.230.111.73:0
File type ASCII text, with no line terminators
Hash 04cb478629934587f65fb92a62238885
4521636fa7b2b5bcfcedaddcf104519ed0629a60
574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e
GET /conductor/assets/4.3b34b074.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 158
date: Thu, 09 Jun 2022 20:00:04 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:21 GMT
etag: "04cb478629934587f65fb92a62238885"
x-amz-server-side-encryption: AES256
x-amz-version-id: nQFxs7iBS66EIffXR7YCiFHZOMBxbEWK
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i_5mG9KR10Iy79KdluSmDJvbRAD8X1b0OoZohNniA4I56Uo5g_m7gg==
age: 7599500
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
3.94.218.138204 No Content 0 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 3.94.218.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI3MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.8Dza0SSsVOEl6C1mSnbFgHl0sFhPas7HghlGh27zE3tj1oiqURPoXFMQbHtcRqebjPtzNaAIGKklYmImjuVUTQ
Content-Length: 685
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 6354b4ee2d85f46f
x-envoy-upstream-service-time: 11
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
54.230.111.73206 Partial Content 7.8 kB URL HTTP/2 js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
IP 54.230.111.73:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 5f7c6014cf73831f91963a668b71fbb9
c49eafebb17d0ae937eaa47e8f81392a8e271b69
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
GET /conductor/assets/media/notification.5f7c6014.mp3 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 7755
date: Fri, 20 May 2022 04:40:28 GMT
server: nginx
last-modified: Wed, 18 May 2022 17:52:15 GMT
etag: "5f7c6014cf73831f91963a668b71fbb9"
x-amz-server-side-encryption: AES256
x-amz-version-id: wV32vUIfShKu7wTOM.13Fb46XZ95E34K
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-range: bytes 0-7754/7755
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9QY9yMcU6EcVPiWeS-kKyPv2phNzvL3XAds9prDkxNf3u6cW18moCA==
age: 9382676
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
3.94.218.138200 OK 13 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:25 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftff35efe4bd5a4f92085ccc9e389
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
3.94.218.138200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI3MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.8Dza0SSsVOEl6C1mSnbFgHl0sFhPas7HghlGh27zE3tj1oiqURPoXFMQbHtcRqebjPtzNaAIGKklYmImjuVUTQ
Content-Length: 725
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:25 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 57fea1e96528559f
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 14
server: istio-envoy
X-Firefox-Spdy: h2
www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
172.67.5.146200 OK 0 B URL HTTP/2 www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
IP 172.67.5.146:0
GET /exit-popup/u/weebly_exit-popup_409384088895357867 HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/html; charset=utf-8
link: <https://public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js>; rel=preload; as=script; nopush
cache-control: max-age=1800, public
vary: Accept-Encoding
x-request-id: 928a20cb-e108-4e9a-acdd-416b37da1ccf
x-runtime: 0.045986
via: 1.1 vegur
cf-cache-status: HIT
age: 5616
server: cloudflare
cf-ray: 74613216dc5fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:18 GMT
date: Mon, 05 Sep 2022 18:58:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.powr.io/cached/30868889.json
172.67.5.146404 Not Found 0 B URL HTTP/2 www.powr.io/cached/30868889.json
IP 172.67.5.146:0
GET /cached/30868889.json HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: iFOFU21aev1xmOBMySAjLdqjD8Ors28OGAfwAEk1yNDZ7dT69EmG0L42_vshVBp69LO9qbTrKuLV2miytYTccA
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: application/json
cache-control: max-age=300, public
vary: Accept-Encoding
x-request-id: 1fe14506-4056-46eb-a25d-c1fd949a50bf
x-runtime: 0.020703
via: 1.1 vegur
cf-cache-status: HIT
age: 5615
server: cloudflare
cf-ray: 74613219bae6b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css
IP 54.230.111.73:0
GET /core/assets/css/34.11d2b6a7.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sat, 02 Jul 2022 23:19:59 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:54 GMT
etag: W/"87532c4db85f1429fa6d759bc3332f36"
x-amz-server-side-encryption: AES256
x-amz-version-id: _3ypchvV2Y1htZw1RZMu3A33yhTTURn1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uOpsyquMoNZgvj2ugFS2Dea-zNyCPECXWATVxhm7Bd7LkUPbENFVew==
age: 5600303
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap
3.94.218.138200 OK 0 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap
IP 3.94.218.138:0
