firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 18:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ih2kMxybpQl-NFYNtMDBjVqw6G622v0C-25CazPsvI8jLl4SMBUgAA==
Age: 802
go.cpm-controls.com/e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
3.92.120.28301 Moved Permanently 0 B URL HTTP/1.1 go.cpm-controls.com/e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
IP 3.92.120.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 18:58:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
location: https://go.cpm-controls.com/e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
vary: User-Agent
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4808
Expires: Mon, 05 Sep 2022 20:18:25 GMT
Date: Mon, 05 Sep 2022 18:58:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -AE-xH2Bwpkldd6GCnOxYg7WSJd3B_Fq8JFbVkZmhQPCFvPZunqQSQ==
age: 63780
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 18:58:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62aa66e3bfc4c014ff7e6451eb6a6903
7cb1c87ad3b174d91d3e7bb97ea94d5d05c8f102
7c91961183af387fbd809a9080133dcd299408f4034fd3eb52dd22cbb8f62d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C91961183AF387FBD809A9080133DCD299408F4034FD3EB52DD22CBB8F62D85"
Last-Modified: Sat, 03 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13686
Expires: Mon, 05 Sep 2022 22:46:24 GMT
Date: Mon, 05 Sep 2022 18:58:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 18:38:16 GMT
Expires: Mon, 05 Sep 2022 19:28:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JrxRqjgRXIs3DxboEzXBSGNr8QSv2-qwi9OENrYXhPnZRcyFZMDU5Q==
Age: 1202
go.cpm-controls.com/e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
3.215.172.219301 Moved Permanently 157 B URL HTTP/1.1 go.cpm-controls.com/e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk
IP 3.215.172.219:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 603606c4e26222e3a2cc984cd1b9b982
eab77255e9f41752b2e2c63fb7f6226c685c1255
5c041fa4cd2eb6f6c983d1ba48ec4bfe72ff841c7a68e8faccd19853d58527c1
GET /e/911112/entals-october-24-26-2022-html/nv8lg/1040697739?h=5L3VppaZp47UXeotN847ORHFLe_3AhoIBmwz-XfBDpk HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 18:58:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 157
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
location: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: max-age=63072000
expires: Wed, 04 Sep 2024 18:58:18 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:18 GMT
Last-Modified: Mon, 05 Sep 2022 17:45:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8ddd2d999c186242c6bdf8ba737f323
d10ad4f513c53ef89db96159b9732933b6ee4ae5
a069b3b42099a4e749a4a705294e8c55b29d183535c356341ae90ca35d825fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A069B3B42099A4E749A4A705294E8C55B29D183535C356341AE90CA35D825FDA"
Last-Modified: Sat, 03 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15983
Expires: Mon, 05 Sep 2022 23:24:41 GMT
Date: Mon, 05 Sep 2022 18:58:18 GMT
Connection: keep-alive
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2+BTZDbnbPM75gvgAaobsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4qm7ldSUJJ7c/sAqIqV50YvBQIY=
www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
199.34.228.77200 OK 38 kB URL HTTP/1.1 www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39945)
Hash 3a12889d1926f6aaa2397ac3118dddba
e1bc4a02b837c0c8fbb3ace7d764ebeaf650732d
b08468c4aa76b1e58f69491259df0bb8396266c39f1fc16a380ecda4774ad582
Analyzer Verdict Alert fortinet Phishing
GET /3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:18 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.ppmglobalservices.com
language=en; expires=Mon, 19-Sep-2022 18:58:18 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"5fbfab7177a58a825587a82129a3da49-gzip"
Content-Encoding: gzip
X-Host: grn111.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 37870
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 771ec2cf038214c40ed54dc7d0ce7e4c
20b2a198541e596346f26f9e15d51488bb76608b
33269d6ddede29e1043070cb0ee0f3034f154ce264970994fe071c092fa8b675
GET /css/social-icons.css?buildtime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 22 Aug 2022 20:43:15 GMT
etag: W/"6303ea63-3319"
expires: Tue, 06 Sep 2022 11:05:17 GMT
cache-control: max-age=1209600
x-host: blu115.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 1151582
x-served-by: cache-sjc10034-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662404299.162872,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
IP 151.101.85.46:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Hash 15eaf839ff82242f8d02b1f60c073760
ed5886bbb71827073b52523683a95f0a051f8c40
c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
GET /js/site/main-commerce-browse.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 23:14:16 GMT
etag: "630d4848-f92d"
expires: Tue, 13 Sep 2022 08:14:53 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 557005
x-served-by: cache-sjc10059-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404299.162982,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1654648342
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 30 Aug 2022 19:50:18 GMT
etag: W/"630e69fa-347ac"
expires: Wed, 14 Sep 2022 10:32:15 GMT
cache-control: max-age=1209600
x-host: grn81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 462364
x-served-by: cache-sjc10041-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662404299.170381,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1654648342
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 29 Aug 2022 23:13:57 GMT
etag: "630d4835-f47"
expires: Tue, 13 Sep 2022 11:30:22 GMT
cache-control: max-age=1209600
x-host: grn69.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 545277
x-served-by: cache-sjc10075-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404299.173578,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
151.101.85.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-74804"
expires: Tue, 06 Sep 2022 08:16:12 GMT
cache-control: max-age=1209600
x-host: blu49.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 1161727
x-served-by: cache-sjc10051-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 786
x-timer: S1662404299.185278,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
151.101.85.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
IP 151.101.85.46:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash 40ee71f2f2de93b9561845efa9a0cbbc
13451e3fb165d1ad524d9863d8344eab4a2fe353
41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
GET /js/lang/en/stl.js?buildTime=1654648342& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:42:23 GMT
etag: "6303ea2f-2c44e"
expires: Tue, 06 Sep 2022 08:13:58 GMT
cache-control: max-age=1209600
x-host: blu127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 1161860
x-served-by: cache-sjc10024-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1662404299.201578,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2
cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
143.204.55.35200 OK 3 B URL HTTP/2 cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
IP 143.204.55.35:0
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /Xy0yMDMyODkzNDEx/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Mon, 05 Sep 2022 18:58:18 GMT
cache-control: public, max-age=60
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: blgytTdD9EDwp10VMajALnU8kkQtcI3aA-w8pRc9GeZ0f6GHAlOpuw==
age: 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32011)
Hash e32a0ae988b9f1c9de6f0f70bfa0ffbd
c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
GET /js/site/commerce-core.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-f57e"
expires: Tue, 06 Sep 2022 12:18:17 GMT
cache-control: max-age=1209600
x-host: blu38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 1147201
x-served-by: cache-sjc10074-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404299.241098,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W6HMK8K
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W6HMK8K
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash f213ae004311f43f2ce7b71583a98ba1
d5d957772500531b0bcf78cc22b4dfdeac14bfde
6382230a3af180971d6e1b99f27fa1f4a70e67db5473ef81741192898060149e
GET /gtm.js?id=GTM-W6HMK8K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 18:58:19 GMT
expires: Mon, 05 Sep 2022 18:58:19 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
142.250.74.10200 OK 731 B URL HTTP/2 fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 76a8bfb68974891c8ceb99bebbeeb218
065156a9b419c58b858dd25cb0283b491af4d6d8
a2737d88ac54cfcedb6926efbc99e29a4ebc4303dd37afe0f9afed12e1aed35a
GET /css?family=Actor&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:19 GMT
date: Mon, 05 Sep 2022 18:58:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ppmglobalservices.com/files/main_style.css?1654696781
199.34.228.77200 OK 6.9 kB URL HTTP/1.1 www.ppmglobalservices.com/files/main_style.css?1654696781
IP 199.34.228.77:0
File type ASCII text, with very long lines (670)
Hash e4333c0d0354cf8337361d5623a74f91
69df16aea4b5d805728fe8c7ed06839c2f404b30
f24ed6a1266ef1241adb9409197b0098ec5fd76f7f06dc284affce19fdaf61eb
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu13.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ppmglobalservices.com/files/theme/plugins.js?1556830109
199.34.228.77200 OK 20 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/plugins.js?1556830109
IP 199.34.228.77:0
Hash f949d0652f86cf688f158f57e45c8d88
f9634dc2aa2678f26708aefd82420a8aff002c92
3f3fb2fcdd039d7376833076b04ae214e0bb469fbf2f6ac9e40140ad0b6221f3
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/plugins.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Apr 2020 15:10:21 GMT
ETag: W/"1c8a26f413525e51e0716d20f48b9146"
x-amz-request-id: tx00000000000000002abb7-005ea35ac3-10e20e2-las
X-Storage-Bucket: z04a6
X-Storage-Object: 04a6442538bbcd643a22e79a05200ea073ee4d8efb5bcae54ffb5d6303bb1385
X-Host: grn29.sf2p.intern.weebly.net
Content-Encoding: gzip
www.ppmglobalservices.com/files/theme/custom.js?1556830109
199.34.228.77200 OK 1.8 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/custom.js?1556830109
IP 199.34.228.77:0
Hash 697c59e01098eb0a4ecc5d2eeec52ede
e6ef89da323e2024eaeb9933b93e61a33217629a
6324c79976a9864103265af761c905bc8cdfdb7e631c71dc65eb838e82efd013
GET /files/theme/custom.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 28 Sep 2021 18:36:32 GMT
x-rgw-object-type: Normal
ETag: W/"d5fb588a458645eb36265e3581aceea6"
x-amz-request-id: tx000000000000001b9d4c1-00628481d5-b9fbc7f-sfo1
X-Storage-Bucket: z7c94
X-Storage-Object: 7c94a9bdc62c584903702204b6ff060018717512c0eae82d0937ba0ee0092d94
X-Host: blu13.sf2p.intern.weebly.net
Content-Encoding: gzip
www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
199.34.228.77200 OK 1.6 kB URL HTTP/1.1 www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
IP 199.34.228.77:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f8268290f1ea715075ad0a284b25d64
9ff2e712b38d6a0d8600fd434e20b4a4cf6f34a3
598c60ad7b0c786955e44bf2cc58a30610ee31350d1ca5abfd8592e92f0c65e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598C60AD7B0C786955E44BF2CC58A30610EE31350D1CA5ABFD8592E92F0C65E4"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16695
Expires: Mon, 05 Sep 2022 23:36:34 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16836
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16836
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 18:58:19 GMT
Connection: keep-alive
www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
199.34.228.77200 OK 16 kB URL HTTP/1.1 www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- C source, ASCII text, with very long lines (14060)
Hash 8213569fa2d51a0bc22accceca61ee37
45e58c79e3670c3aab3484edac6e9496be43174d
145db81c3620213bbaa73d4f76cbbc6d47ada107470a31bd177f154649a1fbc5
GET /gdpr/gdprscript.js?buildTime=1654648342 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:19 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Mon, 19-Sep-2022 18:58:19 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: blu8.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
gen.sendtric.com/countdown/uo4yd04deg
109.105.221.13200 OK 10 kB URL HTTP/2 gen.sendtric.com/countdown/uo4yd04deg
IP 109.105.221.13:0
Hash bc680b8013df46b72e5e6fd8b590b94d
1c5181ab887df61100b25106f35599fe96b65a91
1127d424a3b3dd4521311a3dbf4cf8e2983d9b2101f8ae0c62f6bf610416ae98
GET /countdown/uo4yd04deg HTTP/1.1
Host: gen.sendtric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: image/gif
etag: 15460480518564802694
expires: -1
pragma: no-cache
vary: Accept-Encoding
date: Mon, 05 Sep 2022 18:58:19 GMT
server: Fly/ec6d9b89 (2022-09-02)
via: 2 fly.io
fly-request-id: 01GC7G931R8BEK5Y24EWNF91PN-ams
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 3123
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:47:54 GMT
age: 76225
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_187.jpg
199.34.228.77200 OK 10 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_187.jpg
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 295x250, components 3\012- data
Hash 79dbe8a7ea6050df91f3a1fb8388f1fe
6b3a43b69d735f79018abb97c63ac18ba8b50ac9
8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
GET /uploads/1/2/5/4/125436625/primavera-p6-software-box_187.jpg HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: image/jpeg
Content-Length: 10059
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2019 22:07:34 GMT
x-rgw-object-type: Normal
ETag: "79dbe8a7ea6050df91f3a1fb8388f1fe"
x-amz-request-id: tx000000000000001c08d18-0062848a67-b9fbc20-sfo1
X-Storage-Bucket: z8964
X-Storage-Object: 8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 76128
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 75808
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 15606
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 71513
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 429851
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 524878
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 524878
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 429851
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:20 GMT
age: 382779
x-served-by: cache-sjc10034-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 4145
x-timer: S1662404300.039721,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
199.34.228.77200 OK 27 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
IP 199.34.228.77:0
File type PNG image data, 335 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 84061e75ebc0607aacb6389a927a3a9f
a59e9eaaaafe091174d1d608942cf42f0fdb1d4d
859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: image/png
Content-Length: 26655
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 00:53:02 GMT
x-rgw-object-type: Normal
ETag: "84061e75ebc0607aacb6389a927a3a9f"
x-amz-request-id: tx000000000000010bbc1b1-0062da1ced-c03521c-sfo1
X-Storage-Bucket: z859e
X-Storage-Object: 859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:47:56 GMT
expires: Thu, 31 Aug 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 429024
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:51:08 GMT
expires: Thu, 31 Aug 2023 19:51:08 GMT
cache-control: public, max-age=31536000
age: 428832
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 01c1413890cccd52afe1b86e98f1cab3
21e01aa8965715ddb31b77665b8464c6efd69fdf
d8f2c896e3f58f9e983f78d8442a3fd9b4ad008609d35df4dce3bf948a4fb087
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:27:22 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7a8bf09b266c15ee9cd8aa665d35c1ad
c9bd59acb8ae91ddf28765de5a2c898ca3849bbd
7aad26ee0d77bce397c2dd45c8db98513f6c38320c0b226bb75dfa5e0456754c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=94173
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Etag: "6314ffcb-1d7"
Expires: Tue, 06 Sep 2022 21:07:53 GMT
Last-Modified: Sun, 04 Sep 2022 19:43:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6874
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6874
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6874
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6874
Expires: Mon, 05 Sep 2022 20:52:54 GMT
Date: Mon, 05 Sep 2022 18:58:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5300
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:30:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
13.110.47.154200 OK 14 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
IP 13.110.47.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6799), with CRLF, LF line terminators
Hash 9a600477ecef50fb190babe819da8659
f1932c187066125ad26f845491b96b71e1715844
c5e83e4de101cec28b4572d5c9029026d22322bf1e1b61662173403a38510a0d
GET /EventPage?eventId=a0V4z00000NKfdJ HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Set-Cookie: CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000
BrowserId=tWpLqi1MEe2QnJPeiI1BnQ; domain=.force.com; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000
BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ; domain=.force.com; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=600
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Mon, 05 Sep 2022 19:08:20 GMT
Last-Modified: Mon, 05 Sep 2022 18:58:20 GMT
origin-trial: AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.powr.io/powr.js
104.22.51.245200 OK 39 kB IP 104.22.51.245:0
File type HTML document, ASCII text, with very long lines (15830), with no line terminators
Hash b63b4659c6ca6b4c32a69de307da9e0a
a3ec749b601a287520478fa82f1a12eab160d47e
f6176b2a59274823fc951b7f63fdaf4a4433be25fd7c5ba4461b7ba93b62334f
GET /powr.js HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:19 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Mon, 04 Sep 2023 21:21:24 GMT
last-modified: Sun, 04 Sep 2022 21:21:17 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
age: 35296
server: cloudflare
cf-ray: 746132160ad8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_164.png
199.34.228.77200 OK 87 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_164.png
IP 199.34.228.77:0
File type PNG image data, 424 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 17de0aaa49b5cbef16f6f40a8b17992f
d5e327ea3e3bb62ecf2f7e79170091065cd9015b
6427b92e20d8457173385632269ef817460b1249843454c9172983b698948c56
GET /uploads/1/2/5/4/125436625/published/primavera-p6-professional-training_164.png HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:19 GMT
Content-Type: image/png
Content-Length: 86741
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 16:36:02 GMT
x-rgw-object-type: Normal
ETag: "17de0aaa49b5cbef16f6f40a8b17992f"
x-amz-request-id: tx000000000000001cfa9de-006284922c-b9fbc29-sfo1
X-Storage-Bucket: z6427
X-Storage-Object: 6427b92e20d8457173385632269ef817460b1249843454c9172983b698948c56
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash b6787e2e11faff133f1ae1b6e64be5b5
ce2d5949fc5a9cddf7591ef24a860ead9adfe1d3