POST /widget_bootstrap HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 584
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 9a7158393ef5927
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 290
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/13.3e86f1f6.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 03 Aug 2022 20:28:27 GMT
server: nginx
last-modified: Wed, 03 Aug 2022 20:13:17 GMT
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
x-amz-server-side-encryption: AES256
x-amz-version-id: p9hPb_BoaQT.rfo1ve74yYgdVe7_JTph
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y9ff6qwFB9EFz3u-U38QbVYKIGXsaxtFokab3zfF5KKy5nZGxBA-bA==
age: 2845794
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/16.fde6fa28.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 21 Jul 2022 03:22:54 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
etag: W/"90795af8c950a50300cf801b300db7ab"
x-amz-server-side-encryption: AES256
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V5lugBOskuaBtUGB1gDJW3SUdRNVJM7Q9UiGr5KFc5LIyRg4bKU0og==
age: 4030527
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/28.ed383893.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/28.ed383893.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/28.ed383893.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 12 Jul 2022 08:05:31 GMT
server: nginx
last-modified: Mon, 11 Jul 2022 14:16:17 GMT
etag: W/"910117b3f0a0501f693606963bfe4daf"
x-amz-server-side-encryption: AES256
x-amz-version-id: AvxSunSgeBTQzaCE.4f6vvhlOyihsj6Q
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9o917nh5c0Ip6yUOSg_5OTXhmXgcexYn0vx3RwhRd_2K0eGfGh_Ffg==
age: 4791170
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/52.b6e19470.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/52.b6e19470.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/52.b6e19470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 15 Aug 2022 14:58:15 GMT
server: nginx
last-modified: Mon, 15 Aug 2022 14:54:41 GMT
etag: W/"bad20cb6447399d927f280df2d62ca0c"
x-amz-server-side-encryption: AES256
x-amz-version-id: RsSkBCjzvBw3GerIVkk_9htbmnC6yc51
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WmPZXoFifRnyZ6EiAK_9fdX27QL2lC2wBfFsfG6-Fd6uzYBBFBasyw==
age: 1828809
X-Firefox-Spdy: h2
gen.sendtric.com/countdown/uo4yd04deg
109.105.221.13200 OK 0 B URL HTTP/2 gen.sendtric.com/countdown/uo4yd04deg
IP 109.105.221.13:0
GET /countdown/uo4yd04deg HTTP/1.1
Host: gen.sendtric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: image/gif
etag: 3506314637387239850
expires: -1
pragma: no-cache
vary: Accept-Encoding
date: Mon, 05 Sep 2022 18:58:18 GMT
server: Fly/ec6d9b89 (2022-09-02)
via: 2 fly.io
fly-request-id: 01GC7G926NRCCDQ6HA90G6XXDA-ams
X-Firefox-Spdy: h2
p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%25222a329ada-d9e3-4079-96c2-f611e6cfb802%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20December%2015-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
52.33.198.133302 Found 0 B URL HTTP/2 p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%25222a329ada-d9e3-4079-96c2-f611e6cfb802%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20December%2015-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html
IP 52.33.198.133:0
GET /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%25222a329ada-d9e3-4079-96c2-f611e6cfb802%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Scheduling)%3A%20December%2015-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html HTTP/1.1
Host: p.alocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Sep 2022 18:58:22 GMT
content-type: image/GIF
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: uuid=ccc1925c-2a29-4dca-86c5-8877f80b9e25; domain=.alocdn.com; path=/; expires=Tue, 05 Sep 2023 18:58:22 GMT; secure; SameSite=None
location: /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%25222a329ada-d9e3-4079-96c2-f611e6cfb802%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20%28Advanced%20Scheduling%29%3A%20December%2015-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-scheduling-december-15-16-2022.html&tdc=1
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
13.110.69.154200 OK 0 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
IP 13.110.69.154:0
GET /resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdT
Connection: keep-alive
Cookie: BrowserId_sec=tTsl3S1MEe2Wkm-ll5ZKHQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 07:00:09 GMT
Content-Type: application/x-javascript
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30719
Age: 1079891
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 11/04/2021 22:40:16
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.0
cdn-requestid: a0669b23f8a3a4d2d54e12d18ef5c3e0