338551f1a4263f230d312873b28bcaebfb81522ee0e213f2a7d6beb5d067f592
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2D5F5903CB4CC9F18EF62860546DAAA8F1E66B5A"
Expires: Tue, 06 Sep 2022 05:00:00 GMT
Last-Modified: Mon, 05 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2686
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7461321dc8880b65-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5300
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:30:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c5c1be3dcf198cf8cf8b5aff7455c969
3fca07a92ffdef09fd7ac0ca66bf742a821471dd
d6bea86a955037c59258788bd0cc4dd65d2b52c963aed995a7ae695293527490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:13:52 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZRcehhdoOdGsKkblM0z56Lx5RzRGASdpir9FHWvF77Ocd8spjONhjw==
Age: 6268
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 230857
expires: Sat, 26 Aug 2023 18:58:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mss1q2A6t3x%2Be3Ie8a7RsLeHexDAR6CVU6vGO9iEAnTLPzdpoHpeOuV3dPDAWb7K6sV5C8ToRgm9taNcRewqZbFiNHfdToCMLyy094eSHhHyC4Dj%2FowbOIhtPs5bAduEuor75VkA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7461321dfd9e0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
13.110.47.154200 OK 618 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (941)
Hash 69e62cfb5bb10c2d2a0102c93af0e244
64d472e28864096fd2f1657aae04c9a9975033f2
9e55a124b4c87483683e0c8f0d20c603f615a539baf1fea80e337d9d1a56e021
GET /static/111213/js/perf/stub.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 07:00:09 GMT
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1079891
Content-Length: 618
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7848380
accept-ranges: bytes
server: cloudflare
cf-ray: 7461321e7f3ffab8-OSL
X-Firefox-Spdy: h2
www.weebly.com/weebly/images/file_icons/pdf.png
74.115.50.110200 OK 33 kB URL HTTP/1.1 www.weebly.com/weebly/images/file_icons/pdf.png
IP 74.115.50.110:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8427712afa66ee68c0b1cd1f2ffb7d0f
8d0502a31f7d594983ebeee2fa0b631c79f9415d
f99cbcdbd9842094dda720b7b11cf335a491f52b977a2dd944b6aa4e2abcdb33
GET /weebly/images/file_icons/pdf.png HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 18:09:04 GMT
ETag: "8154-5e7b5a00f3000"
Accept-Ranges: bytes
Content-Length: 33108
X-Host: grn69.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive
Content-Type: image/png
X-W-DC: SFO
Set-Cookie: sto-id-editor=DKAHBMAK; Domain=weebly.com; Path=/
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
104.18.22.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 140374
accept-ranges: bytes
server: cloudflare
cf-ray: 7461321e7f3afab8-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7850986
accept-ranges: bytes
server: cloudflare
cf-ray: 7461321e7f3efab8-OSL
X-Firefox-Spdy: h2
mas-c.mautic.net/mtc.js
104.197.196.164404 Not Found 37 kB IP 104.197.196.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-c.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 67c9019264924ecf97a5567289c014ad
0699df1c84a5eb45a01961d67e024fbea5d0c7aa
6a6c9b6ec366d2320d008d32898c02fbd0abfd97bb9632ca982f05d4b8eb7e07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 18:17:52 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RoQQRDHs5SwXaEumTJvjaRl45pcONWdZ11YJO1aVwOFi-IKVtbLW5Q==
Age: 2428
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
104.18.11.207200 OK 17 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (65316)
Hash d40b04fc5c2ae833d11b32c5a3315b78
018069e3266982b73de2dab2e750725841f8baf0
ac9d0b196bd1433a23eff108e5ab9a667bef4f99fd9974bfd387317a0c8327fc
GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 11/04/2021 22:40:16
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.0
cdn-requestid: a0669b23f8a3a4d2d54e12d18ef5c3e0
cdn-cache: HIT
cf-cache-status: HIT
age: 14622211
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7461321d88230b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mas-e.mautic.net/mtc.js
104.197.196.164404 Not Found 37 kB IP 104.197.196.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-e.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
mas-d.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-d.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
mas-a.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-a.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1184.min.js
151.101.86.137200 OK 11 kB URL HTTP/2 js-agent.newrelic.com/nr-1184.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (27995), with no line terminators
Hash 43e0aec0456ae54841a52fe989abb1ec
d9e080d86beada72e9e42092bede868db3d4aee4
9d7ecd792af230cea192e0786491921415d809686321da7414b3df85d875de07
GET /nr-1184.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vlrWWMMcD6PaK/7pcEzhUYxgoEeM4G4LZ2WMo+rqGou4ZJrl4nmrnnynZYC7VcboXQFypj4DwM4=
x-amz-request-id: NH2XE4MW0QPBT68H
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
etag: "3d7f312be60d08a2568e311e4762f3af"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 15
x-timer: S1662404301.832409,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10624
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/static/111213/js/functions.js
13.110.47.154200 OK 10 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/functions.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (552)
Hash c8c8e554f33b49d8c581c753b8bd151b
a6daa1b5dd2f28c50d52e9663fa350dcc70bb76a
0568552f2c5ea4e22ac09091b649d121f9a5ee4692f0925bd64f11cf925be566
GET /static/111213/js/functions.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:47 GMT
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074273
Content-Length: 10369
training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
13.110.47.154200 OK 3.2 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (516)
Hash 5d1d12b4967630cb4089b4480aba4de2
1bbe30a962a3d3916ed6ca68203d874cca145b7a
a41fc932f74efb3e85d01e7dbf25360e48185266e4410e81a3de1bfc18deec2b
GET /static/111213/js/picklist4.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:48 GMT
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074272
Content-Length: 3221
training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
13.110.47.154200 OK 2.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
IP 13.110.47.154:0
File type HTML document, ASCII text
Hash ef6cac8c3704d4267605b4c8780bf312
881b35e9852f35f0e591e177fac5fae964f85ef8
ceed73c693aeb31f9a7c4467cf9b421158ed2e2915d1095d47b0c84ede838554
GET /static/111213/desktop/desktopAjax.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 11:43:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 11:43:59 GMT
Last-Modified: Wed, 25 Jan 2012 20:29:10 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1062861
Content-Length: 2269
training-events-ppmglobal.secure.force.com/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000
13.110.47.154200 OK 19 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000
IP 13.110.47.154:0
File type ASCII text, with very long lines (1993)
Hash 8407386c97ff1880a9607e24b93dcddc
f8e3482e85c4fbd46c4b0e15167c136961bd23a6
aa5d22165c8fc70ac15b5efe9d588bb920ea1b305b964cc82c4b704bd35c1889
GET /faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000 HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:20 GMT
Set-Cookie: CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Tue, 05-Sep-2023 18:58:20 GMT; Max-Age=31536000
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: private,max-age=3888000
Last-Modified: Wed, 31 Aug 2022 06:46:04 GMT
Content-Type: text/javascript
Expires: Thu, 20 Oct 2022 18:58:20 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19446
s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
52.218.251.8200 OK 29 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
IP 52.218.251.8:0
File type ASCII text, with very long lines (29064), with CRLF line terminators
Hash ae6d979a31685f90477e03632901e631
e5a80a3bb85cd6270be8bc911fe2ed8ebd69ee15
22d013ecb7e47b184912813886f791a5301d9af0d4877ac60702eef093afdd0c
GET /jsstore/a/G5QHN4M/ge.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RmWmjhpO3+80/WpqdSBXQww96FjFhu1MifI8jd+28D4sAaWNJ/euLA++0GsslUvY4hwqXsfSEV0=
x-amz-request-id: 7YCAA8M5JABX0BGC
Date: Mon, 05 Sep 2022 18:58:21 GMT
Last-Modified: Fri, 25 Mar 2022 15:32:11 GMT
ETag: "ae6d979a31685f90477e03632901e631"
Cache-Control: max-age=2592000
Expires: Sun, 24 Apr 2022 15:32:09 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 29066
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ppmglobalservices.com/
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
143.204.55.75200 OK 21 kB URL HTTP/1.1 s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
IP 143.204.55.75:0
File type ASCII text, with very long lines (1326)
Hash a1001b6f1d52c9b98902cc4e3c6f454a
6b3e26892166fffc9445b6206e7bc7ea36d17310
81ed1df3323988484f2be04bcdf51010d29b5e979373ebce52260a2299d66c4e
GET /j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 00:04:40 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: BO35H.j5UyLmfwmrnHzMwjE44N4YPw1U
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 18:58:19 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"c757176a58c6cb73028a1918d4f6e6ef"
Vary: Accept-Encoding
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
Age: 3104
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xUMIXeZnLEhwIzBufX_7-pwZBsgKiQdP1HADF62HIDxBDnEgcOLOkA==
training-events-ppmglobal.secure.force.com/jslibrary/1635874030238/sfdc/VFState.js
13.110.47.154200 OK 1.9 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1635874030238/sfdc/VFState.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (590)
Hash 652f9a53e09ac202380919533b44eec1
f7a6b87a5fd5b1498317abd9fd2da7998cc2a201
eac208e5bc50c56c8fddf3dfe3f79dbf5fbd7d1e7170e0584a7040166a77f0a7
GET /jslibrary/1635874030238/sfdc/VFState.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 07:00:09 GMT
Last-Modified: Fri, 19 Aug 2022 20:26:06 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1079891
Content-Length: 1853
training-events-ppmglobal.secure.force.com/resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css
13.110.47.154200 OK 13 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css
IP 13.110.47.154:0
Hash e862500c758b2c913a7b0411554e3db6
455aad6b532ba379840b82f3ecf43727c0a8c6d5
6d14733b40e1da419dc390f57f1f66d2e0467f69de0f93da33e3a31e763bb1be
GET /resource/1571637679000/fontawesome/fontawesome-free-5.11.2-web/css/all.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 07:00:09 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 21 Oct 2019 06:01:19 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12642
Age: 1079891
training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
13.110.47.154200 OK 1.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (533)
Hash 53524e4c0d4ae578ea646bacc49df12b
2dddf14e84f4e0daa05c451ce146f0a0a1d73eb4
fdee9a8d50bbebb9a2f47c20436ed3ec1b8416855105482d38ae095c9ff5eb79
GET /jslibrary/1647410350238/sfdc/NetworkTracking.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 07:00:09 GMT
Last-Modified: Fri, 19 Aug 2022 20:26:06 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1079891
Content-Length: 1340
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:20 GMT
Last-Modified: Mon, 05 Sep 2022 17:26:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 05 Sep 2022 18:17:11 GMT
expires: Mon, 05 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
age: 2469
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ogkeNt7Fc99PfgJoPz/cB40zRreSSXieb91cbvvryo73j8r+3QsJ2VcrGfnSGxDvhbJtGZLjfBvX5ZncfSyPIA==
content-length: 26752
x-fb-trip-id: 1904183273
date: Mon, 05 Sep 2022 18:58:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=603&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=285&fe=529&dc=519&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404295529,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:13,%22rpe%22:17,%22dl%22:17,%22di%22:448,%22ds%22:477,%22de%22:519,%22dc%22:527,%22l%22:527,%22le%22:531%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 68 B URL HTTP/1.1 bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=603&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=285&fe=529&dc=519&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404295529,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:13,%22rpe%22:17,%22dl%22:17,%22di%22:448,%22ds%22:477,%22de%22:519,%22dc%22:527,%22l%22:527,%22le%22:531%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash a63df29d6e0417cc1d00d8743d0ae34c
4fe2dc626d476e9a32c8982587e33fbc8aaf7b0b
025635a81f1246880710db88c48cd051393836cfd7016eb9f4aac7ac7b739a4e
GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=603&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=285&fe=529&dc=519&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662404295529,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:13,%22rpe%22:17,%22dl%22:17,%22di%22:448,%22ds%22:477,%22de%22:519,%22dc%22:527,%22l%22:527,%22le%22:531%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 746132207c490b59-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=21e08a7a59806d0b; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:21 GMT
Last-Modified: Mon, 05 Sep 2022 17:26:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/bundle.css
13.110.47.154200 OK 708 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/bundle.css
IP 13.110.47.154:0
File type ASCII text, with very long lines (2778)
Hash 9082259ec23a283320c94fb030d73240
c69a8d2d88ee8dfc9bd7fc2884690ed31187eb77
6ffb11a620a41cfa53ae9b5d2f2398da5e3454ca77ee491ccebec8c700e68cc5
GET /resource/1561532081000/Eventbrite_Resources/css/bundle.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 07:00:09 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 708
Age: 1079892
training-events-ppmglobal.secure.force.com/jslibrary/jslabels/1661807508000/en_US.js
13.110.47.154200 OK 71 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/jslabels/1661807508000/en_US.js
IP 13.110.47.154:0
File type Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Hash 5ff25adca2e90bf271b2b650d300e74f
912ea2d37ab8657ff87b5439ccbc9805edf29753
921bb135b7d0e9b9389245b08ef780123c405fd9e6026c03f7d8cc8005cfd792
GET /jslibrary/jslabels/1661807508000/en_US.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:03:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR OTR STA"
Expires: Sat, 15 Oct 2022 07:03:05 GMT
Last-Modified: Wed, 24 Aug 2022 22:13:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 474915
Content-Length: 70575
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1865
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=deee3622-aaf4-4b66-adcd-3d5debdcc507; Expires=Tue, 05 Sep 2023 18:58:21 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
143.204.55.75302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Mon, 05 Sep 2022 02:04:53 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
Age: 60807
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qn7pTgfNxMVdMarI6sbtW1H8-TaE69jP-RUwXVanNbK8NSJAJ118aw==
s.adroll.com/j/exp/index.js
143.204.55.75200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.75:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ppmglobalservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:10:45 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 54CR.I9BC9Znk_eUBi_4NwuScKvxGyTv
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 05 Sep 2022 01:12:35 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
Age: 64932
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: StHmvOMRb1r397UNiwKNdiQc7O75Hf7uJtaQ1fY3ACbPjBBROyx6vg==
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
13.110.47.154200 OK 31 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (65451)
Hash 424baaec3551eb61100052d80b326e7d
30a6ef5f5c4a8120089b64deca13514480d45de2
8b9be681b6e18d28e9b43d571dd4d28c71d59b600cd69779ff3b7684012caaba
GET /resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 07:00:09 GMT
Content-Type: application/x-javascript
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30719
Age: 1079892
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
13.110.47.154200 OK 64 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
IP 13.110.47.154:0
File type ASCII text, with very long lines (39520)
Hash f8c9603199872560f1dedba99ad42f8f
d9d958813a9db67d5f98d6d37c30392cf5a507b3
a21e92f588f81b64c69838953ed9357ef260c2e2a608b45cb13cf247b1aea1ca
GET /resource/1561532081000/Eventbrite_Resources/css/base_styles.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 08:33:47 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074273
Content-Length: 64131
training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
13.110.47.154200 OK 233 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
IP 13.110.47.154:0
File type ASCII text, with very long lines (21863)
Size 233 kB (233064 bytes)
Hash 8bc630822d628b108382efd4003363e0
a48754f108027290a303a89fb7c7a21ce5b0ef33
e0b4e1b67bf1fdd517f5d25756133a267daf32e68fcdd6bba9089126b0027935
GET /jslibrary/1646649014238/sfdc/main.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdJ
Connection: keep-alive
Cookie: BrowserId_sec=tWpLqi1MEe2QnJPeiI1BnQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 08:33:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 08:33:47 GMT
Last-Modified: Mon, 22 Aug 2022 20:37:28 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1074273
Content-Length: 233064
www.ppmglobalservices.com/favicon.ico
199.34.228.77200 OK 4.3 kB URL HTTP/1.1 www.ppmglobalservices.com/favicon.ico
IP 199.34.228.77:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8171617226e7143f20fd955660f1f4f4
96e7d9549d571c0eeb8af1f4186f277ac8d7492c
1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
GET /favicon.ico HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 18:58:21 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 18:52:04 GMT
x-rgw-object-type: Normal
ETag: "8171617226e7143f20fd955660f1f4f4"
x-amz-request-id: tx000000000000001e97f9a-006284b894-b9fbc77-sfo1
X-Storage-Bucket: z1a41
X-Storage-Object: 1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 49503a82090eeac40f0e24c940c04010
646727cb0c9b5400b0b778e125db6217a05c4505
91aa4ea3972b490e3c08d010ac96def351dac89c5c2630af3880383223eff835
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:21 GMT
Last-Modified: Mon, 05 Sep 2022 18:22:51 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0WXByrHYXuH9UrWau8gx1JcJAA3YL_qHxv4xBXMLQsAj9O3jTrDbLQ==
Age: 2130
d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&_s=12b91557449495c828df8c86670f30fd&_b=2
34.249.178.117200 OK 447 B URL HTTP/2 d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&_s=12b91557449495c828df8c86670f30fd&_b=2
IP 34.249.178.117:0
File type ASCII text, with very long lines (447), with no line terminators
Hash 90b2c51b9f4e29511a6d089c9fbf7e20
f0cfcb953191ab02557d2abba60e17348844236c
7ae507ac2f10c3bd0efd72c337a941e8b80515e8e0b122614e15d2ce0f073acd