cdn-cache: HIT
cf-cache-status: HIT
age: 14622210
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74613217df7cb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:18 GMT
date: Mon, 05 Sep 2022 18:58:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
IP 54.230.111.73:0
GET /core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 05 Sep 2022 18:58:21 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JlqX452rcxtqZwjkoSpp37FMUtCbGM2pRXCFXHO0KVw8vDaARn_mdQ==
X-Firefox-Spdy: h2
js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490
IP 54.230.111.73:0
GET /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404293490 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 05 Sep 2022 18:58:21 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zInPEKdk7xcJ1OySR9N5_JCri1nOYVwgjBX50jRn3IdzLBKYD5cnGQ==
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/main~493df0b3.ac3a9470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:04 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:58 GMT
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
x-amz-server-side-encryption: AES256
x-amz-version-id: hiapbHKSV4DShQCB29I8q9ZEQ_orBvh8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8qWRPysqmNJDDQd3qoExqbpHMm6_MV5Tk80nU1PjfiCs5JdIMQu6tQ==
age: 5514197
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/25.8f107198.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/25.8f107198.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/25.8f107198.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:05 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"e2511c69e5bdc03467952abaccdb5383"
x-amz-server-side-encryption: AES256
x-amz-version-id: WcCqQoAG3H9hj_QsryoONfIqJXy6i_Vu
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mXWziV3u0sJ2Z9BXnJwe8wVJwlItrwMQ_NmK4dR_nq-S2AikUvw_EA==
age: 5514196
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/20.8c21ea18.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:49 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
etag: W/"6d77a76055d81227033363af2f18caf8"
x-amz-server-side-encryption: AES256
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j28AMn4CaKPUGwzOspQdQ47nhTl9jKydFpmi6PXZaABUhBWUf9GZXA==
age: 7599512
X-Firefox-Spdy: h2
public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
104.21.26.9200 OK 0 B URL HTTP/2 public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
IP 104.21.26.9:0
GET /fonts/gordita/gordita-regular-webfont-woff.woff HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: application/font-woff
x-amz-id-2: 95MUxLnCbIkss2kA/sLeKT8+0bdlFMCPvmC7RPdOn7SvMYvPB6nvjEu+0c5e3j5tF3BW5GIvYN4=
x-amz-request-id: MCMBQYEM5T8KRTGT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 31 May 2021 12:44:51 GMT
x-amz-version-id: hx7AXNg7K1e1RTazyN_0DpBGtio5OElw
etag: W/"951cf61fb8b08593af1d6466359e32fe"
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z6rw4lXV3OZqcyt%2B0HVSOnBwTiTpFNSTfIOzGbIuqt9P%2BCUd6gTV%2B%2BGkNFxcVVWLsUWCuUKJMKB%2BOeS0XLv20LfmGk4bJMz2Omm1uI1JkK7pn6LGKlRkH0gEVbDzK2Oi9jPhTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74613217bd7ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/11.639238ba.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/11.639238ba.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/11.639238ba.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:06 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:55 GMT
etag: W/"4049f38c00add1738dc4806148ff8829"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7WrloWWSc22pVf.7ICrUs7406unnhgom
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gaFiyWewXZ8JvlqLthy6WzP2agdVkaYxTMaJGirIKEzA5CO8PLksrw==
age: 5514195
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/37.9da17c94.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/37.9da17c94.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/37.9da17c94.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:50 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
x-amz-server-side-encryption: AES256
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: APpA690nqnYSsuwFDs9OFv7plC5XzmRAx-sgILqxMZU1AWdIb2zzRw==
age: 7599511
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/19.c6476f9e.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=0e4ef453-6f0b-4e86-9d14-5d30ee0a0d1b&sessionStarted=1662404296.76&campaignRefreshToken=ccd038cb-10c2-4512-80b2-77aa695e63a5&hideController=false&pageLoadStartTime=1662404293490&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"577a5b4c4d4e15fe510f6e9d62882f27"
x-amz-server-side-encryption: AES256
x-amz-version-id: iwfAR0XWOD35qtGdWcZt_c4r2xii5fG_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FZK4pXTmGDpSq9ULQmDaRl0wIabULtqh77a2oppZjjUJsI_8q4CBnQ==
age: 884280
X-Firefox-Spdy: h2