GET /consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&_s=12b91557449495c828df8c86670f30fd&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:21 GMT
content-type: application/javascript
content-length: 447
server: nginx/1.20.0
X-Firefox-Spdy: h2
www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.77200 OK 348 B URL HTTP/1.1 www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:21 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=32
Connection: Keep-Alive
Content-Type: application/json
www.ppmglobalservices.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
199.34.228.77200 OK 2.1 kB URL HTTP/1.1 www.ppmglobalservices.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (2073), with no line terminators
Hash 208fa72a79d9c7345824938ce50bc416
3e72957bc695c5c530f9b9ea420cbada317ddc75
b12513e0dda06ee09de47eff6e3deab5a866d8fcb213f68a8b47c1b6a1deaffa
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
Cookie: language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:21 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu108.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2073
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive
Content-Type: application/json
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 18:41:12 GMT
expires: Mon, 05 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 1029
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2dece5feb8b544d6b9cdfc62a9a9664c
6e595402d61c7f3cb5cb52de248baabfd2b4a18f
e2b4e26ae8c716b658d93c656dfd5f31d033f3db1b21cc1540e4e35f574cbbff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5406
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 18:58:21 GMT
Last-Modified: Mon, 05 Sep 2022 17:28:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
54.230.111.119200 OK 9.3 kB URL HTTP/2 js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
IP 54.230.111.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31384), with no line terminators
Hash 858b074cbacc2101da361027cac4c79a
22302d84ba83013418c9e0c8c253a539a6f7be34
6310f66a9870d2fc4e9edbf7e830e63a4fa3d7f23bfc64238ec8f29e960442dc
GET /core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 05 Sep 2022 18:58:21 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WUwf_g_lzDx8scbz7dg0OHEdUQra5zbe5uN3WMGlDZJDlcgDEyP0mA==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&rl=&if=false&ts=1662404297052&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22meta%3Akeywords%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%22%2C%22og%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_187.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_164.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404296325&coo=false&es=automatic&tm=3&exp=e1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&rl=&if=false&ts=1662404297052&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22meta%3Akeywords%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%22%2C%22og%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_187.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_164.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404296325&coo=false&es=automatic&tm=3&exp=e1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=485128322797812&ev=Microdata&dl=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&rl=&if=false&ts=1662404297052&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%20-%20PPM%20Global%22%2C%22meta%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22meta%3Akeywords%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22PPM%20Global%22%2C%22og%3Atitle%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20February%2014-16%2C%202022%22%2C%22og%3Adescription%22%3A%223-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20%20October%2024-26%2C%202022%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D485128322797812%26ev%3DPageView%26noscript%3D1%22%2C%22https%3A%2F%2Fgen.sendtric.com%2Fcountdown%2Fuo4yd04deg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fprimavera-p6-software-box_187.jpg%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fprimavera-p6-professional-training_164.png%22%2C%22https%3A%2F%2Fwww.ppmglobalservices.com%2Fuploads%2F1%2F2%2F5%2F4%2F125436625%2Fpublished%2Fppm-global-logo.png%3F1556672148%22%5D%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=30&it=1662404296325&coo=false&es=automatic&tm=3&exp=e1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Mon, 05 Sep 2022 18:58:21 GMT
expires: Mon, 05 Sep 2022 18:58:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pi.pardot.com/pd.js
18.208.125.13200 OK 1.9 kB IP 18.208.125.13:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 18:58:21 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Thu, 01 Sep 2022 05:21:46 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Wed, 04 Sep 2024 18:58:21 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
js.driftt.com/core/assets/js/25.8f107198.chunk.js
54.230.111.119200 OK 20 kB URL HTTP/2 js.driftt.com/core/assets/js/25.8f107198.chunk.js
IP 54.230.111.119:0
Hash be91f4882830a46cbaa38630a7a888ee
b4f00389da912bd98ef9f12acf1821ca0b02dd0c
c218751dc438b22f9af6aa443b5d06cf38e3adf8d3010e4a6fa511f73c1ad30f
GET /core/assets/js/25.8f107198.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:05 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"e2511c69e5bdc03467952abaccdb5383"
x-amz-server-side-encryption: AES256
x-amz-version-id: WcCqQoAG3H9hj_QsryoONfIqJXy6i_Vu
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GREtsMx1GZ_2U0EKFN9hcQz0E0ZMBBWx3hHaRAZuvGj2AYVBlZENzw==
age: 5514196
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js
54.230.111.119200 OK 11 kB URL HTTP/2 js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js
IP 54.230.111.119:0
File type Unicode text, UTF-8 text, with very long lines (38181), with no line terminators
Hash fd23241de13e1ac415b56e1b7db778f1
b7288c3d9032854c0e6ff45fadeb0a42d30a0bc8
c33803c042017d3ffc798912315be6a2d8917762360e3696241f3e54c1276ea6
GET /core/assets/js/26.2d4cdbd1.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 31 Aug 2022 18:23:27 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
x-amz-server-side-encryption: AES256
x-amz-version-id: siv4sYmLp3BEOV5kWKjSS9V7tHMZAkGl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GABLcfEMm1HbHRMQ3WZICQYRFpYVvxgGnSxppOxZbeGyQOcJoRAykA==
age: 434095
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:43:56 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OXHZWQbtqSAldkFpZc7oCp_Ouvt4RHBdOiSci7qB9XvSEo_Uaak3BQ==
Age: 4466
kit.fontawesome.com/14579ba48d.js
104.18.22.52200 OK 4.5 kB URL HTTP/2 kit.fontawesome.com/14579ba48d.js
IP 104.18.22.52:0
Hash 68cdc5d4bcf79d8ee32dd788902cd540
f5b6f2a56ae710a0d1d09b0dc15cf81ebc8865c8
f0e8a412fd80718c0603ffb1c21cbdcaeeef44d1c502195ed47473f4617b0cd9
GET /14579ba48d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fuu_NKRKzsFcWtfaTAAi
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 7461321d6ef3b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:18:27 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _nTLjz-midgg40r4jusCvOKZB9PLRMeH_dKWX0tXPeTV_18tK8SYqA==
Age: 5995
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:22 GMT
Last-Modified: Mon, 05 Sep 2022 17:43:56 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iEZZoUqUepl6nVwErW87QzXBKMPSfKFjCP09zN0VCUMtUjn7Fgij-g==
Age: 4466
js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
54.230.111.119200 OK 16 kB URL HTTP/2 js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
IP 54.230.111.119:0
Hash a40e6a61c2bb53deaed8d15c115605c0
0ed10e90286e23692342b4994ad52cc5d5f0d9e3
b3372ed59c876a9a09d1693262785336b22190ff597a2ce32f46d8dd9cd09072
GET /core/assets/js/0.0b2ebd4a.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 22 Jun 2022 23:25:32 GMT
server: nginx
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
x-amz-server-side-encryption: AES256
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6oS14-XEjaLgEJwEQfKONUmaLvFOH_AUg4x2_uAS4rzAQW2V-BJDiw==
age: 6463970
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap/ping
3.94.218.138200 OK 13 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap/ping
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /widget_bootstrap/ping HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftff5ecb24098b2b62590b9132f70
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/widget/init/v2
3.94.218.138200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/widget/init/v2
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/widget/init/v2 HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Content-Length: 138
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: cd096dc6c4561896
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 12
server: istio-envoy
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap/ping
3.94.218.138200 OK 147 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap/ping
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a28f2cbe6ba36a782f8e5c7d785fb924
a15136222a4239c808c598fa7d30f88c8b186b50
4162cf94175e84f376e183a8879ec511711ffbf7ccd5cb2621ea01f35102c1c0
POST /widget_bootstrap/ping HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 141
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 25d9a8cf512b52fa
vary: Accept-Encoding
content-length: 147
x-envoy-upstream-service-time: 3
server: istio-envoy
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8a6e91f3580ceed46df51c2f3dcced41
58448d9d3b23be670753ad316620526008bfcc86
5df5c41b1be864fa2f630d4eaf9de0922da51428cedec4fdb0734c32e645b1b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 18:58:23 GMT
Last-Modified: Mon, 05 Sep 2022 18:45:56 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TNdEF1dTYWkcialjFV8e1HJCbKuzPqIhZmsCnJoNE67a8qdzQDGIEg==
Age: 747
131401-1.chat.api.drift.com/ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjgyLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjgyZAAJdXNlcl90eXBlZAAEbGVhZG4GAJuZBA-DAWIAAVGA.4rN1VkSsSWG-3bS2TX1jcyVCO7OaaLrvK-5Sv1BsoxE&remote_ip=3.229.58.120&vsn=2.0.0
52.6.224.48101 Switching Protocols 0 B URL HTTP/1.1 131401-1.chat.api.drift.com/ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjgyLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjgyZAAJdXNlcl90eXBlZAAEbGVhZG4GAJuZBA-DAWIAAVGA.4rN1VkSsSWG-3bS2TX1jcyVCO7OaaLrvK-5Sv1BsoxE&remote_ip=3.229.58.120&vsn=2.0.0
IP 52.6.224.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/websocket?session_token=SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAUMTMxNDAxLTE1NTE5Mjk0MjgyLTRkAAZvcmdfaWRtAAAABjEzMTQwMWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzE1NTE5Mjk0MjgyZAAJdXNlcl90eXBlZAAEbGVhZG4GAJuZBA-DAWIAAVGA.4rN1VkSsSWG-3bS2TX1jcyVCO7OaaLrvK-5Sv1BsoxE&remote_ip=3.229.58.120&vsn=2.0.0 HTTP/1.1
Host: 131401-1.chat.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://js.driftt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dhZYQpGfFRLBT+AuqDCOtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 05 Sep 2022 18:58:23 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: s9J/Df1cQkeL99l/KY0FiFghx5k=
server: Cowboy
upgrade: websocket
js.driftt.com/core/assets/js/45.772158c8.chunk.js
54.230.111.119200 OK 36 kB URL HTTP/2 js.driftt.com/core/assets/js/45.772158c8.chunk.js
IP 54.230.111.119:0
Hash 1b0410db78adee860a854f78c3300d86
2262031b4b5e3c56b275ca65ef7487f26eb32667
5e987897788a1a7063cfaa14cafbadb3b0d23f9da74d4dd94c55caecee5388fe
GET /core/assets/js/45.772158c8.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 13 Jun 2022 06:43:42 GMT
server: nginx
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
x-amz-server-side-encryption: AES256
x-amz-version-id: aEgB7rZxvs_rhrc47mnGdmzprDAsXGNL
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CVM65_vewjKRPagJ58yZUo0UxGDODj8b-1OnNuHLb1QMJFbJITBNVQ==
age: 7301679
X-Firefox-Spdy: h2
event.api.drift.com/track
3.94.218.138200 OK 13 B URL HTTP/2 event.api.drift.com/track
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /track HTTP/1.1
Host: event.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftdd12e3e439bbbce59aec25205d3
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
targeting.api.drift.com/targeting/evaluate_with_log
3.94.218.138200 OK 13 B URL HTTP/2 targeting.api.drift.com/targeting/evaluate_with_log
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /targeting/evaluate_with_log HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifte201569402d90036074d1ae6fcc
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
event.api.drift.com/track
3.94.218.138200 OK 636 B URL HTTP/2 event.api.drift.com/track
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with very long lines (636), with no line terminators
Hash 87d15db3a452eaaeb7f287022218efcc
6595c6451a59f2ac815416862b6bcafb87f59994
e7bb27c77d1454f7cb98add00b4e90a5f2efe56a592b6e867dc2f97f7b33fe5e
POST /track HTTP/1.1
Host: event.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.yap7qw388K979NKXy_EN02_cIgiWLjfHytnPt7mpPkKv6ZBoFy2NRX8n6KyZ9fM_rf5IhRnJmyD4qlJa4gY-Zw
Content-Length: 481
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: a4c9f500a921c102
content-length: 636
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
targeting.api.drift.com/targeting/evaluate_with_log
3.94.218.138200 OK 337 B URL HTTP/2 targeting.api.drift.com/targeting/evaluate_with_log
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with very long lines (758), with no line terminators
Hash 41dbd25c40c4552c41b4b4319f52e1cb
818f305198d55840cb77ce5d1f1f9e3f2ef062e3
11c2fd02d08a879d4ab4d1da83e527035b6a35c09f4007980385f3d60b772513
POST /targeting/evaluate_with_log HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.yap7qw388K979NKXy_EN02_cIgiWLjfHytnPt7mpPkKv6ZBoFy2NRX8n6KyZ9fM_rf5IhRnJmyD4qlJa4gY-Zw
Content-Length: 781
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: c29b56c7a267bc22
vary: Accept-Encoding
content-encoding: gzip
content-length: 337
x-envoy-upstream-service-time: 2
server: istio-envoy
X-Firefox-Spdy: h2
flow.api.drift.com/flows/render_initial_v3
3.94.218.138200 OK 13 B URL HTTP/2 flow.api.drift.com/flows/render_initial_v3
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /flows/render_initial_v3 HTTP/1.1
Host: flow.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift1acb6b24d3abf9960b00278900d
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI4Mi00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI4MmQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgCgmQQPgwE.WemcbBRyJAy_1OChVjbGhXI4kwOYNs4R814Qn4GEa7k&remote_ip=3.229.58.120&vsn=2.0.0
35.174.210.7101 Switching Protocols 0 B URL HTTP/1.1 presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI4Mi00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI4MmQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgCgmQQPgwE.WemcbBRyJAy_1OChVjbGhXI4kwOYNs4R814Qn4GEa7k&remote_ip=3.229.58.120&vsn=2.0.0
IP 35.174.210.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUxOTI5NDI4Mi00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUxOTI5NDI4MmQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgCgmQQPgwE.WemcbBRyJAy_1OChVjbGhXI4kwOYNs4R814Qn4GEa7k&remote_ip=3.229.58.120&vsn=2.0.0 HTTP/1.1
Host: presence.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://js.driftt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 87oyNkZKg0xDqhRp8w3FLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Mon, 05 Sep 2022 18:58:24 GMT
sec-websocket-accept: g0xMVG3OfLydCu75hAYSrbOzJlg=
server: Cowboy
upgrade: websocket
flow.api.drift.com/flows/render_initial_v3
3.94.218.138200 OK 2.0 kB URL HTTP/2 flow.api.drift.com/flows/render_initial_v3
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with very long lines (4670), with no line terminators
Hash cd58b3226db1690e4f554e85154464cf
7161b448ade8fcbb3865979a8759d2ddb6594651
c7d588d0d93c7adfa7f635cebef352bbbfb3394fc41bdba5dde0fb00c5ec60c1
POST /flows/render_initial_v3 HTTP/1.1
Host: flow.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.yap7qw388K979NKXy_EN02_cIgiWLjfHytnPt7mpPkKv6ZBoFy2NRX8n6KyZ9fM_rf5IhRnJmyD4qlJa4gY-Zw
Content-Length: 534
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: aa91d8f8ee206837
vary: Accept-Encoding
content-encoding: gzip
content-length: 2039
x-envoy-upstream-service-time: 56
server: istio-envoy
X-Firefox-Spdy: h2
driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
151.101.86.208200 OK 64 kB URL HTTP/2 driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
IP 151.101.86.208:0
File type PNG image data, 198 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash 7dff6f4c8033fdc68b6f3907f24bc5b5
8597d602982b6a443fed37a793b1abb1a01585d7
0b7be0f8aae5516aacbec1003ad74f70abe6753178d8baa35b50158455763a94
GET /https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8 HTTP/1.1
Host: driftt.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 14:21:40 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: 89f6c7e85cd8aa2afb3d0448fca046c3f9d74d84
date: Mon, 05 Sep 2022 18:58:24 GMT
age: 3559004
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10070-SJC, cache-bma1646-BMA
x-cache: HIT, HIT
content-length: 64323
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
3.94.218.138200 OK 13 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftdabf5aa4ff6a79647fcc0145b76
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/41.e483d03f.chunk.css
54.230.111.119200 OK 900 B URL HTTP/2 js.driftt.com/core/assets/css/41.e483d03f.chunk.css
IP 54.230.111.119:0
File type ASCII text, with very long lines (900), with no line terminators
Hash 0bd11a8facc0a9d41713c64ed1ba1289
23d92b5b9138666f5c33517d53451a6e2e8ec30a
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
GET /core/assets/css/41.e483d03f.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 900
date: Thu, 09 Jun 2022 19:59:53 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
x-amz-server-side-encryption: AES256
x-amz-version-id: mwravLhifH3zWz1LqFO8ki0npGazXQGv
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q2UxRKC-KAo-Lo2_2MYXANfB_1mRSZoYlEyFw-xXHCoQX29me6Mb9g==
age: 7599511
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/41.c2d27989.chunk.js
54.230.111.119200 OK 303 B URL HTTP/2 js.driftt.com/core/assets/js/41.c2d27989.chunk.js
IP 54.230.111.119:0
File type ASCII text, with very long lines (303), with no line terminators
Hash 46fb25b61455826d8b73185de5673b04
d15a3a86f02f00138438a94e617081380cd58ac1
70164ba4c1b7194f4cc46e423aa055d29e3d927b7e9abe6fecd156dd0270da76
GET /core/assets/js/41.c2d27989.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 303
date: Sun, 12 Jun 2022 06:13:20 GMT
server: nginx
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
etag: "46fb25b61455826d8b73185de5673b04"
x-amz-server-side-encryption: AES256
x-amz-version-id: 21f0wwUZtQS7fqJj7nCeaBcMtRG8zF2Z
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bPyVc1sewKZF8EFXzaEgv4je7hEDUw3fM7z_QMr1JRSezfrLCbrQsQ==
age: 7389904
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/4.3b34b074.chunk.js
54.230.111.119200 OK 158 B URL HTTP/2 js.driftt.com/conductor/assets/4.3b34b074.chunk.js
IP 54.230.111.119:0
File type ASCII text, with no line terminators
Hash 04cb478629934587f65fb92a62238885
4521636fa7b2b5bcfcedaddcf104519ed0629a60
574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e
GET /conductor/assets/4.3b34b074.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 158
date: Thu, 09 Jun 2022 20:00:04 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:21 GMT
etag: "04cb478629934587f65fb92a62238885"
x-amz-server-side-encryption: AES256
x-amz-version-id: nQFxs7iBS66EIffXR7YCiFHZOMBxbEWK
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aDVttoeb9YFGvW9GsVbXqXIbyOavEK_tXBSNhIIjT8JS75RjswDEYg==
age: 7599500
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
3.94.218.138204 No Content 0 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 3.94.218.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.yap7qw388K979NKXy_EN02_cIgiWLjfHytnPt7mpPkKv6ZBoFy2NRX8n6KyZ9fM_rf5IhRnJmyD4qlJa4gY-Zw
Content-Length: 677
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Sep 2022 18:58:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 29bfb22b423b7fb2
x-envoy-upstream-service-time: 9
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
54.230.111.119206 Partial Content 7.8 kB URL HTTP/2 js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
IP 54.230.111.119:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 5f7c6014cf73831f91963a668b71fbb9
c49eafebb17d0ae937eaa47e8f81392a8e271b69
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
GET /conductor/assets/media/notification.5f7c6014.mp3 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 7755
date: Fri, 20 May 2022 04:40:28 GMT
server: nginx
last-modified: Wed, 18 May 2022 17:52:15 GMT
etag: "5f7c6014cf73831f91963a668b71fbb9"
x-amz-server-side-encryption: AES256
x-amz-version-id: wV32vUIfShKu7wTOM.13Fb46XZ95E34K
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-range: bytes 0-7754/7755
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Eiwp8z_wdlXZH3DWjlNpN4BeAhFzX-8gHYSvMnOw5Nd_N5q_urTTSg==
age: 9382676
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
3.94.218.138200 OK 13 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 3.94.218.138:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:25 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift7bf51dd4e9fa87f2e68a987efee
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
3.94.218.138200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 3.94.218.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUxOTI5NDI4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk0MDMwMywiaWF0IjoxNjYyNDA0MzAzfQ.yap7qw388K979NKXy_EN02_cIgiWLjfHytnPt7mpPkKv6ZBoFy2NRX8n6KyZ9fM_rf5IhRnJmyD4qlJa4gY-Zw
Content-Length: 717
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:25 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: f49028ab0a58ada2
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 13
server: istio-envoy
X-Firefox-Spdy: h2
public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
172.67.135.29200 OK 0 B URL HTTP/2 public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
IP 172.67.135.29:0
GET /fonts/gordita/gordita-regular-webfont-woff.woff HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: application/font-woff
x-amz-id-2: 95MUxLnCbIkss2kA/sLeKT8+0bdlFMCPvmC7RPdOn7SvMYvPB6nvjEu+0c5e3j5tF3BW5GIvYN4=
x-amz-request-id: MCMBQYEM5T8KRTGT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 31 May 2021 12:44:51 GMT
x-amz-version-id: hx7AXNg7K1e1RTazyN_0DpBGtio5OElw
etag: W/"951cf61fb8b08593af1d6466359e32fe"
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RewdqiRZtiGsFUkGgwfWRdHNTPX8Pez2bL5ckala%2FPiQrEt8cZPwUqqztLZQ%2B%2FEU%2BijZ7HItZVTPVR4GUZjyk21RBrO4%2Bj8ClICNjGsnDecYlAgOce2PXlpCAUUJv8uSXmzEkX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7461321d4974b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/main~493df0b3.ac3a9470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:04 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:58 GMT
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
x-amz-server-side-encryption: AES256
x-amz-version-id: hiapbHKSV4DShQCB29I8q9ZEQ_orBvh8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eBdgQgB1YHwZMQpSOAeg31Xlc3d_OWOh2xSDEQvHBkTvAql8n7SQ4A==
age: 5514197
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/39.0cc86423.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/39.0cc86423.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/39.0cc86423.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 21 Jul 2022 05:13:08 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
x-amz-server-side-encryption: AES256
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pOnitAdOoalfCn7sj1JCGGw6IdeZgrv11NBHce0f5LygRax9WzXp9g==
age: 4023913
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/1.2539d882.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/1.2539d882.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/1.2539d882.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:23 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:14 GMT
etag: W/"b2b42f2c656523eb815001ce11edca28"
x-amz-server-side-encryption: AES256
x-amz-version-id: fIE_oAo1FKBhU1h.XRllzJ0k6ca8W79P
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MdKTDaghYKcHUYWOFARNZ5UkulpGHhU6Zw9JUEdtuynZ1Qb8idcCGQ==
age: 884279
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
172.67.135.29200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
IP 172.67.135.29:0
GET /latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=97779
etag: W/"8569d08b93b65be6f73bca7e48e87a62"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: yDCQICvlfw4STe+c4Sag4iLPKh3kOygEEUUGblnTNA+lORCIMMdsOiV8G7dkISpVntFmUJESm/o=
x-amz-request-id: JEXB42GMV33KW9BZ
x-amz-version-id: _R6iCM.mJZnl7dJcxLE_Si6lPTW3nGop
cache-control: max-age=2073600
cf-cache-status: HIT
age: 886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB9tgy2%2BULkouFrkmTRcHsSlN1ipkjox%2FfONQVDV1QiUqnuVgF2aF%2BoawKQs6QD1alIdUW8vkAdoSSaApTEPOwagTQNdWMbupQfXuSUtN0PdJ3d2skUoQ3xUXeHINAN6N1jt7rg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461321d2827b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap
3.94.218.138200 OK 0 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap
IP 3.94.218.138:0
POST /widget_bootstrap HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 576
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 83acc81c5c143b9d
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 272
server: istio-envoy
X-Firefox-Spdy: h2
p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20%28Fundamentals%29%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&tdc=1
52.25.226.66200 OK 0 B URL HTTP/2 p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20%28Fundamentals%29%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&tdc=1
IP 52.25.226.66:0
GET /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20%28Fundamentals%29%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&tdc=1 HTTP/1.1
Host: p.alocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ppmglobalservices.com/
Connection: keep-alive
Cookie: uuid=75a1d57b-6905-4a88-81f3-3c04a39092d1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:23 GMT
content-type: image/GIF
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: uuid=75a1d57b-6905-4a88-81f3-3c04a39092d1; domain=.alocdn.com; path=/; expires=Tue, 05 Sep 2023 18:58:23 GMT; secure; SameSite=None
_ep=1662404303; path=/; expires=Mon, 05 Sep 2022 18:58:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
IP 54.230.111.119:0
GET /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 05 Sep 2022 18:58:21 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dGBZ8nQ8ENEyL7oUrC_bQmsP3BCoWfbdrvNbIpV4SfxDbfsZXiYHmA==
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/16.fde6fa28.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 21 Jul 2022 03:22:54 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
etag: W/"90795af8c950a50300cf801b300db7ab"
x-amz-server-side-encryption: AES256
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jifg8lx5Bdt9BGRwMu2AR8Y__WfV6EJbYrVX-8MC4sehifbX60xHgg==
age: 4030527
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/19.c6476f9e.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"577a5b4c4d4e15fe510f6e9d62882f27"
x-amz-server-side-encryption: AES256
x-amz-version-id: iwfAR0XWOD35qtGdWcZt_c4r2xii5fG_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H9YR1h0LdAMveMnJSmQF8k8rRdSIztYU1Iw-Vh_2YDtG9h4uQs9YOQ==
age: 884280
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
IP 151.101.85.46:0
Analyzer Verdict Alert fortinet Malware
GET /js/site/main-customer-accounts-site.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 23:32:06 GMT
etag: "630957f6-8250f"
expires: Mon, 12 Sep 2022 12:37:57 GMT
cache-control: max-age=1209600
x-host: blu121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 18:58:19 GMT
age: 627621
x-served-by: cache-sjc10072-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662404299.185306,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158975
X-Firefox-Spdy: h2
www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
104.22.51.245200 OK 0 B URL HTTP/2 www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
IP 104.22.51.245:0
GET /exit-popup/u/weebly_exit-popup_409384088895357867 HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/html; charset=utf-8
link: <https://public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js>; rel=preload; as=script; nopush
cache-control: max-age=1800, public
vary: Accept-Encoding
x-request-id: 928a20cb-e108-4e9a-acdd-416b37da1ccf
x-runtime: 0.045986
via: 1.1 vegur
cf-cache-status: HIT
age: 5617
server: cloudflare
cf-ray: 7461321c9e92b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/52.b6e19470.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/52.b6e19470.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/52.b6e19470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 15 Aug 2022 14:58:15 GMT
server: nginx
last-modified: Mon, 15 Aug 2022 14:54:41 GMT
etag: W/"bad20cb6447399d927f280df2d62ca0c"
x-amz-server-side-encryption: AES256
x-amz-version-id: RsSkBCjzvBw3GerIVkk_9htbmnC6yc51
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v8x53P9OPSZ4VJ6VeCyigcoRLiC5-xBG8qekkSy4jAgmI2JescqOHg==
age: 1828809
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/20.8c21ea18.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:49 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
etag: W/"6d77a76055d81227033363af2f18caf8"
x-amz-server-side-encryption: AES256
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ppd0wEezpl4-hP9n86inWaqy_T3tI66P1z3SA7SQ6rfm4QK0I2PArg==
age: 7599512
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/28.ed383893.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/28.ed383893.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/28.ed383893.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 12 Jul 2022 08:05:31 GMT
server: nginx
last-modified: Mon, 11 Jul 2022 14:16:17 GMT
etag: W/"910117b3f0a0501f693606963bfe4daf"
x-amz-server-side-encryption: AES256
x-amz-version-id: AvxSunSgeBTQzaCE.4f6vvhlOyihsj6Q
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ALK3cqOeCpYeqLxl1Gk5LrptLhf2siaiKYCsIFl2SJSoA3Z8-RS_ww==
age: 4791170
X-Firefox-Spdy: h2
www.powr.io/cached/30868889.json
104.22.51.245404 Not Found 0 B URL HTTP/2 www.powr.io/cached/30868889.json
IP 104.22.51.245:0
GET /cached/30868889.json HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: iFOFU21aev1xmOBMySAjLdqjD8Ors28OGAfwAEk1yNDZ7dT69EmG0L42_vshVBp69LO9qbTrKuLV2miytYTccA
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: application/json
cache-control: max-age=300, public
vary: Accept-Encoding
x-request-id: 1fe14506-4056-46eb-a25d-c1fd949a50bf
x-runtime: 0.020703
via: 1.1 vegur
cf-cache-status: HIT
age: 5616
server: cloudflare
cf-ray: 7461321fdb79b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/18.c13b3a33.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/18.c13b3a33.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/18.c13b3a33.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 06 Jul 2022 01:05:58 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
x-amz-server-side-encryption: AES256
x-amz-version-id: pxNOQ93Ry3SgjvjCpTdQZ2Sx3uMbDhCG
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GixgY56W8HtQ5XrT3NI7KGPiIIvVMwEv3E2k5ndQHbsY1rAyNCd6KQ==
age: 5334743
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/13.3e86f1f6.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 03 Aug 2022 20:28:27 GMT
server: nginx
last-modified: Wed, 03 Aug 2022 20:13:17 GMT
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
x-amz-server-side-encryption: AES256
x-amz-version-id: p9hPb_BoaQT.rfo1ve74yYgdVe7_JTph
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fE0dwJTpitb-oeln9qZiLcYfW8mecdJrKxjRX95kJpeUYgIu1zDszA==
age: 2845794
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/9.535a3a94.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/9.535a3a94.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/9.535a3a94.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:17 GMT
etag: W/"073dafbb4b9bd1b881e6475386b712ee"
x-amz-server-side-encryption: AES256
x-amz-version-id: oCovUdRwAlg.GGR_hVxwJrKIYj.O.YqJ
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d2PCHzPqLz_9Q-t99LoF8BO5ma3rmWyvb7xo5ukmg9Kg6_qIbl6r0Q==
age: 884279
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/31.1f8907d7.chunk.css
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/css/31.1f8907d7.chunk.css
IP 54.230.111.119:0
GET /core/assets/css/31.1f8907d7.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662404294435
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 26 Aug 2022 13:20:23 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
etag: W/"cea19cf62d3d6bd9d3f16433e69c8464"
x-amz-server-side-encryption: AES256
x-amz-version-id: y_GckAHSFRel3MT0hH2mIHQBZxv6gp4Z
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rbxJDXAJG9jgF0yJJxaOBHy3jUQx5nrDkdjSwnjtp0Xt2Iy0wdSRSg==
age: 884279
X-Firefox-Spdy: h2
p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
52.25.226.66302 Found 0 B URL HTTP/2 p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html
IP 52.25.226.66:0
GET /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20(Fundamentals)%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html HTTP/1.1
Host: p.alocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Sep 2022 18:58:23 GMT
content-type: image/GIF
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: uuid=75a1d57b-6905-4a88-81f3-3c04a39092d1; domain=.alocdn.com; path=/; expires=Tue, 05 Sep 2023 18:58:23 GMT; secure; SameSite=None
location: /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%252265244999-2a82-4c5d-9344-1fdf51cde290%2522%257D&title=3-Day%20Primavera%20P6%20Professional%20%28Fundamentals%29%3A%20February%2014-16%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F3-day-primavera-p6-professional-fundamentals-october-24-26-2022.html&tdc=1
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:19 GMT
date: Mon, 05 Sep 2022 18:58:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 18:58:19 GMT
date: Mon, 05 Sep 2022 18:58:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.driftt.com/include/1662404400000/37carub7tx2z.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/include/1662404400000/37carub7tx2z.js
IP 54.230.111.119:0
GET /include/1662404400000/37carub7tx2z.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 18:58:19 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:54 GMT
etag: W/"bc71b7869279b01fc51fdc51af940b5e"
x-amz-server-side-encryption: AES256
x-amz-version-id: U0sriocF4WN07Hm2ZGmHfXq6eJt2Gqm6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k0f1DSUb8CAczrGB8U9ONz7I-6WN1vws4-9oDKiFdfcN9jzk9BMQdg==
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
172.67.135.29200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
IP 172.67.135.29:0
GET /latest/assets/packs/apps/popup-f33e99cf847514d727de.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=851396
etag: W/"ee82673a7e322032869f0ffc2fc04181"
last-modified: Thu, 01 Sep 2022 03:58:38 GMT
x-amz-id-2: LoDyI4+1h+Zasn7aJKIHIbMFZzo5XfzA7+BwoNRoQV72B4Ej1CoYi+/sqz5RcjObmudbGFB7aps=
x-amz-request-id: HGVP722SCYBSMERS
x-amz-version-id: YrU1NsHh6T9wJQiLY2b7sIlGTYfAz08U
cache-control: max-age=2073600
cf-cache-status: HIT
age: 1726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO%2B3QhRDmqbPT6GJoqBTYk3q5JOlGFPD6gPjYkp%2BQvRRPCcOCbeVmEdR%2FZNjSvohPAByepPu4EVGmsyWWzZF2voMK7I0QGsYlAIEcmOAaRcFJtqvV0xG6ZA0raAFJudnCalfTPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461321d384db4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/37.9da17c94.chunk.js
54.230.111.119200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/37.9da17c94.chunk.js
IP 54.230.111.119:0
GET /core/assets/js/37.9da17c94.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=18f24701-6440-4cb6-8a02-49ee2e91235d&sessionStarted=1662404296.858&campaignRefreshToken=8c125a92-36c9-43be-9bf6-d7cbac4fb4f3&hideController=false&pageLoadStartTime=1662404294435&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:50 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
x-amz-server-side-encryption: AES256
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bhcNXGNlZvtztreZDSIgbwBJqPIfB91RalTXtL0_m8BHR3MvJdPStQ==
age: 7599511
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
172.67.135.29200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
IP 172.67.135.29:0
GET /latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=460092
etag: W/"2cbef8bacb84cdf787933b228259ff66"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: qxS5P9nVRloAMtY1/Std2bGuR4hJhngLzDJZE+ZqrfK6/O7Xzo8eoRGQkMFBcOuzuYC/JNtV1oY=
x-amz-request-id: JEXFR41C22J62QTC
x-amz-version-id: aj8fAoKkazrla.jf97zf5WM0XDyxJjz9
cache-control: max-age=2073600
cf-cache-status: HIT
age: 1362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFr7OYlt1bnWa77dZWxgHT16vDl%2BKUI%2BS1AoSL6tOX399lbcwjf%2F6GELVz6dKE2Ow0t3F98C5O3MqFeJeeJIbYo5NEqdP8LTnIHHiDCVQpFqxhQC7fy4R9tWSEN4JSCYr8LIa6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461321cffe2b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
172.67.135.29200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
IP 172.67.135.29:0
GET /latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 18:58:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1443415
etag: W/"e822d53e710d360db765376e1873e372"
last-modified: Thu, 01 Sep 2022 03:58:42 GMT
x-amz-id-2: FrjuXVwd1e+9GMZYRdksjgJsn2Et0uAGrKgKRbuNzwZ3DkbPkqSdE4XbJD0Bv334KB7ziN513fo=
x-amz-request-id: JEX3K38M52ZRN61H
x-amz-version-id: VfKcndbtSJ.nMTq7neTviROxPhDVKHZc
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2762
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyveABb40b0pRGwpkAiMTTUsEk5b5yP8lO0sH591SZmosVMJvCpvEtbKMvcALaiBwKOEEgold8rLcS6wpAGeLwholQ0ltdddyR9H%2BDRgLI4q0G8beiL9nAxr7dm6uDafVsvm2RE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461321d2830b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2